On Sun, 16 Jun 2024 03:41:57 -0500 "David C. Rankin" <drankinatty@xxxxxxxxx> wrote: > All, > > After recent git update, read only repos hosted on a local Apache > server could no longer pull over https. (gitweb remained fine) > Repositories closed read/write over ssh were fine. > > On the server the repositories under /srv/git were owned > david:david (me). However, after the git change, git refused to serve > over https unless the directories under /srv/git were owned by http. > > Fine, change made - but now repos cloned read/write over ssh fail > because the directory under /srv/git is no longer owned by me. > > How do you make git repositories hosted on my local server allow > clone/pull over https AND allow me to still close read/write over ssh? > > Catch 22, > > unless /srv/git/xxx.git is http:http, https fails > > unless /srv/git/xxx.git is david:http, ssh fails > > Anybody else caught be this? > > The server is configured > per https://wiki.archlinux.org/title/Git_server and the scm-git.com links. > > The "Note: Make sure that Apache can read and write to your > repositories." seems incomplete. It's not just "read and write" it is > "must own" for https and "can't own" for ssh? How to solve? What about: create a dedicated "git" user, and run apache as user git? After all when new files are to be created they will have owner=running program, which could be a CGI program launched from apache, or a git program launched from SSH. If these are two different users it'll likely become a mess.
