Received: (at 71143) by debbugs.gnu.org; 5 Aug 2024 08:12:26 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Aug 05 04:12:26 2024 Received: from localhost ([127.0.0.1]:57828 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1saspN-0007eB-Tp for submit <at> debbugs.gnu.org; Mon, 05 Aug 2024 04:12:26 -0400 Received: from roxy-shared.hosting.energy ([137.74.182.160]:47881 helo=roxy.hosting.energy) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <mail@HIDDEN>) id 1saspL-0007da-EY for 71143 <at> debbugs.gnu.org; Mon, 05 Aug 2024 04:12:24 -0400 Received: from [45.137.112.13] (helo=laptop) by roxy.hosting.energy with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.97.1) (envelope-from <mail@HIDDEN>) id 1sasou-000000002K2-0nu2 for 71143 <at> debbugs.gnu.org; Mon, 05 Aug 2024 11:11:56 +0300 From: Evgeny Pisemsky <mail@HIDDEN> To: 71143 <at> debbugs.gnu.org Subject: Re: [PATCH] services: gitile: Opt out of Git safe dir check. Date: Mon, 05 Aug 2024 11:11:52 +0300 Message-ID: <87plqnfkxj.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" X-Scanned-By: ClamAV 0.101.4; Mon, 05 Aug 2024 11:11:56 +0300 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 71143 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.0 (-) --=-=-= Content-Type: text/plain In the meantime I did some searching and found out that owner check can be disabled right from guile without any external config files: https://gitlab.com/guile-git/guile-git/-/blob/47541c4eb28ca81530b5541834a4d105a808954f/git/settings.scm#L77 Attached example of gitile package with modified source that works for me with existing service. It can even be made optional in gitile code. --=-=-= Content-Type: application/octet-stream Content-Disposition: attachment; filename=gitile.scm Content-Transfer-Encoding: base64 KHVzZS1tb2R1bGVzIChndWl4IHBhY2thZ2VzKQogICAgICAgICAgICAgKGdudSBwYWNrYWdlcyB2 ZXJzaW9uLWNvbnRyb2wpKQoKKHBhY2thZ2UKICAoaW5oZXJpdCBnaXRpbGUpCiAgKHNvdXJjZQog ICAob3JpZ2luCiAgICAgKGluaGVyaXQgKHBhY2thZ2Utc291cmNlIGdpdGlsZSkpCiAgICAgKG1v ZHVsZXMgJygoZ3VpeCBidWlsZCB1dGlscykpKQogICAgIChzbmlwcGV0ICcoc3Vic3RpdHV0ZSog InNjcmlwdHMvZ2l0aWxlLmluIgogICAgICAgICAgICAgICAgICgoIl4uKnJ1bi1zZXJ2ZXIuKiIg bGluZSkKICAgICAgICAgICAgICAgICAgKHN0cmluZy1hcHBlbmQKICAgICAgICAgICAgICAgICAg ICIgICAgKHVzZS1tb2R1bGVzIChnaXQgc2V0dGluZ3MpKVxuIgogICAgICAgICAgICAgICAgICAg IiAgICAoc2V0LW93bmVyLXZhbGlkYXRpb24hICNmKVxuIgogICAgICAgICAgICAgICAgICAgbGlu ZSkpKSkpKSkK --=-=-=--
guix-patches@HIDDEN:bug#71143; Package guix-patches.
