On 2020-06-22 at 19:40:15, Michael Ward wrote: > We have some repositories we are hosting here using Apache's DAV module to > handle remote connections. > > The repositories are created using the following: > > mkdir [reponame].git > cd [reponame].git > git --bare init > git update-server-info > > Our Apache location directive is as follows: > > <Location /[reponame].git> > DAV on > AuthType Basic > AuthName "Git" > AuthBasicProvider ldap > AuthLDAPUrl [ldap server info] > <RequireAny> > require [ldap filter] > </RequireAny> > </Location> > > The repository config generates with the values in the core section below, > and we add the receive and advice sections: > > [core] > repositoryformatversion = 0 > filemode = true > bare = true > [receive] > denyNonFastForwards = true > denyDeletes = true > [advice] > pushFetchFirst = true > > The odd behavior comes when we have git 1 vs git 2 clients attempting to > push in changes on the same branch. Git 1 clients will prompt the user that > they are out of date and need to pull. Git 2 clients don't and will force > push and overwrite the head revision. This occurs with either Git 1 or Git 2 > on the server. Are you seeing this behavior when users are doing a force push, or just a regular push? I see that there exists code for the DAV-based protocol to fail if a user attempts a regular push and is out of date, but I haven't verified it works. If you're seeing this when users are doing a force push, then that's expected. The receive.* options have no effect here, since those require an appropriate git process to run on the server, and you're using the dumb (DAV-based) protocol, not the smart protocol. Therefore, no git process runs on the server, so all the checking is done on the client side and the client side allows force pushes with an appropriate option. If you want to have more control over what's pushed, you'll need to use the smart protocol instead, which is outlined in the git-http-backend documentation. As a note, there are a lot of differences between Git 2.0.0 and the latest version, Git 2.27.0, so it's probably best if you mention the full version when reporting issues. You haven't mentioned the specific versions you're using, but it's possible if you're using the CentOS 6 or 7 versions that they simply didn't support force pushing in this way. -- brian m. carlson: Houston, Texas, US OpenPGP: https://keybase.io/bk2204
Attachment:
signature.asc
Description: PGP signature