nginx+fcgiwrap versus mercurial
Augie Fackler
raf at durin42.com
Thu Mar 19 14:54:12 UTC 2020
What does your bash script look like? I'm dubious that will work, as hg's web bits are exposed via WSGI.
> On Mar 18, 2020, at 04:35, Robin Becker <robin at reportlab.com> wrote:
>
> I am trying to use a simple bash cgi script with nginx+fcgiwrap under ubuntu 18.04.
> The script runs as a non www-data user (using a setuid/setgid method).
>
> When I try
> hg pull
>
> or the more complex
> /usr/bin/ssh myhost /bin/sh -l -c "'cd $(pwd) && hg pull'"
>
> which work fine as the user when run from a shell I find that the cgi just hangs.
> In the shell neither of the above methods needs a user/pasword.
>
> I tried this as well
> socat - EXEC:'hg pull',pty,setsid,ctty
>
> and the hg pull starts to work with a message saying where it's pulling from, but I then see immediately after a message (killed) in the script output.
>
> I used the simple hg pull in a script some 5 years ago, but I guess the way fcgiwrap works has changed to become more secure.
>
> Anyone got any understanding of what's going on?
>
> I have a work around by using a url like ssh://myhost//path-to-repo
> --
> Robin Becker
> _______________________________________________
> Mercurial mailing list
> Mercurial at mercurial-scm.org
> https://www.mercurial-scm.org/mailman/listinfo/mercurial
More information about the Mercurial
mailing list