|
Bugzilla – Full Text Bug Listing |
| Summary: | `git instaweb` on OpenSUSE Tumbleweed: /etc/gitweb-common.conf is not being read | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE Tumbleweed | Reporter: | Marcelo Jimenez <marcelo.jimenez> |
| Component: | AppArmor | Assignee: | Christian Boltz <suse-beta> |
| Status: | RESOLVED FIXED | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Normal | ||
| Priority: | P5 - None | ||
| Version: | Current | ||
| Target Milestone: | --- | ||
| Hardware: | x86-64 | ||
| OS: | openSUSE Tumbleweed | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
Actually, there are two problems. One is to fix the file permission, but there is a problem in the code too, since $! is not checked and the error goes unnoticed, driving everyone crazy. Would you mind sending this upstream, or should I do another bug report elsewhere? Best regards, Marcelo. (In reply to Marcelo Jimenez from comment #1) > Actually, there are two problems. One is to fix the file permission, but > there is a problem in the code too, since $! is not checked and the error > goes unnoticed, driving everyone crazy. > > Would you mind sending this upstream, or should I do another bug report > elsewhere? The missing check sounds like an upstream issue, therefore I'd be glad if you could open a bugreport upstream. If you don't want to do the upstream report, please open a separate bug here (it can probably be copy&paste from this bug, just remove the AppArmor part). FYI: I'm the AppArmor maintainer, but don't maintain git-related packages [exceptions like for AppArmor profiles might apply]. I submitted the updated AppArmor profile: https://build.opensuse.org/request/show/1137804 Closing as half FIXED (for the AppArmor part) and half UPSTREAM (for the missing check). Hi Christian, Ok, I have just sent the report upstream with a link to this bug report: https://lore.kernel.org/git/CACjc_5pdijCZrrXQWHswsxYrGUzZ7pZq+nj3SzY1z+Xxop64Ww@mail.gmail.com/T/#u Best regards, Marcelo. |
git instaweb is a very convenient command to browse a repository. But several interesting features are disabled by default. The main configuration file (.git/gitweb/gitweb_config.perl) is rewritten every time git instaweb is ran, so it is not possible to store configuration there. I tried to enable some of the wanted features by creating a global configuration file. Initially I tried creating /etc/gitweb.conf, with the following two lines: $feature{'highlight'}{'default'} = [1]; $feature{'blame'}{'default'} = [1]; But it did not work. Then I tried to create the file /etc/gitweb-common.conf. It also did not work. These lines have no effect on the resulting web interface, I keep receiving 403 - Blame view not allowed. Inspecting the source code of /usr/share/gitweb/gitweb.cgi, I noticed that if the global configuration is read from the file in the variable $GITWEB_CONFIG, which is our particular repository freshly generated configuration file, then the script will never try to read the file in $GITWEB_CONFIG_SYSTEM (/etc/gitweb.conf), returning before that happend. So, in this case, using this file does not apply. But there was no explanation for not reading $GITWEB_CONFIG_COMMON (/etc/gitweb-common.conf), which is read before $GITWEB_CONFIG. After some research, I tried to debug the CGI script in /usr/share/gitweb/gitweb.cgi using rudimentary print statements. Eventually I converged to the following subroutine: # read and parse gitweb config file given by its parameter. # returns true on success, false on recoverable error, allowing # to chain this subroutine, using first file that exists. # dies on errors during parsing config file, as it is unrecoverable. sub read_config_file { my $filename = shift; return unless defined $filename; # die if there are errors parsing config file if (-e $filename) { do $filename; die $@ if $@; return 1; } return; } Perl uses two different variables to manage error from a do. One is $@, which is set it this case when do is unable to compile the file. The other is $!, which is set in case do cannot read the file. By printing the value of $! I found out that it was set to Permission denied. Since the script does not currently tests for $!, the error goes unnoticed. (https://perldoc.perl.org/functions/do) To fix the problem, the following line must be added to /etc/apparmor.d/usr.share.git-web.gitweb.cgi: /etc/gitweb-common.conf r, I have documented this here in Stack Overflow: https://stackoverflow.com/questions/77789216/problem-with-git-instaweb-on-opensuse-tumbleweed-etc-gitweb-common-conf-is-n