Full text available.Received: (at 71143) by debbugs.gnu.org; 26 May 2024 12:12:10 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun May 26 08:12:10 2024 Received: from localhost ([127.0.0.1]:38535 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1sBCjR-0008Ci-Vr for submit <at> debbugs.gnu.org; Sun, 26 May 2024 08:12:10 -0400 Received: from layka.disroot.org ([178.21.23.139]:39498) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <mcsinyx@HIDDEN>) id 1sBCjQ-0008CY-Cd for 71143 <at> debbugs.gnu.org; Sun, 26 May 2024 08:12:09 -0400 X-Virus-Scanned: SPAM Filter at disroot.org Content-Type: multipart/signed; boundary=32a6aa0782b11a2f29c8ce9c9b9744f3141a643bea3bb98661b1a2bdde97; micalg=pgp-sha256; protocol="application/pgp-signature" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1716725518; bh=HgKbgX+qNcztPmnwKCdQZYm6jwAnMyjUZ9JfHc48KD4=; h=Date:Subject:To:From; b=LPQ1YU+lVanR8zZX1DPSKZnqBk/qFMF/ErpaQN+tuzM9lWERNvmvfF5GV7URLbiVz hC2S6qARu0rot0+MGXWws59adYueU4pblbveN8Sy6IzObSlpUjIyuhsRUbaglDukLg rP7m2+b0FO+3IwMZAkkoItv3jOfU+WfHC8K3i7nAwfosH9uN6dBDFurLK4hsb8t60v G0jTcxtALl8YbL28RaadsLJYYUSF8PBB+T7LKR4G7gMYh9juHwlXtv0aPNFvLe6Ky2 Hp0st/sOrJ0aMeWryeRbB7e2XgvJF5RnER30vpBAtBW1/TwZW2T9S9jNXTYZwFenCW oHWzFNLN6N7bw== Date: Sun, 26 May 2024 21:11:48 +0900 Subject: Re: [PATCH v2] services: gitile: Opt out of Git safe dir check. To: <71143 <at> debbugs.gnu.org>, "Julien Lepiller" <julien@HIDDEN> From: =?utf-8?q?Nguy=E1=BB=85n_Gia_Phong?= <mcsinyx@HIDDEN> Message-Id: <D1JKAOPZDQBE.PHI9Y7U3ZD7R@guix> X-Spam-Score: 0.1 (/) X-Debbugs-Envelope-To: 71143 X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.9 (/) --32a6aa0782b11a2f29c8ce9c9b9744f3141a643bea3bb98661b1a2bdde97 Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 On 2024-05-24 at 07:28+02:00, Julien Lepiller wrote: > On 2024-05-23 at 19:28+09:00, Nguy=E1=BB=85n Gia Phong wrote: > > * gnu/services/version-control.scm (gitile-activation): New function > > creating Git config file for user gitile setting safe.directory > > to * (all directories), so libgit parses directories not owned > > by gitile user in gitile-configuration-repositories. > > I think it would be better if we had safe-directory =3D repositories, > instead of *. Otherwise, looks good. Thanks, although * seems to be magic string rather than a glob pattern: https://git-scm.com/docs/git-config#Documentation/git-config.txt-safedirect= ory Setting safe-directory to repositories or repositories/* doesn't make it work for me. P.S. Huh for some reason GNU Debbugs keep bouncing mails from loang.net. --32a6aa0782b11a2f29c8ce9c9b9744f3141a643bea3bb98661b1a2bdde97 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQHIBAABCAAyFiEE6Q4RuASTNDthMuOUJxSLLAaiIksFAmZTJwoUHG1jc2lueXhA ZGlzcm9vdC5vcmcACgkQJxSLLAaiIktNKgv+K81PYMLeCL1GDLYDcSCG8/lGYmrL 8jXyYvRPXM3+ud8lewFEdKOT9jIyQSuwWwM9Nyu2xfi5NNloAv88UKywEH0ZA5nI 7kIutN4C9+RVUzw6HoMPi6T3yTgQuiaMbTNf7l+Dhb7DKGwPtk9jQ/8qYqQjy1rC Md/ytYqNHiPjWN3ro31z0/AONaB8gb+BT0aAIfjBh+fy9YgmEH7BUwCWEMFkAaR7 PZJ2Qt6VbtlGReLKyGEj1mZdkIdriQ+feWpp8vdk1iDcJlvpR2MgIlh+YtQSePQk sWpdOUc9KKltbbTS+UQYcDjo/XaeP+zaOAHr2WvrglPX5dNxT+gTjFkewKmI7qDU ATdoY7Qz7ur6CN3/UrqXEebm5hcxMHGq7pwzbvew3UIawVZCdyg+bg5mOQl2CDXc 6CzMTDNyZcQOft6sDhuhSpGcop3CH3UaJat4ZQ4D9sEIuDy3xNK9ZP2Av9uoN9Up mAb4V5jrQzjFxdXlURVJfWeLcKevQg2INvn5 =0c/5 -----END PGP SIGNATURE----- --32a6aa0782b11a2f29c8ce9c9b9744f3141a643bea3bb98661b1a2bdde97--
guix-patches@HIDDEN:bug#71143; Package guix-patches.
Full text available.
