hg-ssh - cannot clone repository, but pull/push works - linux

I am trying to setup a new mercurial server (first time for me), serving with hg-ssh and am running into the problem that I can pull and push, but not clone a repository to the server.
In .ssh/authorized_keys on the server, I have the following line before the key:
no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command=".../hg-ssh
repos/*"
Without this line, cloning the repository works, so it's not a path issue.
I am somewhat baffled by this, because I would have expected hg-ssh to allow for cloning - am I wrong in assuming this?
Is there some config I might have missed?

I was unable to determine from the documentation whether hg-ssh should allow cloning to the server.
What I have done is change the line
command=".../hg-ssh repos/*"
to
command="[path]/allowed-commands.sh
and implemented the script following https://serverfault.com/a/803873, redirecting all 'hg init' calls to hg directly, while redirecting all pull/push requests to hg-ssh.
This works fine for pull/push and clone.

Related

Log4j-Audit Getting Started fails for Catalog Editor

Was doing the Log4J-Audit getting started at https://logging.apache.org/log4j-audit/latest/gettingStarted.html
In the Catalog Editor section found some problems:
Download jar url was incorrect, missing "log4j-audit" folder
wget url was incorrect, had an extra 1.0.1 folder
git remote -v was set to ${remoteRepoUrl} instead of actual http://github.com/etc address. And the repo was not pulled. The .git folder was found but the git pull never happened. I think this might be related to proxy server but not sure if git supports a Variable.
Am I doing it wrong or are the instructions incorrect?
Where can I report such a problem?
In the end, I manually changed the
git remote set-url origin http://github.com/etc
did a manual git pull, and then the UI finally came up.
So, #1 and #2 are still a problem.
Because I have a corporate proxy server which also requires a user/password
3 was solved with adding system env vars like this
java -Dhttps.proxyHost=myProxyServer -Dhttps.proxyPort=8080 -jar log4j-catalog-editor-1.0.1.jar
It does seem that the sun.net.HTTPSClient class which is called, does not mention using Basic Auth so not convinced why it works.
A new thing I found in the Getting Started tutorial is that it's important to change the branch=master in the application.properties.

git pull with access token, git push with username / password

I've got a problem with git push. Here are many threads regarding this issue, but none of them fit to my problem.
The company I work for, has it's own gitlab. Policy is only https, no ssh is allowed. For cloning and pulling, an access token is required. Pushing only with username/password. Don't ask me about the underlaying reason. Unfortunately I don't know it.
Error message is:
$ git push
fatal: unable to access 'https://<username>:<AccessToken>#<domain>/<owner>/<reponame>.git/': The requested URL returned error: 403
At least I alread was able to clone a repo, but I'm failing to push the changed content respectively. Ubuntu 18.04 is running on my laptop.
What do I need to do to solve my issue?
You already know that every remote stores a URL: origin literally means https://<username>:<AccessToken>#<domain>/<owner>/<reponame>.git/.
What you didn't know is that every remote actually stores two URLs. One is used for git fetch, and the second one is used for push. The second URL defaults to being the same as the first URL, but if you set it, you can set it to anything else, such as the URL without the access token. To set the second URL, you can use git remote set-url --push:
git remote set-url --push origin <url>
If you're like me, you might want to know about git config --edit as well, which will open the configuration file (typically just .git/config) in the same editor you're having Git use for everything else, where you can just edit it directly. But git remote is the tool designed for fiddling with the settings attached to each remote-name.

