[sysadmin-bin] We need a sudo call whenever files are owned by an user which differs from git, all of them are loca

From: Andrea Veri <av src gnome org>
To: gnome-sysadmin gnome org,commits-list gnome org
Subject: [sysadmin-bin] We need a sudo call whenever files are owned by an user which differs from git, all of them are loca
Date: Tue, 12 Sep 2017 14:12:40 +0000 (UTC)

commit f85e772b8cb1caab198d542b34e07cef685feb0e
Author: Andrea Veri <averi redhat com>
Date:   Tue Sep 12 16:12:33 2017 +0200

    We need a sudo call whenever files are owned by an user which differs from git, all of them are located 
inside objects, this allows us to restrict the paths the sudoers rule applies to

 git/gnome-pre-receive |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)
---
diff --git a/git/gnome-pre-receive b/git/gnome-pre-receive
index e5915d1..23c69ce 100755
--- a/git/gnome-pre-receive
+++ b/git/gnome-pre-receive
@@ -75,8 +75,10 @@ if [[ $(hostname) =~ gitlab(\-test|)\.gnome\.org$ ]]; then
       git config hooks.mailinglist commits-list gnome org
     fi
 
-    sudo setfacl -d -R -m g:gnomecvs:rwx $GIT_DIR/
-    sudo setfacl -R -m g:gnomecvs:rwx $GIT_DIR/
+    sudo setfacl -d -R -m g:gnomecvs:rwx $GIT_DIR/objects/
+    sudo setfacl -R -m g:gnomecvs:rwx $GIT_DIR/objects/
+    setfacl -d -R -m g:gnomecvs:rwx $GIT_DIR/
+    setfacl -R -m g:gnomecvs:rwx $GIT_DIR/
   fi
 fi

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]