Commits on Jan 15, 2011
  1. v1.5.9

    sitaramc committed Jan 15, 2011
Commits on Jan 13, 2011
Commits on Jan 11, 2011
Commits on Jan 5, 2011
Commits on Jan 2, 2011
  1. (major change in big-config mode) split the compiled config file

    sitaramc committed Jan 1, 2011
    Fedora's config has over 11,000 repositories and the compiled config
    file is over 20 MB in size.  Although negligible on a server class
    machine, on my laptop just parsing this file takes a good 2.5 seconds.
    Even if you use GL_ALL_READ_ALL (see a couple of commits before this
    one) to remove the overhead for 'read's, that's still a pretty big
    overhead for writes.  And GL_ALL_READ_ALL is not really a solution for
    most people anyway.
    With this commit, using GL_BIG_CONFIG adds another optimisation; see
    doc/big-config.mkd for details (look for the word "split config" to find
    the section that talks about it).
    Implementation notes:
      - the check for GL_NO_CREATE_REPOS has moved *into* the loop (which it
        completely bypassed earlier) so that write_1_compiled_conf can be
        called on each item
  2. (data format change) fix misnamed 'repo_config' to 'git_configs'

    sitaramc committed Jan 1, 2011
    this change includes a minor data format change.  This should be mostly
    transparent for upgrades though.
  3. new rc var: GL_ALL_READ_ALL

    sitaramc committed Jan 1, 2011
Commits on Dec 31, 2010
  1. rc file stripped down, variables categorised, documentation lifted out

    sitaramc committed Dec 31, 2010
    the old file was getting too unwieldy...
Commits on Dec 28, 2010
  1. (minor) usermod has a "-a" -- I didn't know!

    sitaramc committed Dec 28, 2010
    (thanks to Michael Schueler)
  2. allow gitolite to be used when the users already have real IDs

    sitaramc committed Dec 28, 2010
    Fedora (for example) runs like this:
      * each user has his own userid and login
      * his/her ~/.ssh/authkeys file (containing only his/her key) has a
        "command=" clause invoking just "gl-auth-command"
      * trusted users have "gl-auth-command -s" meaning they can get a shell if
        they want to
    As a result, there is no specific $HOME where you can look for
    .gitolite.rc.  Hence this patch
    Side note: in addition, Fedora may have one or more of the following
    characteristics (writing them here for convenience; they're not directly
    relevant to this patch):
      * actual git repos are under "git" (or some such), and include the chmod g+s
        (git init --shared) unix perms tricks for shared access
      * but since they're coming through gl-auth, branch-level acls are in effect
      * the gitolite config file is generated from some database and compiled (all
        via cron)
      * they keydir/ is empty; in fact they probably don't use the admin repo at
        all, AFAIK
Commits on Dec 25, 2010
  1. allow access checks from ADC or hook

    sitaramc committed Dec 24, 2010
    For sample code see new file contrib/adc/
    Despite the name, you can use similar code in a hook also -- comments in
    that file will tell you how.
    implementation notes:
      - check_access now takes an optional last arg "dry_run", which is also
        passes through to check_ref
      - check_ref returns a "DENIED by ..." instead of die-ing if dry_run is
        passed in
      - as a side effect, cli_repo_rights is now just a stub calling
        check_access (we kept it hanging around for backward compat -- too
        much adc pain for too many people if we change it now)
  2. v1.5.8

    sitaramc committed Dec 25, 2010
  3. minor fix to mirror-shell...

    sitaramc committed Dec 24, 2010
    needed if $REPO_BASE contains slashes.
    (reported/code sent by Dylan Simon)
  4. fine tune "no pubkeys" warning

    sitaramc committed Dec 24, 2010
    perm categories (like READERS and WRITERS, or whatever you put in your
    $GL_WILDREPOS_PERM_CATS) are *supposed* to "have no pubkeys"; don't warn
    about them
  5. (minor) doc updates

    sitaramc committed Dec 24, 2010
Commits on Nov 28, 2010
  1. tighten up pattern to check rsync arguments

    sitaramc committed Nov 28, 2010
    thanks to Joe Schaefer at the ASF for catching it.  Note that this new
    pattern *may* be too restrictive -- if you're using this feature and
    have a problem with the new pattern please email me.
    See email to gitolite mailing list around this date (2010-11-28) for
    more details.
  2. (minor) indentation fix

    sitaramc committed Nov 27, 2010
    been meaning to do it for a while, but I got a push:
    If I had been on the channel at that time I may have quoted Emerson on
    "consistency" just for the fun of it...  ;-)
Commits on Nov 21, 2010
Commits on Nov 20, 2010
  1. gl-setup: Avoid stupid "cd -" simulation tricks

    tmatilai committed with sitaramc Nov 18, 2010
    They don't work if someone calls the script for example
        su - gitolite -c gl-setup <key>
    from a directory where "gitolite" user does not have permissions (e.g.
    0700), then 'cd $od' fails and we stay in gitolite's $HOME.
    [commit message changed by committer; author was more polite ;-)]
  2. Print to STDERR when dying