Git push to cPanel account - Push did not update modified file

SOLUTION BELOW - How to use git to push to cpanel server
I finally got somewhere with setting up Git between my localhost (WAMP setup on Windows 8.1) and my Linux server (CentOS 6.6 x64 with cPanel 11.46.2).
Locally I created a bare clone: git clone --bare my_project my_project.git
NOTE: my_project is an example name, not the real name, and from this doc here: http://git-scm.com/book/en/v2/Git-on-the-Server-Getting-Git-on-a-Server
I copied the my_project.git folder to my server's root directory /home/myuser/public_html/
so now in the root directory I have:
cgi-bin
my_project.git
This is one area I am unsure of. Do I have to do an init (using putty) on my server in the public_html directory? I read something about a bare init? I just want to push (from my PC) the website I already have under Git control, to the server. When I make a change to 1 file, push that change to the server so it's updated live with a push. The website is DONE and ready to be live. I have already manually moved back and forth for live testing on the server. My last step is to get the Git setup correctly, so any further changes I can just push them to the server without the need of FTP.
I added a remote origin: git remote add origin ssh://myuser#thedomain.com/home/myuser/public_html/my_project.git
I tried to push to it, and got "Permission denied (publickey)". I already had an id_rsa and id_rsa.pub key locally on my PC, so I copied them and renamed them to id_rsa.myname id_rsa.myname.pub (where myname is my first name). I then copied them to the .ssh folder through FTP (FTP as cpanel user, and it's the directory your dumped into, above public_html), same as /home/myuser/.ssh/ directory.
Once they where there, I added them to 'authorized_keys' using Putty logged in as the cpanel user (my private ppk) by doing:
cd .ssh
cat id_rsa.myname >> ~/.ssh/authorized_keys
cat id_rsa.myname.pub >> ~/.ssh/authorized_keys
After doing that, a push appeared to work. Because I was having a key/auth issue, I used Git Gui version, which was setup and worked fine locally. I added the origins through Git Bash though. When I did "Remote > Push" in the Gui version, I got:
Pushing to ssh://theregistrybank#theregistrybank.com/home/theregistrybank/public_html/yiire gistrybank.git
stdin: is not a tty
To ssh://myuser#thedomain.com/home/myuser/public_html/my_project.git
44ae034..0388a05 master -> master
updating local tracking ref 'refs/remotes/origin/master'
Before doing the push, the only file modified (diff from the bare clone I transferred to the server) was my .gitignore file. I added 2 more exclusions to it, and committed it locally. So I was trying to push the change in that file. After I did the push, it said "success" in green and appeared to work. However, when I check the file in FileZilla, the .gitignore file is not the updated one that I just committed locally.
I think I am close, but missed a step somewhere. I tried to be as descriptive as possible.
And putting the source on GitHub is not an option as the client does not want the source public, and does not want to pay for the private repos. I should be able to push from my local setup to the cPanel server so I don't have to transfer thousands of files every time. I actually transfer a zip file, and unzip on the server lol.
Server Info
cPanel 11.46.2 build 0
CentOS 6.6 x86_64 kvm build01
Yes, Git is setup on the server, and working, and git --version reports:git version 1.7.1
Git on my PC: git version 1.9.4.msysgit.2
Thank you in advance.
SOLUTION
Thanks to #VonC I was able to get this to work :)
You need somewhere for your git repo to sit. I created a 'git-repos' folder in '/home/cpaneluser/git-repos' to house my repos for this cpanel user.
First step is to create a bare repo: http://git-scm.com/book/en/v2/Git-on-the-Server-Getting-Git-on-a-Server - I only followed the first step, basically created the bare repo 'my-project.git'
Before putting it on your server, rename 'my-project.git/hooks/post-receive.sample' to just 'post-receive' so it will be ran. Edit it with your editor, and add the line that #VonC gave us in his chosen answer:
#!/bin/sh
umask 0022
GIT_WORK_TREE=/home/cpaneluser/public_html GIT_DIR=/home/cpaneluser/git-repos/my-project.git git checkout -f
Note: I am using cpanel, so your path's may be different, and your umask could be different. 0022 is for 0644 file permissions. Without the umask, I was getting 500 Internal Server Errors, because the files were created with 0664 permissions instead.
Using FTP or whatever you like, copy the 'my-project.git' bare repo to your server to '/home/cpaneluser/git-repos'. Then go into 'my-project.git/hooks' and change the permissions of post-receive to have execute permissions. For me, 0744 worked fine. This was the magic sauce :)
Locally, add your remote (must be in your git project): git remote set-url origin ssh://cpaneluser#yourdomain.com/home/cpaneluser/git-repos/my-project.git
Now if you try to push now, it won't put the files in 'public_html' because the git tree (terminology?) matches and is up to date. If they are up to date, it seems to skip over executing your 'post-receive' hook. That means your bash script never ran, and it never checked out the files to your working tree.
We need to manually run the 'post-receive' bash script to create all the files of our project in the 'public_html' directory.
cd to '/home/cpaneluser/git-repos/my-project.git/hooks'
Run: ./post-receive
Boom, all your files are in 'public_html'. Now you can work locally, then push to your cpanel server as expected :)
I had a similar problem with my cPanel account, git was set up but for some reason I couldn't push to it. After a lot of head-banging I realized that the root of the problem is like you pointed out that although git is set up, the repo is empty so there's nothing for it to track.
This happens when you set up an empty repo in cPanel and then try pushing a local repo that you've already created, as opposed to cloning it first from github or your local repo (which is what happened to me because for some reason I couldn't access my github from the cPanel git interface even though I had set up a SSH key)
The simple solution that I found is to manually clone the repo using the terminal in your cPanel account
On your cPanel dashboard, under the "advanced" section, you'll find the terminal. You'll get a warning saying that you could mess up your server if you don't know what you're doing, click ok and you're in.
Now you just have to clone your repo the same way you would if you're cloning onto a local machine.
Navigate to where git was set up in your cPanel
cd repositories/<nameOfYourRepo>
And run the clone command
git clone <URLofYourGithubReop>
You'll be asked for your github username and password if it's a private repository
And that's it, you're good to go
What you have copied (my_project.git) is a bare repo, meaning one without a working tree (the actual checked out files).
Read for instance "Git workflow - Setting up a build process".
That means pushing to if won't change anything in /home/myuser/public_html/
The missing piece is a post-receive hook (in /home/myuser/public_html/my_project.git/hooks/post-receive, make sure it is executable: chmod +x), in order to checkout the repo in /home/myuser/public_html/.
#!/bin/sh
GIT_WORK_TREE=/home/myuser/public_html GIT_DIR=/home/myuser/public_html/my_project.git git checkout -f

