Hello all,

I try to setup the git-http-backend with apache webserver on my ubuntu 
14.04 but it does not work as it should. I read the documention about this 
on http://git-scm.com/docs/git-http-backend and also searched for it. But 
something went wrong for me. So first of all my configuration.
ComputerA should host the "central" repository using git version 2.4.3 and 
Apache/2.4.7. And this central repository should be accesable for anonymus 
pull but push should be protected. The users are stored in a ldap 
directory. So since public read and protected write is exactly what the doc 
does in the example it should not be so hard I thought. 

So here is my apache config:
    SetEnv GIT_PROJECT_ROOT /srv/git/repositories
    ScriptAlias /git/ /usr/lib/git-core/git-http-backend/

    RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
    RewriteCond %{REQUEST_URI} /git-receive-pack$
    RewriteRule ^/git/ - [E=AUTHREQUIRED:yes]
    <LocationMatch "^/git/">
        Order Deny,Allow
        Deny from env=AUTHREQUIRED

        AuthType Basic
        AuthName "Developer Login"
        AuthBasicProvider ldap
        AuthLDAPBindDN "cn=apache_service_user,dc=domain"
        AuthLDAPBindPassword "secret"
        AuthLDAPURL  "ldap://ldap_server.domain/ou=Users,dc=domain?uid?sub";
        AuthLDAPGroupAttribute memberUid
        AuthLDAPGroupAttributeIsDN off
        Require ldap-group cn=developers_group,ou=Groups,dc=domain

        Satisfy Any

Beside the LDAP part and some path changes, prety the example config I 

So, with this config I have the following behavior. 

   1. pull work fine for everybody. 
   2. push does not work for anybody. No credentials are asked.
So for push I get the following respond:
fatal: unable to access 'http://server.domain/git/project/': The requested 
URL returned error: 403

The doc tells that this is normal, since the git client never get's the 
chance to ask for the credentials. So it tells, set "http.receivepack" and 
this will work. 

So I set the option to true in my bare repositorys config:
     receivepack = true

But now, something strange happen. I have following behavior:

   1. pull work fine for everybody. 
   2. push work for everybody. No credentials are asked.

So now I have a repository that is not protected at all. Just everybody can 
read and write. 

Well I have no idea what's the problem here. Maybe you guys can help?
Thanks for your time.

You received this message because you are subscribed to the Google Groups "Git 
for human beings" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to git-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to