On Thu, Feb 04, 2010 at 02:46:57PM +1300, martin f krafft wrote: > also sprach Sitaram Chamarty <sitaram@xxxxxxxxxxx> [2010.02.04.1428 +1300]: > > I'm ok with symlinking stuff; a couple of "cp" commands > > would change to "ln" :) Let me try it out (and make sure it > > works for upgrades also...) > > ln -sf even. yup... > also sprach Sitaram Chamarty <sitaram@xxxxxxxxxxx> [2010.02.04.1435 +1300]: > > I forgot... part of the reason this "copy all hooks over each time > > you run install" is also to give people an easy way to update the > > hooks when the repo was *copied* from elsewhere, and not *created* > > by gitolite in the first place. > > > > Basically I'm paranoid about that "update" hook, without which the > > branch level access control doesn't work at all. > > Wouldn't it thus make sense to check during authentication that the > symlink exists and points to the right file, and to deny access > completely if that isn't the case? Yeah I guess that's easy enough really... just need to include a way to tell the code what is the right file to point to. (Currently it's all inside $GL_ADMINDIR but in the APT case that may not be true...?) > Having a mass-update command for this might be nice, but I suppose > it's also a trivial shell one-liner... > > for i (**/*.git/hooks/update) \ > ln -sf ~git/.gitolite/src/hooks/update $i > > (this is zsh, not sure bash can do this yet) This has to work on systems that don't even have bash (like plain old sh personality of ksh), leave alone zsh :) Not saying it's hard; just a "find" in backticks. I'd still rather put it inside the perl code somewhere that already gets run anyway, as it is now... -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html