Received: (at 71143) by debbugs.gnu.org; 24 May 2024 05:29:23 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Fri May 24 01:29:23 2024
Received: from localhost ([127.0.0.1]:34961 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sANUY-0003o6-LA
for submit <at> debbugs.gnu.org; Fri, 24 May 2024 01:29:23 -0400
Received: from [77.146.233.46] (port=50222 helo=localhost)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <julien@HIDDEN>) id 1sANUT-0003o0-NF
for 71143 <at> debbugs.gnu.org; Fri, 24 May 2024 01:29:21 -0400
Received: from localhost (localhost [127.0.0.1])
by localhost (OpenSMTPD) with ESMTP id 74942bf7;
Fri, 24 May 2024 05:28:29 +0000 (UTC)
Received: by localhost (OpenSMTPD) with ESMTPSA id 67b706eb
(TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO);
Fri, 24 May 2024 05:28:29 +0000 (UTC)
Date: Fri, 24 May 2024 07:28:28 +0200
From: Julien Lepiller <julien@HIDDEN>
To: =?UTF-8?B?Tmd1eeG7hW4=?= Gia Phong <mcsinyx@HIDDEN>
Subject: Re: [bug#71143] [PATCH v2] services: gitile: Opt out of Git safe
dir check.
Message-ID: <20240524072828.4868b031@HIDDEN>
In-Reply-To: <854ccfeb2cf910eda609a026e865b595e64e0cc4.1716460093.git.mcsinyx@HIDDEN>
References: <604e51b2f51141b2b8d1d3d71bf9412ab7760563.1716459581.git.mcsinyx@HIDDEN>
<854ccfeb2cf910eda609a026e865b595e64e0cc4.1716460093.git.mcsinyx@HIDDEN>
X-Mailer: Claws Mail 4.1.1 (GTK 3.24.41; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 4.9 (++++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Hi, I think it would be better if we had safe-directory =
repositories, instead of *. Otherwise, looks good. It seems I cheated on my
server and rewrote the service to use user "git" instead, which owns the
repositories.
Content analysis details: (4.9 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FSL_HELO_NON_FQDN_1 No description available.
3.6 HELO_LOCALHOST No description available.
-0.0 SPF_PASS SPF: sender matches SPF record
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
X-Debbugs-Envelope-To: 71143
Cc: Ludovic =?UTF-8?B?Q291cnTDqHM=?= <ludo@HIDDEN>,
Maxim Cournoyer <maxim.cournoyer@HIDDEN>, 71143 <at> debbugs.gnu.org,
Matthew Trzcinski <matt@HIDDEN>,
Florian Pelz <pelzflorian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 3.9 (+++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Hi, I think it would be better if we had safe-directory =
repositories, instead of *. Otherwise, looks good. It seems I cheated on my
server and rewrote the service to use user "git" instead, which owns the
repositories.
Content analysis details: (3.9 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 FSL_HELO_NON_FQDN_1 No description available.
3.6 HELO_LOCALHOST No description available.
-0.0 SPF_PASS SPF: sender matches SPF record
1.3 RDNS_NONE Delivered to internal network by a host with no rDNS
-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list
manager
Hi,
I think it would be better if we had safe-directory =3D repositories,
instead of *. Otherwise, looks good.
It seems I cheated on my server and rewrote the service to use user
"git" instead, which owns the repositories.
Le Thu, 23 May 2024 19:28:13 +0900,
guix-patches--- via <guix-patches@HIDDEN> a =C3=A9crit :
> * gnu/services/version-control.scm (gitile-configuration):
> Add home-directory field for Git configuration file. It also stores
> Gitile's database, so remove the (now redundant) database field.
> * gnu/services/version-control.scm (%gitile-accounts): Move to
> gitile-accounts.
> * gnu/services/version-control.scm (gitile-accounts): Add configurable
> home directory.
> * doc/gnu.texi (Gitile Service): Document it.
> * gnu/services/version-control.scm (gitile-activation): New function
> creating Git config file for user gitile setting safe.directory
> to * (all directories), so libgit parses directories not owned
> by gitile user in gitile-configuration-repositories.
>=20
> Change-Id: I9d26a74bf021168ce82ac96810c171b2101fd950
> ---
> I accidentally staged the record export hunk to another commit.
> doc/guix.texi | 4 +--
> gnu/services/version-control.scm | 48
> +++++++++++++++++++------------- 2 files changed, 30 insertions(+),
> 22 deletions(-)
>=20
> diff --git a/doc/guix.texi b/doc/guix.texi
> index 8073e3f6d496..ba12f249a98b 100644
> --- a/doc/guix.texi
> +++ b/doc/guix.texi
> @@ -38981,8 +38981,8 @@ Version Control Services
> @item @code{port} (default: @code{8080})
> The port on which gitile is listening.
