I set up a fossil repository on a shared hosting account I have. I created a perl script fossil.pl that points to a cloned repository that I put up on the webspace. I set all the correct permissions (755). When I go to fossil.pl I get the web ui. Everythings cool. However I'm having a problem with pushes and hoping someone could point me to a solution.
When I clone a repository it sets a new password for me (Toby) in the new cloned repository. If I push to this repository online without changing the password it works fine, I can push up changes from my local machine to the online repository. However once I change the password for Toby (to something more easily remembered by me) I get the following error.
Bytes Cards Artifacts Deltas Send:
1810 9 0 2
1Server Error: not authorized to write
fossil: server says: not authorized to
write
Anyone know why this is happening? Anyone know how to fix it?
Fossil recently changed the details of how it saves passwords, which impacted the way authentication is done during clone, push, pull and sync.
One result of that change is that the initial password for the first user account created for you by the clone stores the password the old way, but changing any password updates it to the new way. To force all password records in a repository to use the new method use "fossil test-hash-passwords".
I would verify that both copies of fossil are after that revision, upgrading both ends as needed.
Note that if upgrading to the most recent versions available, you must do "fossil rebuild" on the server (and locally too for any clones) due to changes in the database schema. Since that is always safe to do, it is wise to do it after any upgrade.
Up until recently users and passwords were never cloned across. It's generally a good idea, when you clone, to make sure password on local and your remote are identical, and test it with a sync.
Related
I have created a deploy key according to the windows instructions here
But instead of using the deploy key that has just been set up, git push instead asks for credentials, first with a pop up, then with an SSH pop up, then in the git bash command line itself! This is quite shocking because the whole purpose of a deploy key is to avoid having to provide access to an entire github account
Given I have followed github's own instructions precisely and this isn't working, I am lost as to what to do next.
Notes
Some time ago, somehow, I set up a deploy key successfully on the same (windows) server. So perhaps the > 1 key on the machine is confusing some part of the process. I am not sure this has anything to do with it though.
I can see here that github expects keys to be named id_rsa and id_rsa.pub, but given this is my second deploy key running on this particular server, I named the second set differently so as to avoid overwriting the original set (the original set are still there, there are just two more files in C:\Users\[YOUR-USER-NAME]\.ssh\)
I can't find any instructions on how to reset the password for git push command on Windows. I'm using GitBash. I have used this same password since 2014, but can not remember it now. When I type
git push origin master
I get back
remote: Invalid username or password.
I have managed to forget what it is. I went through the process of installing a brand new SSH key with hope that in the process I would also reset the password then, but no luck. I also visited this page https://github.com/password_reset. I get back "email not found" message when I type in my email. I also went to their contact page (https://github.com/contact) and sent them an email. Their message there was "Thanks for getting in touch with us. We’ll get back to you shortly." I think their use of "shortly" is rather liberal - it has been over 5 hours. If anyone has instructions on resetting this password, please post back, SOS :)
Well, I finally figured out what had to happen. My password from what I understand stopped working, because my company changed the sign-in process. I followed this quick guide here (https://help.github.com/enterprise/2.5/user/articles/creating-an-access-token-for-command-line-use/) and it worked like a charm. I'm using the token instead of the password now.
Hope someone will be be able to help: I've installed GitLab and for a few days it seems that worked ok (I could push and pull only from a client but not from the machine that runs GitLab itself), however that's no longer the case. I have been working on the server (its my own server that I've setup for development/learning/personal stuff but I don't believe I've changed anything that could affect Gitlab, so I'm don't know what to do.
At the moment I can't push or pull from either my local machine (OS X 10.8.3) not from my server (Ubuntu 12.0.4). I've run the test several times and all is green. When I do git config user.name or git config user.email it comes back with my name and email respectively. I've also searched online but couldn't find anyone in exactly the same situation, however I did try many of the approaches suggested: I've deleted and generated more ssh keys, changed config in /home/git/gitlab/config.yml to reflect my setup (I'm running apache). My GitLab is 5.2 and I've followed the instruction on GitLab's homepage. In order to make it working with apache instead of nginx I've followed the instructions here:. This question seems the closest to describe my problem, however the solution is not clearly described, so I couldn't follow. The web ineterface works fine and I can commit either from my local machine (using sshfs) and my server. I just can't push or pull. The error I get is:
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
I'd appreciate any help. I've been struggling with this for days now and I'm on the brink of give GitLab up...
