tv42 / gitosis Goto Github PK

Hi, the last release was 8 years ago. Would you mind making a new one so we can package it in Arch?

On a server machine, I init gitosis with the root's public key, and git clone git@host:gitosis-admin.git, and terminal prompted me to input git's password, it just can't clone gitosis-admin.git.

Then I deluser git and init gitosis with a local machine's id_rsa.pub, and clone gitosis-admin.git in the same machine, everything just fine.

So, can I manage gitosis-admin.git in the same machine after init?
btw, how to read gitosis?
[git to sys]?

any help is greatly appreciated.

By my reading of ssh.py and sshd(8), section "AUTHORIZED_KEYS FILE FORMAT", the risks being blocked by this username validation are:

• Double-quote: would close the command= option
• Backslash and comma: potentially risky because the parsing isn't clearly specified
• Whitespace: would prematurely terminate the username argument to gitosis-serve
• Shell special characters: unspecified whether sshd runs the command through a shell so best to assume it does; also the user is passed to hooks through the GITOSIS_USER environment variable
• Non-printable-ASCII characters: uncertain

The last two suggest that the exact set of safe characters is system- and perhaps even locale-dependent. Nonetheless, we can say for certain that what constitutes a valid username, hostname, or email address on any particular system does not enter into it.

I got bit by this, and I'm not the only one, so might I suggest the more permissive yet still conservative regexp:

^[a-zA-Z0-9@_.-]+$

Incidentally, this is closer to what one might have expected from reading the commit message on cbea178.

A risk would be if people have built hooks using GITOSIS_USER that rely on the current validation. Given that it's not documented as any sort of stable thing, I would suggest that such users should either be doing their own validation or else looking closely for any changes that might affect their assumptions before upgrading.

Per sshd(8), on the authorized_keys file format:

Each line of the file contains one key (empty lines and lines starting with a `#' are ignored as comments).

Perhaps one shouldn't assume that gitosis keydir/*.pub files use an identical format; still, it would be less surprising if comments and empty lines were recognized. Currently you can end up with junk like:

command="gitosis-serve test",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty # test comments, empty lines
command="gitosis-serve test",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty 
command="gitosis-serve test",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAA...== test

Hello!
In Ubuntu 12.04 the hooks didn't work. Pushing to the gitosis-admin repo didn't
refresh the config file or the ssh keys.

There were two problems with the post-update hook for the gitosis-admin repo.

1. It wasn't executable, and needed chmod +x

         chmod +x  <gitosis_home>/repositories/gitosis-admin.git/hooks/post-update

2. It used old git commands, which are found now in '/usr/lib/git-core' as symlinks.
   The fix for that is to add:

         PATH=$PATH:/usr/lib/git-core
         export PATH

to the first lines of the 'post-update' hook.

After this, it works like a charm.
Please include the fix if you can, so that other people can use gitosis in ubuntu.
Thanks so much for gitosis!!!!

Perhaps the documentation can refer to https://github.com/thomergil/gitosis-docker

When i create the repository, at the moment to execute the git push is given a fatal error
fatal: 'repo-name.git' does not appear to be a git repository
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

i have regenerated the public key lot of times, refollowed all the steps and this error continues

setup.py still reports version 0.2.

Where I can find rpm package for gitosis at CentOS7 ? For CentOS6 I found in EPEL6, but in EPEL7 missing. Why?

Thanks

I saw the following error when trying to use eagain.net:

git clone git://eagain.net/gitosis.git
Cloning into 'gitosis'...
fatal: unable to connect to eagain.net:
eagain.net[0: 192.237.217.227]: errno=Connection refused
eagain.net[1: 2001:4800:7813:516:fa64:3a5d:ff04:7851]: errno=Network is
  unreachable

progit/progit#668

If you push an update of gitosis-admin with an invalid gitosis.conf file, you can't access any repositories anymore, you will always receive a ConfigParser.ParsingError until you fix the gitosis,conf on the server.

There should be a protection:
When the gitosis-admin repository receives an update, the gitosis.conf should be checked if it is still valid, if not, then the update should be rejected.