changegroup hook Linux httpd cgi

Simon King simon at simonking.org.uk
Tue Feb 21 16:50:21 UTC 2017


If those permissions are accurate, I don't think adding a [trusted] section
would make any difference.

Do you have any evidence that the .hg/hgrc file is being read at all? You
could try adding something like this:

[hooks]
pretxnchangegroup.abort = false

With that in place, pushing to the repository should fail. If it succeeds,
the hgrc file is being ignored.

Either way, the output from "hg push --debug" might be useful.

Simon

On Tue, Feb 21, 2017 at 3:23 PM, Jérôme Godbout <jerome at bodycad.com> wrote:

> httpd run as apache user
>
> ls -l /mnt/hg/.hg
> -rwxrwxrwx. 1 apache apache 239 Jan 18 12:26 hgrc
>
> ls -l /mnt/hg
> -rwxrwxrwx.  1 apache apache 169 Feb 20 13:37 refresh_repos
>
> The error log have nothing into it that (both error_log and the vhost
> error log).
>
> Should I add the following somewhere (hgweb.config, hgrc) ?
>
> [trusted]users = apache
>
>
> [image: bodycad] <https://www.bodycad.com/>
> Jerome Godbout
> Software Developer
> 2035 rue du Haut-Bord, Québec, QC, Canada. G1N 4R7
> T:  +1 418 527-1388 <(418)%20527-1388>
> E: jerome at bodycad.com
> www.bodycad.com
>
> The contents of this email message and any attachments are intended solely
> for the addressee(s) and may contain confidential and/or privileged
> information and may be legally protected from disclosure. If you are not
> the intended recipient of this message or their agent, or if this message
> has been addressed to you in error, please immediately alert the sender by
> reply email and then delete this message and any attachments. If you are
> not the intended recipient, you are hereby notified that any use,
> dissemination, copying, or storage of this message or its attachments is
> strictly prohibited.
>
> Le contenu de ce message et les pièces jointes sont destinés uniquement
> pour le(s) destinataire(s) et peuvent contenir des informations
> confidentielles et / ou privilégiées qui peuvent être protégées légalement
> contre toute divulgation. Si vous n'êtes pas le destinataire de ce message
> ou son agent, ou si ce message vous a été adressé par erreur, s’il vous
> plaît avertir immédiatement l'expéditeur par courriel de réponse, puis
> supprimer ce message et les pièces jointes. Si vous n'êtes pas le
> destinataire prévu, vous êtes par la présente informé que toute
> utilisation, diffusion, copie, ou stockage de ce message ou de ses pièces
> jointes est strictement interdit.
>
> On Tue, Feb 21, 2017 at 5:54 AM, Simon King <simon at simonking.org.uk>
> wrote:
>
>> On Mon, Feb 20, 2017 at 7:55 PM, Jérôme Godbout <jerome at bodycad.com>
>> wrote:
>>
>>> Hi,
>>> I'm trying to have a repos on a mount drive that is used by multiple VM
>>> under different OS (Windows, Linux). This save a lot of disk space and the
>>> lock is just fine for that use case.
>>>
>>> I was trying to add a hook that could be execute cross platform. In my
>>> *.hg/hgrc* I added this:
>>>
>>> *[hooks]*
>>> *changegroup.refresh_repos = refresh_repos*
>>>
>>> In my root repos directory I made a *refresh_repos.cmd* file and a *refresh_repos
>>> *shell script. Both script execute into command line just fine. The
>>> Windows mount seem to perform the hook properly and the refresh is perform
>>> after a push to the drive localy. But the Linux machine that do the httpd
>>> cgi hgserve doesn't seem to perform the hook properly.
>>>
>>> I was wondering if the entry into the hgrc for Linux should be made
>>> differently (path wise *./resfresh_repos*) ?
>>>
>>> Or does the hgserve perform the hgrc hook at all? Do I have to add the
>>> hook inside the *hgserve.config* used by cgi script?
>>>
>>> Inside the .cgi script
>>> *from mercurial import demandimport; demandimport.enable()*
>>> *from mercurial.hgweb import hgweb, wsgicgi*
>>> *application = hgweb("**hgserve.config"**)*
>>> *wsgicgi.launch(application)*
>>>
>>>
>>> Is there any permission involved here? does the file need a special
>>> permission inside Apache ? pushing/pulling to that drive work just fine and
>>> the script file have the apache:apache with rx permission. Is apache aware
>>> that the python script access a file outside and block it?
>>>
>>>
>> Are there any messages from mercurial in the Apache error log? One
>> possible problem is the ownership of the hgrc file. If the cgi script runs
>> as apache:apache, then the hgrc file must usually also be owned by the same
>> user. See https://www.mercurial-scm.org/wiki/Trust for details.
>>
>> Hope that helps,
>>
>> Simon
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mercurial-scm.org/pipermail/mercurial/attachments/20170221/396f83ba/attachment-0002.html>


More information about the Mercurial mailing list