Re: [gitorious] Enforce user.email
Hi Steven, I think this is the way it's supposed to work. In Git terms, when I do a "push", I'm not implying that I am the author of any commits that I'm pushing. I may have gotten all the commits from somewhere else entirely. For example, when I clone the gitorious mainline repository into my own personal clone, most of the commits are authored by Marius, Christian, Thomas, etc, even though it's my personal clone. I like to periodically keep my clone in sync with the upstream mainline, so I periodically do a pull from the upstream remote, and then push to my personal clone. When I push, the authorships don't change. So what you're discussing really works against the idea of how Git is designed to work - in effect, you'd be rewriting the historical authorship of any commits that weren't directly authored by these freelancers. (A follow-up question might be: "If I can set *any* value in my "user.email" git configuration, what prevents me from completely faking the authorship of some of my commits?" The reality is that for normal Git commits, you could put anyone's email address as the author. However, Git does provide the ability to GPG-sign commits. If Git authorship is ever in question, it's important to only really rely on the GPG-signed information, and never on what names appear to have been pushed to some random Git repo.) In your freelancing situation, you might be able to set up set up repository hooks to enforce that users can only push commits where the "Author" value only matches their Gitorious username. Technically this would meet your request, but here are the problems with it: This has the same problem with rewriting historical authorship as I mentioned above. For example, what happens when they try to import some open-source code from a public open-source project? Unless you use git submodules, your devs would have to rewrite every commit to make it appear as though they've authored each one. You'd lose the valuable Git authorship metadata, and if your code ever went public (intentionally or otherwise ;) the original upstream developers might be sad to see that you're rewriting the authorship on their commits. This also has problems when your devs simply cherry-pick a fellow co-worker's commit onto another branch. The original Git cherry-pick mechanism preserves authorship, but when you enforce something like what you're describing, the cherry-picking developer must mangle the commit to appear to be come from a different author. This will become more confusing as the projects grow and you have more branches to maintain. If at all possible, I would try to enforce this via social norms (talking to the devs who are doing the multiple-email thing) rather than reaching for technical norms. Git's user.email is available to configure per-repository, and maybe these particular developers just don't know how to do that? - Ken On Thu, Apr 11, 2013 at 8:48 AM, Steven Deal wrote: > I feel this may be more a git issue and outside the role of gitorious. Does > gitorious support any enforcement that a user's git user.email configuration > matches the email address associated with their account? I certainly > understand a 'why would anyone care?' But from what I've seen just > experimenting with my new install of gitorious, if I set my user.email to > match my gitorious account, it identifies the commit with my account (shows > the avatar etc.); but, if I change the email address and push a new change, > it treats it as a commit by another user (who happens to have the same name > I suppose). Given I work with freelance developers who may at anytime be > working for multiple clients and have as many email addresses, I wish there > was a way to use the name/email address that has been setup in gitorious for > the ssh key that's pushing a change. > > -- > -- > To post to this group, send email to gitorious@googlegroups.com > To unsubscribe from this group, send email to > gitorious+unsubscr...@googlegroups.com > > --- > You received this message because you are subscribed to the Google Groups > "Gitorious" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to gitorious+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > > -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[gitorious] Re: All LDAP functionality fails after update containing ldap group feature
