Ritesh Raj Sarraf <r...@debian.org> writes: > For whatever be the reason, gitolite3 expects its $HOME path to be executable. > Whereas typical non-root file systems on Linux are treated as data partitions > and their mount options usually are set to not allow execution, suid and other > stuff.
Typical or no, I've never used such a setup. I understand there might be some argument for supporting it, similar to wanting to support read-only /usr. I expect the need to run executables is related to hooks. Gitolite needs the git update hook to do fine grain authorization checks [1], and the post-update hook in the gitolite-admin repo. The main copies of these hooks live in $HOME/.gitolite This could be symlinked to another directory, but I'm not sure where would be a good idea, since it is specific to that particular gitolite user. So it seems simplest just to put the gitolite user home directory somewhere mounted without noexec. It might make sense to document this requirement in README.Debian. [1]: http://gitolite.com/gitolite/gitolite.html#how-does-it-work for the short version http://gitolite.com/gitolite/how.html for a longer slideshow version.