> =20
> -@item @code{database} (default:
> @code{"/var/lib/gitile/gitile-db.sql"}) -The location of the database.
> +@item @code{home-directory} (default: @code{"/var/lib/gitile"})
> +Directory in which to store the Gitile database.
> =20
> @item @code{repositories} (default:
> @code{"/var/lib/gitolite/repositories"}) The location of the
> repositories. Note that only public repositories will diff --git
> a/gnu/services/version-control.scm b/gnu/services/version-control.scm
> index 14ff0a59a6b0..7fedd7327d6e 100644 ---
> a/gnu/services/version-control.scm +++
> b/gnu/services/version-control.scm @@ -68,7 +68,7 @@ (define-module
> (gnu services version-control) gitile-configuration-package
> gitile-configuration-host
> gitile-configuration-port
> - gitile-configuration-database
> + gitile-configuration-home-directory
> gitile-configuration-repositories
> gitile-configuration-git-base-url
> gitile-configuration-index-title
> @@ -430,8 +430,8 @@ (define-record-type* <gitile-configuration>
> (default "127.0.0.1"))
> (port gitile-configuration-port
> (default 8080))
> - (database gitile-configuration-database
> - (default "/var/lib/gitile/gitile-db.sql"))
> + (home-directory gitile-configuration-home-directory
> + (default "/var/lib/gitile"))
> (repositories gitile-configuration-repositories
> (default "/var/lib/gitolite/repositories"))
> (base-git-url gitile-configuration-base-git-url)
> @@ -443,13 +443,13 @@ (define-record-type* <gitile-configuration>
> (default '()))
> (nginx gitile-configuration-nginx))
> =20
> -(define (gitile-config-file host port database repositories
> base-git-url +(define (gitile-config-file host port home-directory
> repositories base-git-url index-title intro footer)
> (define build
> #~(write `(config
> (port #$port)
> (host #$host)
> - (database #$database)
> + (database #$(string-append home-directory
> "/gitile-db.sql")) (repositories #$repositories)
> (base-git-url #$base-git-url)
> (index-title #$index-title)
> @@ -459,9 +459,14 @@ (define (gitile-config-file host port database
> repositories base-git-url=20
> (computed-file "gitile.conf" build))
> =20
> +(define (gitile-activation config)
> + (match-record config <gitile-configuration> (home-directory)
> + #~(with-output-to-file #$(string-append home-directory
> "/.gitconfig")
> + (lambda () (display "[safe]\n directory =3D *\n")))))
> +
> (define gitile-nginx-server-block
> (match-lambda
> - (($ <gitile-configuration> package host port database
> repositories
> + (($ <gitile-configuration> package host port home-directory
> repositories base-git-url index-title intro footer nginx)
> (list (nginx-server-configuration
> (inherit nginx)
> @@ -487,7 +492,7 @@ (define gitile-nginx-server-block
> =20
> (define gitile-shepherd-service
> (match-lambda
> - (($ <gitile-configuration> package host port database
> repositories
> + (($ <gitile-configuration> package host port home-directory
> repositories base-git-url index-title intro footer nginx)
> (list (shepherd-service
> (provision '(gitile))
> @@ -496,7 +501,7 @@ (define gitile-shepherd-service
> (start (let ((gitile (file-append package
> "/bin/gitile"))) #~(make-forkexec-constructor
> `(,#$gitile "-c" #$(gitile-config-file
> - host port database
> + host port
> home-directory repositories
> base-git-url
> index-title intro footer))
> @@ -504,17 +509,18 @@ (define gitile-shepherd-service
> #:group "git")))
> (stop #~(make-kill-destructor)))))))
> =20
> -(define %gitile-accounts
> - (list (user-group
> - (name "git")
> - (system? #t))
> - (user-account
> - (name "gitile")
> - (group "git")
> - (system? #t)
> - (comment "Gitile user")
> - (home-directory "/var/empty")
> - (shell (file-append shadow "/sbin/nologin")))))
> +(define (gitile-accounts config)
> + (match-record config <gitile-configuration> (home-directory)
> + (list (user-group
> + (name "git")
> + (system? #t))
> + (user-account
> + (name "gitile")
> + (group "git")
> + (system? #t)
> + (comment "Gitile user")
> + (home-directory home-directory)
> + (shell (file-append shadow "/sbin/nologin"))))))
> =20
> (define gitile-service-type
> (service-type
> @@ -523,7 +529,9 @@ (define gitile-service-type
> on the web.")