Hi I got same problem too. It's empty even in teams there are few ldap group teams. v2.4.12 Le vendredi 18 janvier 2013 23:23:45 UTC+1, Paul Ruiz a écrit : > > Since updating to the tag that included ldap groups; > new users aren't able to login/auto-register while previously existing > users are able to continue logging in, > viewing /teams displays no teams though teams exist in the DB and > results in an exception (attached:exception2.txt) > viewing projects created before the update results results in a "Sorry, > something went wrong" page and a logged exception (attached:exception1.txt) > new projects can be created but 'Edit project'->'Transfer ownership to a > group' is empty. > > LDAP worked before the update and authorization.yml config change. > Removing the group related LDAP options and restarting has no effect. A > packet capture shows that gitorious never attempts to contact the > configured LDAP host. I've attached the exceptions and my gitorious.yml > and authentication.yml. > > Gitorious v2.4.5 > Centos 6.3 x86_64 with all updates. > Gitorious originally installed using Community Edition installer, > 11/25/2012, and manually updated with each point release. > > Any help would be much appreciated. If I can't figure this out soon, I'll > need to start over from scratch. > -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[gitorious] Re: Cannot reset password, cannot git push from git bash
Super. All fixed. Many thanks! -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [gitorious] Cannot reset password, cannot git push from git bash
mark.hamm...@bto.org writes: > Thanks for that, > > Managed to change my password once I logged in with fully qualified name, > but command line still causing issues: > > markha@2K3CN4J /d/BTO-Web-Bean/web-lib (master) > $ git pull > markha@[git server]'s password: > Permission denied, please try again. > markha@[git server]'s password: > Permission denied, please try again. > markha@[git server]'s password: > Permission denied (publickey,gssapi-with-mic,password). > fatal: The remote end hung up unexpectedly The Git URL for your origin remote should include the username (git). Yours seems to be: markha@[server] while it should have been git@[server] You can change the URL either by updating .git/config in your repository manually, or by using git remote set-url origin git@[server]:[path/to/repo.git] Cheers, - Marius -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [gitorious] Cannot reset password, cannot git push from git bash
Thanks for that, Managed to change my password once I logged in with fully qualified name, but command line still causing issues: markha@2K3CN4J /d/BTO-Web-Bean/web-lib (master) $ git pull markha@[git server]'s password: Permission denied, please try again. markha@[git server]'s password: Permission denied, please try again. markha@[git server]'s password: Permission denied (publickey,gssapi-with-mic,password). fatal: The remote end hung up unexpectedly Comments -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: [gitorious] Cannot reset password, cannot git push from git bash
mark.hamm...@bto.org writes: > Git was set up by a former colleague for us here and had been working fine. > > I can still GIT PULL/PUSH from within Netbeans, however I needed to do some > operations from GIT BASH shell, and upon GIT PUSHing, it prompted me for my > password. > This is where the trouble started. > > Couldn't remember what my password was, so went to the web interface. Tried > a password, rather than saying the password wasn't recognised, it freaked > out with the "Sorry, something went wrong" page - it also sent a a massive > turd email to the admin email address recorded it had been set up for. > > I tried to have a password reset email sent, but upon entering my email > address and clicking SEND, I got to the same "Sorry, something went wrong" > page. > > Find attached the email that was dumped out. I have edited this email > because it contained the password I entered in PLAIN TEXT, which didn't > strike me as terribly safe > As far as I know, nothing has been changed or updated on the server in some > time, so I'm at a loss to explain this sudden failure. Mark, First of all: the email you forwarded suggests that there's a mismatch between the CSRF (Cross Site Request Forgery) token stored in your user session and the one rendered in the form in your browser. I see that you used "http://git/"; in the URL, which means that you probably didn't get a session cookie at all; Gitorious needs a fully qualified domain name (ie. containing at least one period) for sessions to work. I would assume your server has a fully qualified address, you should use that one in your browser. The config/gitorious.yml file on your server specifies which FQDN your server is configured as, this value should match the hostname you use when connecting. Are you sure it was the Gitorious server prompting you for a password, not the ssh client asking you for the SSH passphrase? If it's not the password, try running SSH directly: ssh git@ Cheers, - Marius -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
