From: John Griessen <john@ecosensory.com>
To: git@vger.kernel.org
Subject: Re: git-daemon serving repos with repo.git/git-daemon-export-ok
Date: Mon, 03 Jan 2011 19:58:47 -0600 [thread overview]
Message-ID: <4D227ED7.9010407@ecosensory.com> (raw)
In-Reply-To: <20110103235501.GA32262@burratino>
On 01/03/2011 05:55 PM, Jonathan Nieder wrote:
>> I can push to these repos with gitosis, and the permissions are:
>>
>> vking@mail:/srv/gitosis/repositories$ ll
>> total 16
>> drwxr-xr-x 7 gitosis gitosis 4096 Dec 30 12:32 extrudator.data.git
>
> So the gitdaemon user (used by git-daemon-run) wouldn't be able to
> access them.
It would be able, since I used
sudo strace -o strace.out /usr/lib/git-core/git-daemon --verbose --strict-paths --user=git --group=gitosis /srv/gitosis/repositories
git-daemon was asked to run as --user=git --group=gitosis, so it had read permissions and
there was no user git-daemon anymore -- removed it from /etc/passwd.
>
>> vking@mail:/etc/sv$ cat strace.out
>> execve("/usr/lib/git-core/git-daemon",
>> ["/usr/lib/git-core/git-daemon", "--verbose", "--strict-paths",
>> "--user=git", "--group=gitosis", "/srv/gitosis/repositories"], [/*
>> 10 vars */]) = 0
>
> In this case simple --verbose output would probably be more useful.
> (That's what cat-ing /var/log/git-daemon/current would have given
> if git-daemon-run were still installed.)
I tried this
sudo /usr/lib/git-core/git-daemon --verbose --strict-paths --user=git --group=gitosis /srv/gitosis/repositories &>git-daemon-err.log
vking@mail:~$ cat git-daemon-err.log
and git-daemon-err.log was empty. Not the same as the /etc/sv/run script. Should I reinstall
debian's git-daemon-run to do some tests?
>
> Thanks for the strace. I should have mentioned that strace -f can
> help by following child processes, though that doesn't seem to be
> an issue here. It looks like another git-daemon process is running at
> the same time? (One can check with "netstat -t -a".)
Nope, not as far as I can see. What suggests that?
vking@mail:/etc/sv$ netstat -t -a
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:discard *:* LISTEN
tcp 0 0 *:git *:* LISTEN
tcp 0 0 localhost:mysql *:* LISTEN
tcp 0 0 *:daytime *:* LISTEN
tcp 0 0 localhost:sunrpc *:* LISTEN
tcp 0 0 *:www *:* LISTEN
tcp 0 0 localhost:690 *:* LISTEN
tcp 0 0 cottagematic.com:domain *:* LISTEN
tcp 0 0 mail.cibolo.us:domain *:* LISTEN
tcp 0 0 localhost:domain *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
tcp 0 0 *:telnet *:* LISTEN
tcp 0 0 localhost:postgresql *:* LISTEN
tcp 0 0 *:smtp *:* LISTEN
tcp 0 0 *:time *:* LISTEN
tcp 0 0 *:ldap *:* LISTEN
tcp 0 0 mail.cibolo.us:ssh cpe-66-68-104-159:47248 ESTABLISHED
tcp 0 224 mail.cibolo.us:ssh cpe-66-68-104-159:47247 ESTABLISHED
tcp6 0 0 *:pop3 *:* LISTEN
tcp6 0 0 *:imap2 *:* LISTEN
tcp6 0 0 *:ssh *:* LISTEN
tcp6 0 0 *:imaps *:* LISTEN
tcp6 0 0 *:pop3s *:* LISTEN
tcp6 0 0 *:ldap *:* LISTEN
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:58203 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:58226 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:48747 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:58175 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:58174 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:48951 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:52013 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:52012 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:52015 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:52014 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:47076 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:47079 ESTABLISHED
tcp6 0 0 mail.cibolo.us:imaps cpe-66-68-104-159:47078 ESTABLISHED
John Griessen
next prev parent reply other threads:[~2011-01-04 1:58 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <S1751603Ab1ACU6e/20110103205834Z+1762@vger.kernel.org>
2011-01-03 21:49 ` git-daemon serving repos with repo.git/git-daemon-export-ok John Griessen
2011-01-03 22:47 ` John Griessen
2011-01-03 23:11 ` Jonathan Nieder
2011-01-03 23:38 ` John Griessen
2011-01-03 23:55 ` Jonathan Nieder
2011-01-04 1:58 ` John Griessen [this message]
2011-01-04 2:11 ` Jonathan Nieder
2011-01-04 3:09 ` Jonathan Nieder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D227ED7.9010407@ecosensory.com \
--to=john@ecosensory.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).