> (extensions
> (list (service-extension account-service-type
> - (const %gitile-accounts))
> + gitile-accounts)
> + (service-extension activation-service-type
> + gitile-activation)
> (service-extension shepherd-root-service-type
> gitile-shepherd-service)
> (service-extension nginx-service-type
>=20
> base-commit: aeba4849b42b4d3ac75341ac4b61843c1fe48181
guix-patches@HIDDEN:bug#71143; Package guix-patches.
Full text available.
Received: (at 71143) by debbugs.gnu.org; 23 May 2024 10:29:50 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 23 06:29:50 2024
Received: from localhost ([127.0.0.1]:58904 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sA5hl-0006jL-I0
for submit <at> debbugs.gnu.org; Thu, 23 May 2024 06:29:50 -0400
Received: from layka.disroot.org ([178.21.23.139]:60324)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <mcsinyx@HIDDEN>) id 1sA5hj-0006jF-Hf
for 71143 <at> debbugs.gnu.org; Thu, 23 May 2024 06:29:48 -0400
X-Virus-Scanned: SPAM Filter at disroot.org
From: =?UTF-8?q?Nguy=E1=BB=85n=20Gia=20Phong?= <mcsinyx@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail;
t=1716460179; bh=XbH+34ndP3S6fs6eAMw70eV0MOppFsiXgjHfinkGs3U=;
h=From:To:Cc:Subject:Date:In-Reply-To:References;
b=an0sV0yKj3twLB3OUvVgOE2gz8wk9/CMe0sKYELrC3aegMsfENOm9VlclOV70QhwE
WhWd8Ke8+bOwuUCb4dvYEvNgdTD0kn92VModxwhxmarVI17ORCch1Osg1Og2MhcGM9
b/PRGTRvBYEHrez6RpDUJremg71azXLnRfTyTNYQfBJpqQ3yF5OvPv4YcGoF84aju+
RKMBS9Kjpv3sauBwlH6LNGvtBjjfpj4DE/m76p4Er2cpQhAZ+7xdZUwsw1koerYaFV
D6UQsoYoR/ft9jEs2jvO0cdw8rIwk7Bwapmh9t03jUVwGwXNkngMhhD1kdy9zTLIf/
oT2M7i9Y0nNqg==
To: 71143 <at> debbugs.gnu.org
Subject: [PATCH v2] services: gitile: Opt out of Git safe dir check.
Date: Thu, 23 May 2024 19:28:13 +0900
Message-ID: <854ccfeb2cf910eda609a026e865b595e64e0cc4.1716460093.git.mcsinyx@HIDDEN>
In-Reply-To: <604e51b2f51141b2b8d1d3d71bf9412ab7760563.1716459581.git.mcsinyx@HIDDEN>
References: <604e51b2f51141b2b8d1d3d71bf9412ab7760563.1716459581.git.mcsinyx@HIDDEN>
MIME-Version: 1.0
X-Debbugs-Cc: Florian Pelz <pelzflorian@HIDDEN>, Ludovic Courtès <ludo@HIDDEN>, Matthew Trzcinski <matt@HIDDEN>, Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 71143
Cc: =?UTF-8?q?Nguy=E1=BB=85n=20Gia=20Phong?= <mcsinyx@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.0 (-)
* gnu/services/version-control.scm (gitile-configuration):
Add home-directory field for Git configuration file. It also stores
Gitile's database, so remove the (now redundant) database field.
* gnu/services/version-control.scm (%gitile-accounts): Move to gitile-accounts.
* gnu/services/version-control.scm (gitile-accounts): Add configurable
home directory.
* doc/gnu.texi (Gitile Service): Document it.
* gnu/services/version-control.scm (gitile-activation): New function
creating Git config file for user gitile setting safe.directory
to * (all directories), so libgit parses directories not owned
by gitile user in gitile-configuration-repositories.
Change-Id: I9d26a74bf021168ce82ac96810c171b2101fd950
---
I accidentally staged the record export hunk to another commit.
doc/guix.texi | 4 +--
gnu/services/version-control.scm | 48 +++++++++++++++++++-------------
2 files changed, 30 insertions(+), 22 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 8073e3f6d496..ba12f249a98b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -38981,8 +38981,8 @@ Version Control Services
@item @code{port} (default: @code{8080})
The port on which gitile is listening.
-@item @code{database} (default: @code{"/var/lib/gitile/gitile-db.sql"})
-The location of the database.
