Hello folks, first of all sorry for "misusing" the lis for this question of mine. But maybe someone already has setup devel/git over HTTPS and it is working. I fail for several days for now and I'm unable to find the problem.
After realized that the content of the book "Pro Git" by Chacon and Straub is outdated (chapter 4: git on the server, Smart HTTP p. 89) compared to the website at https://git-scm.com/book/en/v2 and none of the examples of the book nor those taken from several websites I've found, I checked out the explanations for git-http-backend taken from GitHub, git documentation, "git-http-backend - Server siede implementation of Git over HTTP. Also, this approach failed. Now I'm getting gray hair ... The setup is simple, the aim is as simple as well. We have to authenticate each pull/clone and each push. We're running a subversion server over https this way, were every valid user is authenticated against LDAP. This type of authentication works well, not only for svn via https. All right, the setup is as follows. The base is located on ZFS at /pool/gitbase/ and its owned by www:www. A test repos has been initilaised via "git init --shared --bare test.git", also owned by www:www (chown -R www:www test.git): :/pool/gitbase # ll total 65 34 drwxr-xr-x 6 www www uarch 7B Mar 21 15:42 ./ 321028 drwxr-xr-x 25 root wheel - 512B Mar 24 18:45 ../ 324 drwxrwxr-x 7 www www uarch 10B Mar 14 16:25 ports.git/ 3 drwxrwxr-x 7 www www uarch 10B Mar 21 15:45 test.git/ From the GitHub documentation of git's git-http-backend (by the way: devel/git is installed and at 2.31, the latest available port in the tree so far), I followed the recommenadation starting with " ... To require authentication for both reads and writes, use a Location directive ...". The setup for Apache 2.4 (port www/apache24) is as follows, the service is realised as service as folder (in contrary to a service a vhost, which we do not use at the moment): [...] SetEnv GIT_PROJECT_ROOT /pool/gitbase SetEnv REMOTE_USER $REDIRECT_REMOTE_USER #SetEnv GIT_HTTP_EXPORT_ALL ScriptAlias /git/ /usr/local/libexec/git-core/git-http-backend/ <Directory "/usr/local/libexec/git-core/"> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch <RequireAll> Require ssl Require user committer </RequireAll> <Files "git-http-backend"> <RequireAll> Require ssl Require user committer </RequireAll> AuthType basic AuthName "Git Access" AuthBasicProvider ldap-alias1 ldap-alias2 </Files> AuthType basic AuthName "Git Access" AuthBasicProvider ldap-alias1 ldap-alias2 </Directory> <Location "^/git/.*"> Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch <RequireAll> Require ssl Require user committer </RequireAll> AuthType basic AuthName "Git Access" AuthBasicProvider ldap-alias1 ldap-alias2 </Location> [...] The above config example is one of endless trials and derived from a long thinking about the "problem" - without success. From the client, within the "test" repos which I want to push, git push -u origin master fails always with: Username for 'https://[url]': Password for 'https://committer@[url]': fatal: https://[url]/git/test.git/info/refs not valid: could not \ determine hash algorithm; is this a git repository? Checking the server's access log doesn't reveal anything wrong: [...] [remote IP] - [28/Mar/2021:11:01:01 +0000] "GET \ /git/test.git/info/refs?service=git-receive-pack HTTP/1.1" 401 1405 "-" "git/2.31.0" 840 6269 [remote IP] - committer [28/Mar/2021:11:01:09 +0000] "GET \ /git/test.git/info/refs?service=git-receive-pack HTTP/1.1" 200 1689032 "-" "git/2.31.0" 1023 1692144 Searching the web for the error info/refs not valid: could not determine hash algorithm; is this a git repository? results in several hints toward missing access rights to the git repo base directory, in this case /pool/gitbase/test.git. But Apache has already as user and group full access rights. What am I missing here? Kind regards and thank you very much in advance, O. Hartmann
pgp_4PvNi804r.pgp
Description: OpenPGP digital signature
