Re: [PATCH v3] Smart-http documentation: add example of how to execute from userdir

[Tarmigan <tarmigan+git@gmail.com>]

On Mon, Jan 4, 2010 at 6:06 AM, Shawn O. Pearce <spearce@spearce.org> wrote:
> Junio C Hamano <gitster@pobox.com> wrote:
>> I still see Cc: here; are people named above (and others commented on
>> earlier versions) happy with this round?
>
> I don't get why Options +SymLinksIfOwnerMatch is needed here.
>
> If we are linking to the root installed git-http-backend Apache
> will actually reject the link, because the link owner is likely to
> be $USER while the target is owned by root.
>
> So I really can't ACK this, the instructions don't jive with my
> understanding of the Apache configuration.

Fair enough.

There seem to be three reasonable ways to run from a userdir
(depending on what the global configuration allows):
- symlink to global git installation (if FollowSymLinks)
- symlink to user's git installation (if not FollowSymLink and only
SymLinkIfOwnerMatch)
- copy of git-http-backend binary (if no symlinks are followed)

The Options +SymLinksIfOwnerMatch is left over from when there was a
more detailed description of the second scenario and should probably
be removed now.  The user may not have a choice about which of those
three can be used because it depends on the global server
configuration (which presumably the user does not control) so it's
difficult to provide instructions that will work for everyone.  The
last option is likely to be the most portable, but also does not get
updated when the primary http-backend binary is updated.

Enumerating the details of setting up all of these configurations in
the man page seems excessive, but it would also be nice to have enough
information to still make it easy.

We could do one or more of the following:
- Remove the Options +SymLinksIfOwnerMatch as it is too specific to an
unknown configuration and let users figure out how to get symlinks to
work for their particular configuration
- Add a note to remind the user about SymLinksIfOwnerMatch or FollowSymLinks
- Emphasize copying git-http-backend binary into the cgi-bin directory
as that is likely the most portable across configurations
- Expand all three scenarios in detail

I'm inclined to do the first two with the following patch (cut-n-paste
warning) squashed in.  I'll send the complete patch as a follow up.

Thanks,
Tarmigan

diff --git a/Documentation/git-http-backend.txt b/Documentation/git-http-backend
index 0485033..7af1288 100644
--- a/Documentation/git-http-backend.txt
+++ b/Documentation/git-http-backend.txt
@@ -160,13 +160,14 @@ From UserDir on Apache 2.x::
 +
 ----------------------------------------------------------------
 SetHandler cgi-script
-Options +SymLinksIfOwnerMatch
 SetEnv GIT_PROJECT_ROOT /home/$username/devel
 ----------------------------------------------------------------
 +
 Also add any needed authentication to the .htaccess file as discussed
 in earlier examples.
 +
+Depending on the global configuration of the web server, the
+"FollowSymLinks" or "SymLinksIfOwnerMatch" options might be needed.
 If the web server does not follow any symbolic links, the
 'git-http-backend' executable may be copied into the cgi-bin directory
 and renamed to 'git' to acheive the same effect, but it will also need