me
/
guix
Archived
1
0
Fork 0
Code

gnu: gitolite: Add unsafe-pattern configuration option. 

* gnu/services/version-control.scm (gitolite-rc-file): Add
unsafe-pattern field.
(gitolite-rc-file-compiler): Write it.
* doc/guix.texi (Version Control Services): Document it.
master
Julien Lepiller 2021-08-25 03:00:44 +02:00
parent 5dac09e263
commit cc16103861
No known key found for this signature in database
GPG Key ID: 53D457B2D636EE82
2 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
doc/guix.texi
View File

@ -31517,6 +31517,19 @@ A value like @code{#o0027} will give read access to the group used by Gitolite
(by default: @code{git}). This is necessary when using Gitolite with software (by default: @code{git}). This is necessary when using Gitolite with software
like cgit or gitweb. like cgit or gitweb.
@item @code{unsafe-pattern} (default: @code{#f})
An optional Perl regular expression for catching unsafe configurations in
the configuration file. See
@uref{https://gitolite.com/gitolite/git-config.html#compensating-for-unsafe_patt,
Gitolite's documentation} for more information.
When the value is not @code{#f}, it should be a string containing a Perl
regular expression, such as @samp{"[`~#\$\&()|;<>]"}, which is the default
value used by gitolite. It rejects any special character in configuration
that might be interpreted by a shell, which is useful when sharing the
administration burden with other people that do not otherwise have shell
access on the server.
@item @code{git-config-keys} (default: @code{""}) @item @code{git-config-keys} (default: @code{""})
Gitolite allows you to set git config values using the @samp{config} Gitolite allows you to set git config values using the @samp{config}
keyword. This setting allows control over the config keys to accept. keyword. This setting allows control over the config keys to accept.

8
gnu/services/version-control.scm
View File

@ -54,6 +54,7 @@
<gitolite-rc-file> <gitolite-rc-file>
gitolite-rc-file gitolite-rc-file
gitolite-rc-file-umask gitolite-rc-file-umask
gitolite-rc-file-unsafe-pattern
gitolite-rc-file-git-config-keys gitolite-rc-file-git-config-keys
gitolite-rc-file-roles gitolite-rc-file-roles
gitolite-rc-file-enable gitolite-rc-file-enable
@ -226,6 +227,8 @@ access to exported repositories under @file{/srv/git}."
gitolite-rc-file? gitolite-rc-file?
(umask gitolite-rc-file-umask (umask gitolite-rc-file-umask
(default #o0077)) (default #o0077))
(unsafe-pattern gitolite-rc-file-unsafe-pattern
(default #f))
(git-config-keys gitolite-rc-file-git-config-keys (git-config-keys gitolite-rc-file-git-config-keys
(default "")) (default ""))
(roles gitolite-rc-file-roles (roles gitolite-rc-file-roles
@ -245,7 +248,7 @@ access to exported repositories under @file{/srv/git}."
(define-gexp-compiler (gitolite-rc-file-compiler (define-gexp-compiler (gitolite-rc-file-compiler
(file <gitolite-rc-file>) system target) (file <gitolite-rc-file>) system target)
(match file (match file
(($ <gitolite-rc-file> umask git-config-keys roles enable) (($ <gitolite-rc-file> umask unsafe-pattern git-config-keys roles enable)
(apply text-file* "gitolite.rc" (apply text-file* "gitolite.rc"
`("%RC = (\n" `("%RC = (\n"
" UMASK => " ,(format #f "~4,'0o" umask) ",\n" " UMASK => " ,(format #f "~4,'0o" umask) ",\n"
@ -264,6 +267,9 @@ access to exported repositories under @file{/srv/git}."
" ],\n" " ],\n"
");\n" ");\n"
"\n" "\n"
,(if unsafe-pattern
(string-append "$UNSAFE_PATT = qr(" unsafe-pattern ");")
"")
"1;\n"))))) "1;\n")))))
(define-record-type* <gitolite-configuration> (define-record-type* <gitolite-configuration>