GNU bug report logs - #30809
[PATCH] Gitolite service

Previous Next

Full log

Message #77 received at 30809 <at> debbugs.gnu.org (full text, mbox):

From: Christopher Baines <mail <at> cbaines.net>
To: Clément Lassieur <clement <at> lassieur.org>
Cc: 30809 <at> debbugs.gnu.org
Subject: Re: [bug#30809] [PATCH 2/2] services: Add Gitolite.
Date: Tue, 31 Jul 2018 22:40:16 +0100

[Message part 1 (text/plain, inline)]

Clément Lassieur <clement <at> lassieur.org> writes:

> Hey Christopher!
>
> Thank you for the update.

Thanks for taking another look, I've sent some updated patches again.

> Christopher Baines <mail <at> cbaines.net> writes:
>
> [...]
>
>> +@example
>> +git clone git@@example.com:gitolite-admin
>> +@end example
>> +
>> +When the Gitolite service is activated, the provided @code{admin-pubkey} will
>> +be inserted in to the @file{keydir} directory in the gitolite-admin
>> +repository.  If this results in a change in the repository, it will be
>> +committed using the message ``gitolite setup by GNU Guix''.
>> +
>> +@deftp {Data Type} gitolite-configuration
>> +Data type representing the configuration for @code{gitolite-service-type}.
>> +
>> +@table @asis
>> +@item @code{package} (default: @var{gitolite})
>> +Gitolite package to use.
>> +
>> +@item @code{user} (default: @var{git})
>                                     ^
> It should be a string ---------------
>
> I don't think you should use @var for default values.  @code would be better.

Ah, ok, I think I've corrected these issues where appropriate.

>> +@item @code{admin-pubkey} (default: @var{#f})
>
> Actually, there is no default :-)

Good spot, I've removed it now.

>> +  (match-lambda
>> +    (($ <gitolite-configuration> package user group home
>> +                                 rc-file admin-pubkey)
>> +     #~(let* ((user-info (getpwnam #$user))
>> +              (admin-pubkey #$admin-pubkey)
>> +              (pubkey-file (string-append
>> +                            #$home "/"
>> +                            (basename
>> +                             (strip-store-file-name admin-pubkey)))))
>> +         (use-modules (guix build utils))
>> +
>> +         (simple-format #t "guix: gitolite: installing ~A\n" #$rc-file)
>> +         (copy-file #$rc-file #$(string-append home "/.gitolite.rc"))
>                  ^
> Maybe a symlink here?

I had some concerns that the store item might be removed, but I guess it
must be safe as it's referenced by the activation script. I've now
changed it to use a symlink.

>> +         ;; The key must be writable, so copy it from the store
>> +         (copy-file admin-pubkey pubkey-file)
>> +
>> +         (chmod pubkey-file #o500)
>
> I don't think it must be writable, because #o500 isn't writable.

I can't quite remember why I added this... I've removed it, and
everything still seems to work.

>> +         ;; Run Gitolite setup, as this updates the hooks and include the
>> +         ;; admin pubkey if specified. The admin pubkey is required for
>> +         ;; initial setup, and will replace the previous key if run after
>> +         ;; initial setup
>> +         (let ((pid (primitive-fork)))
>> +           (if (eq? pid 0)
>> +               ;; Exit with a non-zero status code if an exception is thrown.
>> +               (dynamic-wind
>> +                 (const #t)
>> +                 (lambda ()
>> +                   (setenv "HOME" (passwd:dir user-info))
>> +                   (setenv "USER" #$user)
>> +                   (setgid (passwd:gid user-info))
>> +                   (setuid (passwd:uid user-info))
>> +                   (primitive-exit
>> +                    (system* #$(file-append package "/bin/gitolite")
>> +                             "setup"
>> +                             "-m" "gitolite setup by GNU Guix"
>> +                             "-pk" pubkey-file)))
>> +                 (lambda ()
>> +                   (primitive-exit 1)))
>> +               (waitpid pid)))
>
> This works (with the (ice-9 match) module added):

Unfortunately, when I try, I'm still hitting the same problem. To better
explain, match seems to run the code for the forked process, in both
processes. Adding in some peek statements [1] gives:

  ;;; ("FORK" 273)

  ;;; ("PID SHOULD BE 0")

  ;;; ("FORK" 0)

  ;;; ("PID SHOULD BE 0")

  [    1.817611] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000000


This can't be due to a missing import, as removing the import gives a
different error message.

  Unbound variable: match
  [    1.638616] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000000


I'm at a loss regarding what is going on here. I've tried testing on top
of 8b8978ade and a previous commit, I've also reproduced this on two
different computers.

I've pushed up a branch here [2] in case you're interested in checking
out the exact code I'm using.


1:
         (match (peek "FORK" (primitive-fork))
           (0
            ;; Exit with a non-zero status code if an exception is thrown.
            (dynamic-wind
              (const #t)
              (lambda ()
                (setenv "HOME" (passwd:dir user-info))
                (setenv "USER" #$user)
                (setgid (passwd:gid user-info))
                (setuid (passwd:uid user-info))
                (peek "PID SHOULD BE 0")
                (primitive-exit
                 (system* #$(file-append package "/bin/gitolite")
                          "setup"
                          "-m" "gitolite setup by GNU Guix"
                          "-pk" pubkey-file)))
              (lambda ()
                (primitive-exit 1))))
           (pid (waitpid (peek "WAITING FOR PID ->" pid))))

2: https://git.cbaines.net/guix/commit/?h=gitolite-service-broken-match&id=b70a26a7875e0d1106290d583ee34db7159bbf60

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.