+@item @code{home-directory} (default: @code{"/var/lib/gitile"})
+Directory in which to store the Gitile database.
@item @code{repositories} (default: @code{"/var/lib/gitolite/repositories"})
The location of the repositories. Note that only public repositories will
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
index 14ff0a59a6b0..7fedd7327d6e 100644
--- a/gnu/services/version-control.scm
+++ b/gnu/services/version-control.scm
@@ -68,7 +68,7 @@ (define-module (gnu services version-control)
gitile-configuration-package
gitile-configuration-host
gitile-configuration-port
- gitile-configuration-database
+ gitile-configuration-home-directory
gitile-configuration-repositories
gitile-configuration-git-base-url
gitile-configuration-index-title
@@ -430,8 +430,8 @@ (define-record-type* <gitile-configuration>
(default "127.0.0.1"))
(port gitile-configuration-port
(default 8080))
- (database gitile-configuration-database
- (default "/var/lib/gitile/gitile-db.sql"))
+ (home-directory gitile-configuration-home-directory
+ (default "/var/lib/gitile"))
(repositories gitile-configuration-repositories
(default "/var/lib/gitolite/repositories"))
(base-git-url gitile-configuration-base-git-url)
@@ -443,13 +443,13 @@ (define-record-type* <gitile-configuration>
(default '()))
(nginx gitile-configuration-nginx))
-(define (gitile-config-file host port database repositories base-git-url
+(define (gitile-config-file host port home-directory repositories base-git-url
index-title intro footer)
(define build
#~(write `(config
(port #$port)
(host #$host)
- (database #$database)
+ (database #$(string-append home-directory "/gitile-db.sql"))
(repositories #$repositories)
(base-git-url #$base-git-url)
(index-title #$index-title)
@@ -459,9 +459,14 @@ (define (gitile-config-file host port database repositories base-git-url
(computed-file "gitile.conf" build))
+(define (gitile-activation config)
+ (match-record config <gitile-configuration> (home-directory)
+ #~(with-output-to-file #$(string-append home-directory "/.gitconfig")
+ (lambda () (display "[safe]\n directory = *\n")))))
+
(define gitile-nginx-server-block
(match-lambda
- (($ <gitile-configuration> package host port database repositories
+ (($ <gitile-configuration> package host port home-directory repositories
base-git-url index-title intro footer nginx)
(list (nginx-server-configuration
(inherit nginx)
@@ -487,7 +492,7 @@ (define gitile-nginx-server-block
(define gitile-shepherd-service
(match-lambda
- (($ <gitile-configuration> package host port database repositories
+ (($ <gitile-configuration> package host port home-directory repositories
base-git-url index-title intro footer nginx)
(list (shepherd-service
(provision '(gitile))
@@ -496,7 +501,7 @@ (define gitile-shepherd-service
(start (let ((gitile (file-append package "/bin/gitile")))
#~(make-forkexec-constructor
`(,#$gitile "-c" #$(gitile-config-file
- host port database
+ host port home-directory
repositories
base-git-url index-title
intro footer))
@@ -504,17 +509,18 @@ (define gitile-shepherd-service
#:group "git")))
(stop #~(make-kill-destructor)))))))
-(define %gitile-accounts
- (list (user-group
- (name "git")
- (system? #t))
- (user-account
- (name "gitile")
- (group "git")
- (system? #t)
- (comment "Gitile user")
- (home-directory "/var/empty")
- (shell (file-append shadow "/sbin/nologin")))))
+(define (gitile-accounts config)
+ (match-record config <gitile-configuration> (home-directory)
+ (list (user-group
+ (name "git")
+ (system? #t))
+ (user-account
+ (name "gitile")
+ (group "git")
+ (system? #t)
+ (comment "Gitile user")
+ (home-directory home-directory)
+ (shell (file-append shadow "/sbin/nologin"))))))
(define gitile-service-type
(service-type
@@ -523,7 +529,9 @@ (define gitile-service-type
on the web.")
(extensions
(list (service-extension account-service-type
- (const %gitile-accounts))
+ gitile-accounts)
+ (service-extension activation-service-type
+ gitile-activation)
(service-extension shepherd-root-service-type
gitile-shepherd-service)
(service-extension nginx-service-type
base-commit: aeba4849b42b4d3ac75341ac4b61843c1fe48181
--
2.41.0
pelzflorian@HIDDEN, ludo@HIDDEN, matt@HIDDEN, maxim.cournoyer@HIDDEN, guix-patches@HIDDEN:bug#71143; Package guix-patches.