    tmatilai committed with sitaramc Nov 16, 2010
    Signed-off-by: Teemu Matilainen <>
Commits on Nov 19, 2010
Commits on Nov 18, 2010
  1. stick to regex metas that come with perl 5.8

    sitaramc committed Nov 18, 2010
    we have a stated aim to work with any perl that git is happy with, which
    means it should work with perl 5.8.  At least :)
Commits on Nov 16, 2010
  1. gitolite-down: disable write-access to take backups

    sitaramc committed Nov 16, 2010
    (we quietly do not document the 'able' adc, which is now the most
    "official" adc in the sense that it has a new test, t64-write-able!)
    other notes: fix bug in 'able' (not setting $loc)
Commits on Nov 14, 2010
  1. BSD compat changes

    sitaramc committed Nov 14, 2010
      - openssh 5.6 doesn't like "ssh user@host" with no command following
        it, because they changed the rules for pty allocation failure.
        I'm calling this a BSD compat change because BSD hit it first, but
        really, the "ssh -T" will eventually be needed by Linuxes also, as
        they start upgrading to openssh 5.6
      - FreeBSD (and I presume the other BSDs also) *require* a "-t"
        argument to mktemp (thanks to matias for finding this).
        Note that on FreeBSD, -t is a prefix (the X's are taken literally,
        and the real random stuff gets appended to the prefix), while on
        Linux, it is a template (the X's are converted to random
        characters).  Thus, on BSD you will get names like
        /tmp/tmp.XXXXXXXXXX.1BAEGkHm, whereas on Linux you'll get
        /tmp/tmp.Aq7vbdNpGp or something.
  2. (install doc) various updates

    sitaramc committed Nov 14, 2010
    (thanks to a somewhat heated "discussion" with "abstrakt" on #git)
    While I don't agree with everything he said, some improvements are
    always possible (always, always!) in docs:
      - move the "conventions used" section closer to the action
      - add note about RPM/DEB using "gitolite" as the user, not "git"
      - de-emphasise multiple gitolite hosting users at the top; refer
        advanced users to the already present detailed section later instead
      - in that section, add a bit of intro, and hand-wave the inconsistency
        between its 2 sub-sections ;-)
    Unrelated to the "discussion" today, someone else (running Arch? don't
    remember) had a system where /usr/local/bin was not in $PATH for a
    normal user, so I added a note about that.
Commits on Nov 12, 2010
  1. (admin doc) moving servers

    sitaramc committed Nov 12, 2010
Commits on Nov 10, 2010
  1. (minor) support saying 'repo.git' in the config file

    sitaramc committed Nov 10, 2010
    but complain loudly so they stop doing this... :-)
  2. compile: Allow empty @group definitions

    tmatilai committed with sitaramc Nov 9, 2010
    Use case: group information is generated from an external system and
    because of synchronization or authorization restrictions some groups
    can be empty.
    Signed-off-by: Teemu Matilainen <>
Commits on Nov 7, 2010
Commits on Nov 6, 2010
  1. custom perm categories in setperms (WARNING: PLEASE READ FULL COMMIT …

    sitaramc committed Nov 6, 2010
    NOT MIX VERSIONS OR DOWNGRADE.  Upgrading using normal gitolite upgrade
    means should be fine, though.
    Originally, we only allowed "R" and "RW" as categories of users supplied
    to the `setperms` command.  These map respectively to "READERS" and
    "WRITERS" in the access rules.
      - we prefer READERS instead of R and WRITERS instead of RW
      - we allow the admin to define other categories as she wishes
        (example: MANAGERS, TESTERS, etc).  These do not have abbreviations,
        however, so they must be supplied in full.
    PLEASE, *PLEASE*, read the section in doc/wildcard-repositories.mkd for
    more info.  This is a VERY powerful feature and if you're not careful
    you could mess up the ACLs nicely.
    Backward compat note: you can continue to use the "R" and "RW"
    categories when running the "setperms" command, and gitolite will
    internally convert them to READERS and WRITERS categories.
    implementation notes:
      - new RC var called GL_WILDREPOS_PERM_CATS that is a space-sep list of
        the allowed categories in a gl-perms file; defaults to "R RW" if not
      - wild_repo_rights no longer returns $c, $r, $wC, where $r = $user if
        "R $user", $r = '@all' if "R @all", and similarly with $w and "RW".
        Instead it returns $c and a new hash that effectively gives the same
        info, but expanded to include any other valid categories (listed in
      - consequently, the arguments that parse_acl takes also change the
        same way
      - (side note: R and RW are quietly converted to READERS and WRITERS;
        however, new categories that you define yourself do not have
      - setperms validates perms to make sure only allowed categories are
        used; however even if someone changed them behind the scenes,
        wild_repo_rights will also check.  This is necessary in case the
        admin tightened up GL_WILDREPOS_PERM_CATS after someone had already
        setperms-d his repos.
      - as a bonus, we eliminate all the post-Dumper shenanigans, at least
        for READERS and WRITERS.  Those two now look, to the compile script,
        just like any other usernames.