gitolite error after adding a repo in the goitolite.conf

I am getting below error while trying to push gitolite-admin repo after adding a repo name in gitolite.conf.
Below is the error.
Cloning works fine and I have already pushed some of the pub keys to the repo.
open conf/gitolite.conf-compiled.pm.new failed: Permission denied<<newline>>
system() failed,gitolite compile,-> 6400
Whereas cloning and pushing works fine for testing repo.
Gitolite user is gitolite3 and apache user writes to it and the protocol which am using is http.
Not sure where exactly it is failing. Help is much appreciated.

Git push fails when modified files are included in push, but succeeds when added or deleted files

I've been using git for a few months and have never run into problems. I met my match today. I have a system running Ubuntu 10.10 (new system). I put my keys in place to access the server, and can ssh in just fine. I cloned my repos just fine. I can push added / deleted files just fine. However, when I try to push modified files, the push doesn't finish. It hangs on the last line (Starts with "Total")
If I wait 15 minutes or so it gives me these errors:
Write failed: Broken pipe
Fatal: The remote host hung up unexpectedly
I've tried pushing as both regular user and sudo user. When I add a verbose flag to the push, nothing.
I think this is an SSH error, but it is completely puzzling me. Can anyone help?
I'm just going to run a list of ideas here.
Is this plain SSH or are you using e.g. -o ProxyCommand or another tunnel of sorts?
I'd check the version of the client, since you report being able to do the same correctly from other machines.
I'd also try creating a bundle from the client to eliminate the transport from the analysis.
I'd check file permissions (and out-of-space/quota/temp space for the user) on the server. Are you using the same user that works for other clients?
You could look at a problem in the garbage collect step on the server (by using git config to make sure it doesn't happen).
Did you try other protocols (git-daemon or smart http server?)
Could something be up locally (like repository on synch NFS, or dropbox or...)?

Resources