[PATCH] services: gitile: Allow to set user and group.

  • Open
  • quality assurance status badge
Details
2 participants
  • Evgeny Pisemsky
  • Nguyễn Gia Phong
Owner
unassigned
Submitted by
Evgeny Pisemsky
Severity
normal

Debbugs page

Nguyễn Gia Phong wrote 8 months ago
(address . 72400@debbugs.gnu.org)(address . julien@lepiller.eu)
cbf724453a33a16165dc78ce80ccbf5c@disroot.org
Hi, does the default gitile user work for you out of the box?
I'm asking as I'm speculating you have the git user own the
repositories.
I sent out https://issues.guix.gnu.org/71143#1a while ago to fix it.
Evgeny Pisemsky wrote 8 months ago
(address . 72400@debbugs.gnu.org)(address . mcsinyx@disroot.org)(address . julien@lepiller.eu)
87frroeinc.fsf@pisemsky.site
Hello! It does not work, and that is the reason for this patch.

At this point group access is not enough, I have to run gitile from
git user (of gitolite) who owns repositories. Same for fcgiwrap.

This problem is related to the change in libgit2, and for a long time
I just kept it downgraded, but this cannot be forever.

I also tried to play with safe-directory option without any success,
but even if it worked setting config for every service that works with
git seems like a huge overhead.

Changing default user to git may be quite radical, but since the
documentation states this:

Toggle quote (3 lines)
> Gitile works best in collaboration with Gitolite, and will serve the
> public repositories from Gitolite by default.

I think it is sane.
Nguyễn Gia Phong wrote 8 months ago
(name . Evgeny Pisemsky)(address . mail@pisemsky.site)(address . 72400@debbugs.gnu.org)(address . julien@lepiller.eu)
D35K5Z1Y8NE5.WSFOEXAOJOA@disroot.org
On 2024-08-01 at 11:45+03:00, Evgeny Pisemsky wrote:
Toggle quote (13 lines)
> Hello! It does not work, and that is the reason for this patch.
>
> At this point group access is not enough, I have to run gitile from
> git user (of gitolite) who owns repositories. Same for fcgiwrap.
>
> Changing default user to git may be quite radical, but since the
> documentation states this:
>
> > Gitile works best in collaboration with Gitolite, and will serve the
> > public repositories from Gitolite by default.
>
> I think it is sane.

Seconded, and IMHO the Guix service documentation should mention
that the default user for gitile is to match the owner
of the repositories:

On 2024-07-31 at 18:00+03:00, Evgeny Pisemsky wrote:
+@item @code{user} (default: @code{"git"})
+Owner of the @code{gitile} process.
-----BEGIN PGP SIGNATURE-----

iQHIBAABCAAyFiEE6Q4RuASTNDthMuOUJxSLLAaiIksFAmatBhcUHG1jc2lueXhA
ZGlzcm9vdC5vcmcACgkQJxSLLAaiIkvXQAv/eK6YlzjBpk1uPM24Q6ILq6ylWI7Y
V8HvJPDWdxvj/YZq3OjuxOJNtcidHxIaEWyKpjvl3LY4bxILyxIwq4slqor0HbYv
IvU5KiV92EpKCgCiGrSDiG8SSR1H0c1oz78z2nIo65mwubGhziBEHGgNPvGcUg97
4dC+shtSIpsA2VPKvYxztjX5F0suJZZ2Ypq8PNnOiIc/U3Eqree1bfQ0+5UMOPI7
86tvYdh0Fp+58H0ZXWdUUgw1hsbiuBfB0ZKZZSiAFBa6mmnLKytJLUH4UXdLEPJY
8hNYgb/Vr5omc2NmNwdTdil5bjpvuKHmBUrKt2/76gNINKoj5p5N6twAn9QzIukj
8P3woaXzuvaoRgUdehu+ytUfnvqYlGz5JO6YrEfOh7P3iwRbad+bZrYigmwXyHJa
fFgCnHn9FfImXdeLTeslNNIdP+kaDMW0WSaaPBLxTfTnTFlnih8Mwt6wYzzQt1T3
4q8jenVH6p7J/AHqRTYe6eASU472vAM7Y9wJ
=I39M
-----END PGP SIGNATURE-----


Evgeny Pisemsky wrote 7 months ago
(name . Nguyễn Gia Phong)(address . mcsinyx@disroot.org)(address . julien@lepiller.eu)(address . 72400@debbugs.gnu.org)
87ikwfffa7.fsf@pisemsky.site
Nguyễn Gia Phong <mcsinyx@disroot.org> writes:

Toggle quote (4 lines)
> Seconded, and IMHO the Guix service documentation should mention
> that the default user for gitile is to match the owner
> of the repositories:

As I understand running from git is not secure as it gives gitile
write access to the repos with possibility to corrupt them on error.

I've commented at #71143 about fixing group access for gitile. TLDR:

Toggle quote (4 lines)
> (use-modules (git settings))
> (set-owner-validation! #f)
> (run-server ...)

I agree that documentation update is needed. IMO the following, while
being a breaking change, can make the service more sane and flexible:

1. Allow to change user and group as proposed in the initial patch.
2. Set default user and group to "gitile" and document that if they
changed to other values, they expected to exist on a system, to
avoid warnings like "the following groups appear more than once".
3. Remove the default value of the "repositories" field to enforce
users to specify what they want to serve. Document that gitile's
user/group must have at least read access to this directory.
4. Provide configuration for gitolite as an example, not as default.
5. Remove unnecessary fields like "database" from configuration.

I'm interested what authors and maintainers think about all of this.
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 72400@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 72400
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch
You may also tag this issue. See list of standard tags. For example, to set the confirmed and easy tags
mumi command -t +confirmed -t +easy
Or, remove the moreinfo tag and set the help tag
mumi command -t -moreinfo -t +help