Full text available.
Received: (at submit) by debbugs.gnu.org; 23 May 2024 10:21:04 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Thu May 23 06:21:04 2024
Received: from localhost ([127.0.0.1]:58882 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1sA5ZD-0006dN-Jj
for submit <at> debbugs.gnu.org; Thu, 23 May 2024 06:21:04 -0400
Received: from lists.gnu.org ([209.51.188.17]:33162)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <mcsinyx@HIDDEN>) id 1sA5Z8-0006dH-Qg
for submit <at> debbugs.gnu.org; Thu, 23 May 2024 06:20:58 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <mcsinyx@HIDDEN>)
id 1sA5Yt-0001xr-Rb
for guix-patches@HIDDEN; Thu, 23 May 2024 06:20:41 -0400
Received: from layka.disroot.org ([178.21.23.139])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
(Exim 4.90_1) (envelope-from <mcsinyx@HIDDEN>)
id 1sA5Yr-00083U-MZ
for guix-patches@HIDDEN; Thu, 23 May 2024 06:20:39 -0400
X-Virus-Scanned: SPAM Filter at disroot.org
From: =?UTF-8?q?Nguy=E1=BB=85n=20Gia=20Phong?= <mcsinyx@HIDDEN>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail;
t=1716459634; bh=i4nl3B6lo3BEhYPvHskgUEz7zO4af+6179RdwdOG6Z0=;
h=From:To:Cc:Subject:Date;
b=Zm6KhO8A0+rgxTjg+DVJmgxb+uXOAadN4sTtKxJc9d/PhiGffC0whUqXZ7xq3U013
oHAldrxSPX+SWQrEVxI70Pd/e883tc0mGcC+TIvh0ts359dKi47Eib53RyZmxDzHYX
hhJ3PdVYpr2oU5AjcaSYs01UtCC7nmpbUmEAsrAm+mfNAzeEqFrtZ2d0Ab4tHkxfn1
U7QQ5S62HMzvs6Ed2KmIOYeVLt0TzNQVvT7XF5+mYE5yiyXTAjPph2dQotkmLqAWc9
8SF1X9kMJY4FUmQ3qUSepy4hv8Y7sk2OsOPurYZhsgAqr389HbZn94kfaCt8GrClFx
QofyrZmn/IF8Q==
To: guix-patches@HIDDEN
Subject: [PATCH] services: gitile: Opt out of Git safe dir check.
Date: Thu, 23 May 2024 19:19:41 +0900
Message-ID: <604e51b2f51141b2b8d1d3d71bf9412ab7760563.1716459581.git.mcsinyx@HIDDEN>
MIME-Version: 1.0
X-Debbugs-Cc: Florian Pelz <pelzflorian@HIDDEN>, Ludovic Courtès <ludo@HIDDEN>, Matthew Trzcinski <matt@HIDDEN>, Maxim Cournoyer <maxim.cournoyer@HIDDEN>
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=178.21.23.139; envelope-from=mcsinyx@HIDDEN;
helo=layka.disroot.org
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.4 (-)
X-Debbugs-Envelope-To: submit
Cc: =?UTF-8?q?Nguy=E1=BB=85n=20Gia=20Phong?= <mcsinyx@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.4 (--)
* gnu/services/version-control.scm (gitile-configuration):
Add home-directory field for Git configuration file. It also stores
Gitile's database, so remove the (now redundant) database field.
* gnu/services/version-control.scm (%gitile-accounts): Move to gitile-accounts.
* gnu/services/version-control.scm (gitile-accounts): Add configurable
home directory.
* doc/gnu.texi (Gitile Service): Document it.
* gnu/services/version-control.scm (gitile-activation): New function
creating Git config file for user gitile setting safe.directory
to * (all directories), so libgit parses directories not owned
by gitile user in gitile-configuration-repositories.
Change-Id: I9d26a74bf021168ce82ac96810c171b2101fd950
---
doc/guix.texi | 4 +--
gnu/services/version-control.scm | 46 +++++++++++++++++++-------------
2 files changed, 29 insertions(+), 21 deletions(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 8073e3f6d496..ba12f249a98b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -38981,8 +38981,8 @@ Version Control Services
@item @code{port} (default: @code{8080})
The port on which gitile is listening.
-@item @code{database} (default: @code{"/var/lib/gitile/gitile-db.sql"})
-The location of the database.
