Re: setup gitosis on Fedora 11

[Sitaram Chamarty <sitaramc@gmail.com>]

On Sat, Jul 18, 2009 at 3:15 AM, brizly vaan van
Ulciputz<brizly@freenet.de> wrote:

> i tried to setup gitosis on a Fedora 11 system,
> since i dont seem to be the only person having trouble here,
> i am asking here now.
>
> someone pasted that:
> http://paste.org/pastebin/view/9154
> and that's just the way i did it and the way i end in :-(
>
> with the only difference i was using another 'tutorial'
> http://www.shakthimaan.com/installs/gitosis.html
>
> i tried a bit an sometimes ended in the prompt to enter password for
> gitosis@server after "git push..." No idea what to do.
>
> I asked #git and #fedora on freenode, was referred to this list.
> So can anyone gimme a hint?

line 12 in the first pastebin (and there's no need to use pastebins for a few
lines on the mailing list; it's on #git that is really needed!) says
    ERROR:gitosis.serve.main:Repository read access denied

This means you got past ssh issues, which is further along than most people
who come to #git with gitosis problems :-)

This error could mean one of the following:

(1) you're using the wrong key/repo pair.  Of course your key *is* in
gitosis.conf but the repo you're trying to push to isn't, or doesnot
list you as one of the valid users

(2) your gitosis.conf is all correct, but you forgot the "chmod" somewhere
above, and the post-update hook never ran, so the real gitosis.conf (which
gitosis uses -- this is ~git/.gitosis.conf) doesn't have the same data

I also don't like that howto; it appears to be doing everything on one
machine, with the same userid, so people who don't grok ssh very well will
still have trouble even after all this is done to translate that knowledge to a
real deployment.

Bottom line: here's what should match for that error to go away:

  - the public key corresponding to the private key your client-side ssh is
    using
  - must match *exactly* one of the public keys in the server-side
    ~git/.ssh/authorized_keys

[this is probably OK in your case, but please check there is *exactly one*.  I
have a vague memory of seeing a case when someone adds a key twice with
different usernames in error.  Ssh picks up perhaps the first one, while your
gitosis.conf talks about the second one...]

and

  - the name after "gitosis-init" on the pubkey line that matched above
  - must match a username in ~git/.gitosis.conf (which is a symlink to
    something but never mind)

and

  - this username must be mentioned in the members= line of some section in
    gitosis.conf which also has "writable = my-first-repo"

You can check *all* of this by looking at ~git/.gitosis.conf and
~git/.ssh/authorized_keys on the server and ~/.ssh/id_[rd]sa.pub on your
client