-1

I want to ask about how to configure access list on specific branch in git? I configured git to be accessed by http using DAV in apache. gitolite version is 1.9.1 operating system ubuntu 14.04/ thnx in advanced

apache2 configuration

<virtualhost *:80>
ServerName git.example.com
ErrorLog ${APACHE_LOG_DIR}/git_error.log
CustomLog ${APACHE_LOG_DIR}/git_access.log combined

SetEnv GIT_PROJECT_ROOT /home/git/repositories
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER
ScriptAlias /hgit/ /home/git/bin/gitolite-shell
SetEnv GIT_HTTP_BACKEND "/usr/lib/git-core/git-http-backend"


 <Location /hgit>
 Options +ExecCGI +FollowSymLinks +SymLinksIfOwnerMatch
    #AllowOverride All
 order allow,deny
 Allow from all

 AuthType Basic
 AuthName "git repository"
 AuthUserFile /etc/apache2/passwd.git 
 Require valid-user
 </Location>
 </virtualhost>
Improve this question

1 Answer 1

Reset to default
0

gitolite version is not 1.9.1. It should be 3.6.4.
It is an authorization layer which allows access to git repo based on an authentication managed by a listened like Apache or sshd.

1.9.1 is the default version of git core on trusty (Ubuntu 14.04), which does not mean you can not upgrade it to a more recent version (currently 2.6.4)

You should not be using DAV on Apache for Git, not since 2011 and smart https.
You actually can call gitolite from Apache: it will call the git-http-backend script itself if the access is granted.

Finally, to configure the access list (against push) for a specific branch, see "Gitolite restrict access to branch".
Note that you can not restrict read access to a branch: if you can read (ie clone) a repo, you have access to all its branches.

Improve this answer
Sign up to request clarification or add additional context in comments.

18 Comments

I can clone using http when i configured DAV but i can't configure gitolite to be compatible with http. please help me
@EmanMohamed Don't use DAV: make you Apache call gitolite which will call git: stackoverflow.com/questions/14104759/…
I'm so sorry but I don't understand how to configure gitolite to use http credential.i followed steps in this link tikalk.com/devops/… .please explain in more details how to configure it. thanks in advanced
@EmanMohamed no configuration needed: gitolite looks for the environment variable REMOTE_USER set by Apache once Apache has done the authentication (github.com/sitaramc/gitolite/blob/…)
ScriptAliasMatch \ "(?x)^/(.*/(HEAD | \ info/refs | \ objects/(info/[^/]+ | \ [0-9a-f]{2}/[0-9a-f]{38} | \ pack/pack-[0-9a-f]{40}\.(pack|idx)) | \ git-(upload|receive)-pack))$" \ /usr/lib/git-core/git-http-backend/$1 SetEnv GIT_PROJECT_ROOT /home/git/repositories SetEnv GIT_HTTP_EXPORT_ALL SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER scriptAlias /hgit/ /home/git/gitolite/src/gitolite-shell/ SetEnv GIT_HTTP_BACKEND "/usr/lib/git-core/git-http-backend" <Location /hgit> AuthType Digest AuthName "Shared Repo" AuthUserFile Require valid-user </Location> </virtualhost>
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.