* git-daemon whitelist issue
@ 2008-05-24 14:04 Jose Luis Rivas Contreras
2008-05-26 9:06 ` Andreas Ericsson
0 siblings, 1 reply; 2+ messages in thread
From: Jose Luis Rivas Contreras @ 2008-05-24 14:04 UTC (permalink / raw)
To: git
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[Please CC me, I'm not subscribed]
Hi, I know this will be a dummy question but I cannot find how to solve
this trying in several ways but none of them work. The issue is that
when I try to clone I get:
May 24 09:25:39 jooga git-daemon: [14724]
'/home/repo/git/xscreensaver.git': not in whitelist
My git-daemon conf is this:
8< -----
service git
{
disable = no
type = UNLISTED
socket_type = stream
protocol = tcp
user = nobody
wait = no
server = /usr/bin/git-daemon
server_args = --inetd --export-all
}
8< -----
I've tried with `--inetd --export-all /home/repo/git', `--inetd
- --export-all --base-path=/home/repo/git /home/repo/git', with
interpolated to with a symlink but nothing works, I'm trying with:
git clone git://repo.ghostbar.ath.cx/home/repo/git/xscreensaver.git noseless
Anyway, cloning trough http worked but is not what I want :)
Any toughs?
Regards.
- --
Jose Luis Rivas. San Cristóbal, Venezuela. PGP: 0xCACAB118
http://ghostbar.ath.cx/{about,acerca} - http://debian.org.ve
`ghostbar' @ irc.debian.org/#debian-ve,#debian-devel-es
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIOCCKOKCtW8rKsRgRArKWAKDFE4f1vbXZeuchYeQA7SnVqOzRdACdGWLs
MHWJpXTr5189qCEm07IX59w=
=5g4F
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: git-daemon whitelist issue
2008-05-24 14:04 git-daemon whitelist issue Jose Luis Rivas Contreras
@ 2008-05-26 9:06 ` Andreas Ericsson
0 siblings, 0 replies; 2+ messages in thread
From: Andreas Ericsson @ 2008-05-26 9:06 UTC (permalink / raw)
To: Jose Luis Rivas Contreras; +Cc: git
Jose Luis Rivas Contreras wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> [Please CC me, I'm not subscribed]
>
> Hi, I know this will be a dummy question but I cannot find how to solve
> this trying in several ways but none of them work. The issue is that
> when I try to clone I get:
>
> May 24 09:25:39 jooga git-daemon: [14724]
> '/home/repo/git/xscreensaver.git': not in whitelist
>
> My git-daemon conf is this:
> 8< -----
> service git
> {
> disable = no
> type = UNLISTED
> socket_type = stream
> protocol = tcp
> user = nobody
> wait = no
> server = /usr/bin/git-daemon
> server_args = --inetd --export-all
> }
> 8< -----
>
> I've tried with `--inetd --export-all /home/repo/git', `--inetd
> - --export-all --base-path=/home/repo/git /home/repo/git', with
> interpolated to with a symlink but nothing works, I'm trying with:
>
Specifying a symlinked path won't work. git-daemon (being of the
one-shot-fork school of programs) simply does a chdir() to the
requested directory and then getcwd(), which will never consider
symlinks. This is a security feature, since directory recursion
attacks will never ever work.
> git clone git://repo.ghostbar.ath.cx/home/repo/git/xscreensaver.git noseless
>
When you specify base-path, you tell git-daemon to prepend the
base-path to the directory the user requests.
Start git-daemon like this:
git-daemon --base-path=/home/repo/git --export-all
then do
git clone git://repo.ghostbar.ath.cx/xscreensaver.git
and it should work, assuming /home/repo/git/xscreensaver.git
has no symlinks in it.
--
Andreas Ericsson andreas.ericsson@op5.se
OP5 AB www.op5.se
Tel: +46 8-230225 Fax: +46 8-230231
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-05-26 9:07 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-05-24 14:04 git-daemon whitelist issue Jose Luis Rivas Contreras
2008-05-26 9:06 ` Andreas Ericsson
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).