Many thanks
EDIT: On my server I've got three accounts: user1 (main, first user, root), user2 a sudoer that also has admin privileges and git which also is a sudoer. After more investigating, I'm pretty sure this is a problem of me messing up with permission and the ssh key. Can someone point me out: when I generate the ssh key, which user should I be logged in as? In which computer should I generate this key? On my server or my Mac? Also, when I've tried push from my server directly (I was physically logged in the server rather than sshed to server via my Mac) GitLab was asking for git's password. I then generated a key logged as git on the server and added to GitLab through the web interface and the error appeared again (the same as before). Still not fixed.
The problem in my case was that I changed the git credentials on my local machine (when you create a new repo, you set the user name and email Git and git#localhost respectively) that I had changed and didn't realise. That's why every time I was trying to either push or pull I got the error. Once that was changed back to the correct settings, Gitlab started working again. Leaving as it might be helpful to someone.
I currently am experimenting with setting up a GIT repository server so we can switch from SVN to GIT. I've got almost everything covered, but am left with an issue.
The current setup is as follows:
All developers (and non-developers) have a user accounts & correct groups because the server is a NIS client
All repos are made in /var/git/
All pulling/pushing is done over ssh
This works perfectly so far, and eliminates the need for gitosis or gitolite.
Because I would like to have a browsable overview of the repositories I've set up gitweb including pathinfo. Because the repos are private I've set up authentication through Perl AuthenNIS and this works, but here I encounter a problem.
It is undesired that all developers have access to all repositories, but gitweb just shows every repository it (the apache user) can read.
So my question is: is it possible to make gitweb only show the GIT repo's the currently logged in user has access to?
Possible solutions:
Further access control through .htaccess. The pathinfo would enable this but it wouldn't prevent the repo's from being accessed through non-pathinfo URLs (e.g. /repo.git/ wouldn't work but /gitweb.cgi?p=repo.git would)
Setting up a full gitosis/gitolite environment and integrating it into gitweb (essentially this). I would like to prevent this because the overhead is undesirable
Making gitweb run as the authenticated HTTP user. This would fix all the access control problems but I don't know how to do this
gitweb's $export_auth_hook in combination with $cgi->remote_user seems promising, but my understanding of perl is too limited to use it (the hook would need to verify that the user has permission to access the repo directory before showing/exporting it)
Is there anyone who knows how to make 3 or 4 work or has another solution?
If developers are pushing/pulling from the repository server using ssh under (I presume) their own user names, then perhaps the easiest way to accomplish what this is to find a way to run gitweb or git under that user's identity.
For instance, find a way to add an authentication hook before gitweb is executed. Then add a wrapper around gitweb that executes sudo -u $user gitweb.real where $user is the authenticated user name.
Or, you could just wrap the git command, i.e. have gitweb execute a wrapper which does a sudo -u $user {real-git-path}.
For implementing authentication against NIS/PAM in Apache, have a look at mod_auth_external
While checking out some files from our CVS repository the other day I noticed that someone else that no longer works here already had the file checked out. It seems that he didn't undo his checkouts before he left so they are now left stuck in the repository. His user accounts and files have already been removed so there's no way I could just log onto his machine and undo the checkouts.
Is there a way to remove these checkouts on the server?
Thanks
Judging by your mention of fileattr.xml in your comments it sounds like you're using CVSNT. In that case, removing those files from the repository is indeed a feasible, but rather brute-force approach. If your VS-plugin does indeed use CVSNT's reserved edit command to implement the exclusive checkouts then the following command should have removed the edit locks as well:
cvs unedit -u <username> <files...>
(where <username> is the name of the user currently holding the "lock")
This requires that your user account is regarded as an admin by the CVS server, though. There are various ways to do this, the simplest being listing your user name in the CVSROOT/admin file. If I remember correctly, CVSNT also supports repo admins via a special windows user group. You'd have to check the documentation for specifics.