+@item @code{home-directory} (default: @code{"/var/lib/gitile"})
+Directory in which to store the Gitile database.
@item @code{repositories} (default: @code{"/var/lib/gitolite/repositories"})
The location of the repositories. Note that only public repositories will
diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm
index 14ff0a59a6b0..00ca7b600efc 100644
--- a/gnu/services/version-control.scm
+++ b/gnu/services/version-control.scm
@@ -430,8 +430,8 @@ (define-record-type* <gitile-configuration>
(default "127.0.0.1"))
(port gitile-configuration-port
(default 8080))
- (database gitile-configuration-database
- (default "/var/lib/gitile/gitile-db.sql"))
+ (home-directory gitile-configuration-home-directory
+ (default "/var/lib/gitile"))
(repositories gitile-configuration-repositories
(default "/var/lib/gitolite/repositories"))
(base-git-url gitile-configuration-base-git-url)
@@ -443,13 +443,13 @@ (define-record-type* <gitile-configuration>
(default '()))
(nginx gitile-configuration-nginx))
-(define (gitile-config-file host port database repositories base-git-url
+(define (gitile-config-file host port home-directory repositories base-git-url
index-title intro footer)
(define build
#~(write `(config
(port #$port)
(host #$host)
- (database #$database)
+ (database #$(string-append home-directory "/gitile-db.sql"))
(repositories #$repositories)
(base-git-url #$base-git-url)
(index-title #$index-title)
@@ -459,9 +459,14 @@ (define (gitile-config-file host port database repositories base-git-url
(computed-file "gitile.conf" build))
+(define (gitile-activation config)
+ (match-record config <gitile-configuration> (home-directory)
+ #~(with-output-to-file #$(string-append home-directory "/.gitconfig")
+ (lambda () (display "[safe]\n directory = *\n")))))
+
(define gitile-nginx-server-block
(match-lambda
- (($ <gitile-configuration> package host port database repositories
+ (($ <gitile-configuration> package host port home-directory repositories
base-git-url index-title intro footer nginx)
(list (nginx-server-configuration
(inherit nginx)
@@ -487,7 +492,7 @@ (define gitile-nginx-server-block
(define gitile-shepherd-service
(match-lambda
- (($ <gitile-configuration> package host port database repositories
+ (($ <gitile-configuration> package host port home-directory repositories
base-git-url index-title intro footer nginx)
(list (shepherd-service
(provision '(gitile))
@@ -496,7 +501,7 @@ (define gitile-shepherd-service
(start (let ((gitile (file-append package "/bin/gitile")))
#~(make-forkexec-constructor
`(,#$gitile "-c" #$(gitile-config-file
- host port database
+ host port home-directory
repositories
base-git-url index-title
intro footer))
@@ -504,17 +509,18 @@ (define gitile-shepherd-service
#:group "git")))
(stop #~(make-kill-destructor)))))))
-(define %gitile-accounts
- (list (user-group
- (name "git")
- (system? #t))
- (user-account
- (name "gitile")
- (group "git")
- (system? #t)
- (comment "Gitile user")
- (home-directory "/var/empty")
- (shell (file-append shadow "/sbin/nologin")))))
+(define (gitile-accounts config)
+ (match-record config <gitile-configuration> (home-directory)
+ (list (user-group
+ (name "git")
+ (system? #t))
+ (user-account
+ (name "gitile")
+ (group "git")
+ (system? #t)
+ (comment "Gitile user")
+ (home-directory home-directory)
+ (shell (file-append shadow "/sbin/nologin"))))))
(define gitile-service-type
(service-type
@@ -523,7 +529,9 @@ (define gitile-service-type
on the web.")
(extensions
(list (service-extension account-service-type
- (const %gitile-accounts))
+ gitile-accounts)
+ (service-extension activation-service-type
+ gitile-activation)
(service-extension shepherd-root-service-type
gitile-shepherd-service)
(service-extension nginx-service-type
base-commit: aeba4849b42b4d3ac75341ac4b61843c1fe48181
--
2.41.0
Nguyễn Gia Phong <mcsinyx@HIDDEN>:pelzflorian@HIDDEN, ludo@HIDDEN, matt@HIDDEN, maxim.cournoyer@HIDDEN, guix-patches@HIDDEN.
Full text available.pelzflorian@HIDDEN, ludo@HIDDEN, matt@HIDDEN, maxim.cournoyer@HIDDEN, guix-patches@HIDDEN:bug#71143; Package guix-patches.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.