aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/Gitolite/Common.pm4
-rw-r--r--src/lib/Gitolite/Conf/Load.pm24
-rw-r--r--src/lib/Gitolite/Conf/Store.pm5
-rw-r--r--src/lib/Gitolite/Conf/Sugar.pm17
-rw-r--r--src/lib/Gitolite/Rc.pm4
-rwxr-xr-xsrc/triggers/post-compile/ssh-authkeys-split2
-rwxr-xr-xsrc/triggers/post-compile/update-git-configs8
-rwxr-xr-xsrc/triggers/repo-specific-hooks17
8 files changed, 66 insertions, 15 deletions
diff --git a/src/lib/Gitolite/Common.pm b/src/lib/Gitolite/Common.pm
index 166a4df..7a52f4b 100644
--- a/src/lib/Gitolite/Common.pm
+++ b/src/lib/Gitolite/Common.pm
@@ -305,7 +305,7 @@ sub gl_log {
require Sys::Syslog;
Sys::Syslog->import(qw(:standard));
- openlog("gitolite" . ( $ENV{GL_TID} ? "[$ENV{GL_TID}]" : "" ), "pid", "local0");
+ openlog("gitolite" . ( $ENV{GL_TID} ? "[$ENV{GL_TID}]" : "" ), "pid", $Gitolite::Rc::rc{LOG_FACILITY} || 'local0');
$syslog_opened = 1;
}
@@ -355,7 +355,7 @@ sub ssh_fingerprint_file {
# Return a valid fingerprint or undef
my $fp = undef;
if($output =~ /((?:MD5:)?(?:[0-9a-f]{2}:){15}[0-9a-f]{2})/i or
- $output =~ m{((?:RIPEMD|SHA)\d+:[A-ZA-z0-9+/=]+)}i) {
+ $output =~ m{((?:RIPEMD|SHA)\d+:[A-Za-z0-9+/=]+)}i) {
$fp = $1;
}
return wantarray ? ($fp, $output) : $fp;
diff --git a/src/lib/Gitolite/Conf/Load.pm b/src/lib/Gitolite/Conf/Load.pm
index 15b1d03..a439fc8 100644
--- a/src/lib/Gitolite/Conf/Load.pm
+++ b/src/lib/Gitolite/Conf/Load.pm
@@ -348,7 +348,7 @@ sub load_1 {
return if not $split_conf{$repo};
my $cc = "./gl-conf";
- _die "parse '$cc' failed: " . ( $! or $@ ) unless do $cc;
+ _die "parse '$cc' failed: " . ( $@ or $! ) unless do $cc;
$last_repo = $repo;
$repos{$repo} = $one_repo{$repo};
@@ -583,15 +583,24 @@ sub list_groups {
=for list_users
Usage: gitolite list-users [<repo name pattern>]
-List all users and groups explicitly named in a rule. User names not
-mentioned in an access rule will not show up; you have to run 'list-members'
-on each group name yourself to see them.
+List all users and groups explicitly named in a rule.
+
+- you will have to run 'list-members' on each group name to expand it -- for
+ details and caveats on that please see its help message.
+- User names not mentioned in an access rule will not show up at all (for
+ example, if you have users who only have access via an '@all' rule).
WARNING: may be slow if you have thousands of repos. The optional repo name
pattern is an unanchored regex; it can speed things up if you're interested
only in users of a matching set of repos. This is only an optimisation, not
an actual access list; you will still have to pipe it to 'gitolite access'
with appropriate arguments to get an actual access list.
+
+NOTE: If you're running in ssh mode, it may be simpler to parse the authorized
+keys file in ~/.ssh, like so:
+ perl -lne '/ ([a-z0-9]+)"/; print $1 if $1' < ~/.ssh/authorized_keys | sort -u
+If you're running in http mode, only your web server knows all the potential
+user names.
=cut
sub list_users {
@@ -677,6 +686,13 @@ Usage: gitolite list-members <group name>
- list all members of a group
- takes one group name
+
+'@all' is not expandable in this context. Also, if you have GROUPLIST_PGM set
+in your rc file[1], gitolite cannot expand group names completely; only your
+external database can.
+
+[1]: http://gitolite.com/gitolite/conf.html#ldap
+
=cut
sub list_members {
diff --git a/src/lib/Gitolite/Conf/Store.pm b/src/lib/Gitolite/Conf/Store.pm
index 5568b3f..c7f9ab5 100644
--- a/src/lib/Gitolite/Conf/Store.pm
+++ b/src/lib/Gitolite/Conf/Store.pm
@@ -288,8 +288,6 @@ sub store_1 {
my ( %one_repo, %one_config );
- open( my $compiled_fh, ">", "$repo.git/gl-conf" ) or return;
-
my $dumped_data = '';
if ( $repos{$repo} ) {
$one_repo{$repo} = $repos{$repo};
@@ -303,8 +301,7 @@ sub store_1 {
$dumped_data .= Data::Dumper->Dump( [ \%one_config ], [qw(*one_config)] );
}
- print $compiled_fh $dumped_data;
- close $compiled_fh;
+ _print( "$repo.git/gl-conf", $dumped_data );
$split_conf{$repo} = 1;
}
diff --git a/src/lib/Gitolite/Conf/Sugar.pm b/src/lib/Gitolite/Conf/Sugar.pm
index 986494b..68ad728 100644
--- a/src/lib/Gitolite/Conf/Sugar.pm
+++ b/src/lib/Gitolite/Conf/Sugar.pm
@@ -68,6 +68,7 @@ sub sugar {
$lines = owner_desc($lines);
$lines = name_vref($lines);
$lines = role_names($lines);
+ $lines = skip_block($lines);
return $lines;
}
@@ -179,5 +180,21 @@ sub role_names {
return \@ret;
}
+sub skip_block {
+ my $lines = shift;
+
+ my @out = ();
+ for (@$lines) {
+ my $skip = 0;
+ $skip = 1 if /^= *begin testconf$/;
+ # add code for other types of blocks here as needed
+
+ next if $skip .. /^= *end$/;
+ push @out, $_;
+ }
+
+ return \@out;
+}
+
1;
diff --git a/src/lib/Gitolite/Rc.pm b/src/lib/Gitolite/Rc.pm
index 2ee96e8..5a0e83d 100644
--- a/src/lib/Gitolite/Rc.pm
+++ b/src/lib/Gitolite/Rc.pm
@@ -527,6 +527,8 @@ __DATA__
# LOG_DEST => 'repo-log,normal',
# LOG_DEST => 'repo-log,syslog',
# LOG_DEST => 'repo-log,syslog,normal',
+ # syslog 'facility': defaults to 'local0', uncomment if needed. For example:
+ # LOG_FACILITY => 'local4',
# roles. add more roles (like MANAGER, TESTER, ...) here.
# WARNING: if you make changes to this hash, you MUST run 'gitolite
@@ -607,7 +609,7 @@ __DATA__
# essential (unless you're using smart-http mode)
'ssh-authkeys',
- # creates git-config enties from gitolite.conf file entries like 'config foo.bar = baz'
+ # creates git-config entries from gitolite.conf file entries like 'config foo.bar = baz'
'git-config',
# creates git-daemon-export-ok files; if you don't use git-daemon, comment this out
diff --git a/src/triggers/post-compile/ssh-authkeys-split b/src/triggers/post-compile/ssh-authkeys-split
index cd9a603..b838fb1 100755
--- a/src/triggers/post-compile/ssh-authkeys-split
+++ b/src/triggers/post-compile/ssh-authkeys-split
@@ -65,7 +65,7 @@ do
f=$SKD/$base@$seq.pub
echo "$line" > $f
# similar sanity check as main ssh-authkeys script
- if ! ssh-keygen -l -f $f
+ if ! ssh-keygen -l -f $f >/dev/null
then
echo 1>&2 "ssh-authkeys-split: bad line $seq in keydir/$k"
rm -f $f
diff --git a/src/triggers/post-compile/update-git-configs b/src/triggers/post-compile/update-git-configs
index a58a85d..bdb83ac 100755
--- a/src/triggers/post-compile/update-git-configs
+++ b/src/triggers/post-compile/update-git-configs
@@ -48,6 +48,7 @@ sub fixup_config {
my $gc = git_config( $pr, '.', 1 );
while ( my ( $key, $value ) = each( %{$gc} ) ) {
next if $key =~ /^gitolite-options\./;
+ $value =~ s/(@\w+)/expand_group($1)/ge if $rc{EXPAND_GROUPS_IN_CONFIG};
if ( $value ne "" ) {
system( "git", "config", "--file", "$RB/$pr.git/config", $key, $value );
} else {
@@ -55,3 +56,10 @@ sub fixup_config {
}
}
}
+
+sub expand_group {
+ my $g = shift;
+ my @m = @{ Gitolite::Conf::Load::list_members($1) };
+ return join(" ", @m) if @m;
+ return $g;
+}
diff --git a/src/triggers/repo-specific-hooks b/src/triggers/repo-specific-hooks
index 7ed28e5..bba7a58 100755
--- a/src/triggers/repo-specific-hooks
+++ b/src/triggers/repo-specific-hooks
@@ -13,9 +13,15 @@ _die "repo-specific-hooks: '$rc{LOCAL_CODE}/hooks/repo-specific' does not exist
_chdir( $ENV{GL_REPO_BASE} );
-@ARGV = ("gitolite list-phy-repos | gitolite git-config -ev -r % gitolite-options\\.hook\\. |");
+if ($ARGV[0] eq 'POST_CREATE') {
+ # just the repo given in arg-2
+ @ARGV = ("gitolite git-config -ev -r $ARGV[1] gitolite-options\\.hook\\. |");
+} else {
+ # POST_COMPILE, all repos
+ @ARGV = ("gitolite list-phy-repos | gitolite git-config -ev -r % gitolite-options\\.hook\\. |");
+}
-my $driver = "$rc{LOCAL_CODE}/hooks/multi-hook-driver";
+my $driver = $rc{MULTI_HOOK_DRIVER} || "$rc{LOCAL_CODE}/hooks/multi-hook-driver";
# Hook Driver
{
local $/ = undef;
@@ -67,7 +73,12 @@ for my $repo (keys %repo_hooks) {
}
my $src = $rc{LOCAL_CODE} . "/hooks/repo-specific/$code";
+
+ # if $code has slashes in it, flatten it for use in $dst, to avoid
+ # having to re-create those intermediate sub-directories
+ $code =~ s(/)(_)g;
my $dst = "$repo.git/hooks/$hook.$counter-$code";
+
unless ( -x $src ) {
_warn "repo-specific-hooks: '$src' doesn't exist or is not executable";
next;
@@ -85,7 +96,7 @@ for my $repo (keys %repo_hooks) {
}
__DATA__
-#/bin/sh
+#!/bin/sh
# Determine what input the hook needs
# post-update takes args, pre/post-receive take stdin