nginx+fcgiwrap versus mercurial

Augie Fackler raf at durin42.com
Thu Mar 19 14:54:12 UTC 2020


What does your bash script look like? I'm dubious that will work, as hg's web bits are exposed via WSGI.

> On Mar 18, 2020, at 04:35, Robin Becker <robin at reportlab.com> wrote:
> 
> I am trying to use a simple bash cgi script with nginx+fcgiwrap under ubuntu 18.04.
> The script runs as a non www-data user (using a setuid/setgid method).
> 
> When I try
>  hg pull
> 
> or the more complex
>  /usr/bin/ssh myhost /bin/sh -l -c "'cd $(pwd) && hg pull'"
> 
> which work fine as the user when run from a shell I find that the cgi just hangs.
> In the shell neither of the above methods needs a user/pasword.
> 
> I tried this as well
> socat - EXEC:'hg pull',pty,setsid,ctty
> 
> and the hg pull starts to work with a message saying where it's pulling from, but I then see immediately after a message (killed) in the script output.
> 
> I used the simple hg pull in a script some 5 years ago, but I guess the way fcgiwrap works has changed to become more secure.
> 
> Anyone got any understanding of what's going on?
> 
> I have a work around by using a url like ssh://myhost//path-to-repo
> -- 
> Robin Becker
> _______________________________________________
> Mercurial mailing list
> Mercurial at mercurial-scm.org
> https://www.mercurial-scm.org/mailman/listinfo/mercurial




More information about the Mercurial mailing list