[gitorious] Cannot reset password, cannot git push from git bash
Git was set up by a former colleague for us here and had been working fine. I can still GIT PULL/PUSH from within Netbeans, however I needed to do some operations from GIT BASH shell, and upon GIT PUSHing, it prompted me for my password. This is where the trouble started. Couldn't remember what my password was, so went to the web interface. Tried a password, rather than saying the password wasn't recognised, it freaked out with the "Sorry, something went wrong" page - it also sent a a massive turd email to the admin email address recorded it had been set up for. I tried to have a password reset email sent, but upon entering my email address and clicking SEND, I got to the same "Sorry, something went wrong" page. Find attached the email that was dumped out. I have edited this email because it contained the password I entered in PLAIN TEXT, which didn't strike me as terribly safe As far as I know, nothing has been changed or updated on the server in some time, so I'm at a loss to explain this sudden failure. Any help would be greatly appreciated. Mark -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out. -- Computing Support British Trust for Ornithology, The Nunnery, Thetford, Norfolk IP24 2PU, UK Tel: +44 (0)1842 750050, fax: +44 (0)1842 750030 Registered Charity No 216652 (England & Wales) No SC039193 (Scotland) Company Limited by Guarantee No 357284 (England & Wales) -- Forwarded message -- From: Exception Notifier Date: 12 April 2013 09:23 Subject: [ERROR] sessions#create (ActionController::InvalidAuthenticityToken) "ActionController::InvalidAuthenticityToken" To: comps...@bto.org A ActionController::InvalidAuthenticityToken occurred in sessions#create: ActionController::InvalidAuthenticityToken [RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/request_forgery_protection.rb:79:in `verify_authenticity_token' --- Request: --- * URL : https://git/sessions * IP address: 10.1.2.33 * Parameters: {"commit"=>"Log in", "openid_url"=>"", "method"=>:get, "action"=>"create", "authenticity_token"=>"/BGcCCgFkrPfR2TC6JZxLwk8pPVSDQPfezirCKFOb4U=", "controller"=>"sessions", "password"=>"[FILTERED]", "email"=>"mark.hamm...@bto.org"} * Rails root: /usr/local/git/gitorious --- Session: --- * session: {:_csrf_token=>"6WhM6uo6jNaVIFuJIfWOSjUvV8iu00NTKuy1wWpf6OQ=", :session_id=>"9f53d335a43cdf7f4031548ac03de501"} --- Environment: --- * CONTENT_LENGTH : 140 * CONTENT_TYPE: application/x-www-form-urlencoded * DOCUMENT_ROOT : /usr/local/git/gitorious/public * HTTPS : on * HTTP_ACCEPT : text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 * HTTP_ACCEPT_ENCODING: gzip, deflate * HTTP_ACCEPT_LANGUAGE: en-gb,en;q=0.5 * HTTP_CONNECTION : keep-alive * HTTP_HOST : git * HTTP_REFERER: https://git/login * HTTP_USER_AGENT : Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0 * PASSENGER_CONNECT_PASSWORD : [FILTERED] * PATH_INFO : /sessions * QUERY_STRING: * REMOTE_ADDR : 10.1.2.33 * REMOTE_PORT : 50824 * REQUEST_METHOD : POST * REQUEST_URI : /sessions * SCRIPT_NAME : * SERVER_ADDR : 10.1.100.41 * SERVER_ADMIN: comps...@bto.org * SERVER_NAME : git * SERVER_PORT : 443 * SERVER_PROTOCOL : HTTP/1.1 * SERVER_SOFTWARE : Apache/2.2.3 (CentOS) * UNIQUE_ID : n5vUpgoBZCkAAFI9P3IB * _ : _ * action_controller.request.path_parameters : methodgetactioncreatecontrollersessions * action_controller.request.query_parameters : * action_controller.request.request_parameters: openid_urlcommitLog inauthe
[gitorious] Enforce user.email
I feel this may be more a git issue and outside the role of gitorious. Does gitorious support any enforcement that a user's git user.email configuration matches the email address associated with their account? I certainly understand a 'why would anyone care?' But from what I've seen just experimenting with my new install of gitorious, if I set my user.email to match my gitorious account, it identifies the commit with my account (shows the avatar etc.); but, if I change the email address and push a new change, it treats it as a commit by another user (who happens to have the same name I suppose). Given I work with freelance developers who may at anytime be working for multiple clients and have as many email addresses, I wish there was a way to use the name/email address that has been setup in gitorious for the ssh key that's pushing a change. -- -- To post to this group, send email to gitorious@googlegroups.com To unsubscribe from this group, send email to gitorious+unsubscr...@googlegroups.com --- You received this message because you are subscribed to the Google Groups "Gitorious" group. To unsubscribe from this group and stop receiving emails from it, send an email to gitorious+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.