2017-04-26 4 views
1

여기에 관련된 질문을했지만 나에게 도움이되지는 못했습니다.Git push 결과 코드 22

Apache를 통해 LDAP 인증을 사용하여 git을 설치하려고합니다. 인증이 작동하고 복제 할 수 있습니다. 그러나 내가 밀어 넣으려고 할 때 "리턴 코드 22"를 얻습니다.

저는 CentOS 7과 Ubuntu 16.04를 모두 시험해 보았습니다. 둘 다 업데이트됩니다.

클라이언트 시스템은 Windows 10이고 최신 버전은 git-scm.com입니다.

내 아파치 conf에 문제가 있다고 생각합니다. 여기

내가 자식 디렉토리를 생성하는 방법은

git init --bare /var/www/html/git/gitrepo.git 
cd /var/www/html/git/gitrepo.git 
mv hooks/post-update.sample hooks/post-update 
chmod a+x hooks/post-update 
git update-server-info 

여기 내 아파치의 conf의 : 나는 GIT_CURL_VERBOSE하고 사용

[core] 
    repositoryformatversion = 0 
    filemode = false 
    bare = false 
    logallrefupdates = true 
    symlinks = false 
    ignorecase = true 
[remote "origin"] 
    url = http://192.168.16.147/gitrepo.git 
    fetch = +refs/heads/*:refs/remotes/origin/* 
[branch "master"] 
    remote = origin 
    merge = refs/heads/master 

: 여기

LDAPSharedCacheSize 500000 
LDAPCacheEntries 1024 
LDAPCacheTTL 600 
LDAPOpCacheEntries 1024 
LDAPOpCacheTTL 600 
LDAPVerifyServerCert Off 

<Directory "/var/www/html/git"> 
    Options +ExecCGI 
    Require all granted 
</Directory> 

<VirtualHost *:80> 
    AcceptPathInfo On 
    DocumentRoot "/var/www/html/git" 
    ServerName git.site.domain.com 
    DirectoryIndex index.html 

    SetEnv GIT_PROJECT_ROOT /var/www/html/git 
    SetEnv GIT_HTTP_EXPORT_ALL 
    SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER 
    ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/ 
    RewriteCond %{QUERY_STRING} service=git-receive-pack [OR] 
    RewriteCond %{REQUEST_URI} /git-receive-pack$ 
    RewriteRule ^/git/ - [E=AUTHREQUIRED:yes] 


    <LocationMatch "/"> 

     Options +ExecCGI 
     AuthType Basic 
     AuthName "site.domain.com" 
     AuthLDAPBindAuthoritative on 
     AuthBasicProvider ldap 
     AuthLDAPBindDN "CN=LDAP_User,CN=Users,DC=site,DC=domain,DC=com" 
     AuthLDAPBindPassword "password" 
     AuthLDAPURL "ldap://dc.site.domain.com/dc=site,dc=domain,dc=com?sAMAccountName?Sub?(objectCategory=person)(objectClass=User)" 
     AuthLDAPGroupAttributeIsDN on 
     Require valid-user 

    </LocationMatch> 

</VirtualHost> 

는 .git의 클라이언트 설정입니다 처음에는 인증이 작동하지만 다음은 실패한 후 실패합니다.

$ GIT_CURL_VERBOSE=1 git push origin master 
* Couldn't find host git.site.domain.com in the _netrc file; using defaults 
* timeout on name lookup is not supported 
* Trying 192.168.16.147... 
* TCP_NODELAY set 
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0) 
> GET /gitrepo.git/info/refs?service=git-receive-pack HTTP/1.1 
Host: git.site.domain.com 
User-Agent: git/2.12.2.windows.2 
Accept: */* 
Accept-Encoding: gzip 
Pragma: no-cache 

< HTTP/1.1 401 Unauthorized 
< Date: Wed, 26 Apr 2017 19:27:03 GMT 
< Server: Apache/2.4.6 (CentOS) 
< WWW-Authenticate: Basic realm="site.domain.com" 
< Content-Length: 381 
< Content-Type: text/html; charset=iso-8859-1 
< 
* Connection #0 to host git.site.domain.com left intact 
* Couldn't find host git.site.domain.com in the _netrc file; using defaults 
* Found bundle for host git.site.domain.com: 0x290be50 [can pipeline] 
* Re-using existing connection! (#0) with host git.site.domain.com 
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0) 
* Server auth using Basic with user 'bobsaget' 
> GET /gitrepo.git/info/refs?service=git-receive-pack HTTP/1.1 
Host: git.site.domain.com 
Authorization: Basic encryptedstring 
User-Agent: git/2.12.2.windows.2 
Accept: */* 
Accept-Encoding: gzip 
Pragma: no-cache 

< HTTP/1.1 200 OK 
< Date: Wed, 26 Apr 2017 19:27:03 GMT 
< Server: Apache/2.4.6 (CentOS) 
< Last-Modified: Tue, 25 Apr 2017 18:11:35 GMT 
< ETag: "0-54e01a77ac500" 
< Accept-Ranges: bytes 
< Content-Length: 0 
< Content-Type: text/plain; charset=UTF-8 
< 
* Connection #0 to host git.site.domain.com left intact 
* Couldn't find host git.site.domain.com in the _netrc file; using defaults 
* Found bundle for host git.site.domain.com: 0x290be50 [can pipeline] 
* Re-using existing connection! (#0) with host git.site.domain.com 
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0) 
* Server auth using Basic with user 'bobsaget' 
> GET /gitrepo.git/HEAD HTTP/1.1 
Host: git.site.domain.com 
Authorization: Basic encryptedstring 
User-Agent: git/2.12.2.windows.2 
Accept: */* 
Accept-Encoding: gzip 
Pragma: no-cache 

< HTTP/1.1 200 OK 
< Date: Wed, 26 Apr 2017 19:27:07 GMT 
< Server: Apache/2.4.6 (CentOS) 
< Last-Modified: Mon, 24 Apr 2017 20:51:42 GMT 
< ETag: "17-54defc6469818" 
< Accept-Ranges: bytes 
< Content-Length: 23 
< 
* Connection #0 to host git.site.domain.com left intact 
* Couldn't find host git.site.domain.com in the _netrc file; using defaults 
* timeout on name lookup is not supported 
* Trying 192.168.16.147... 
* TCP_NODELAY set 
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0) 
> PROPFIND /gitrepo.git/ HTTP/1.1 
Host: git.site.domain.com 
User-Agent: git/2.12.2.windows.2 
Accept: */* 
Depth: 0 
Content-Type: text/xml 
Content-Length: 172 
Expect: 100-continue 

* The requested URL returned error: 401 Unauthorized 
* stopped the pause stream! 
* Closing connection 0 
error: Cannot access URL http://git.site.domain.com/gitrepo.git/, return code 22 
fatal: git-http-push failed 
error: failed to push some refs to 'http://git.site.domain.com/gitrepo.git' 

아파치 오류 로그가 성공적으로 인증을 표시하지만 두 번째 시도하지 않고 실패

[Wed Apr 26 15:27:07.177075 2017] [authnz_ldap:debug] [pid 32543] mod_authnz_ldap.c(501): [client 192.168.16.216:54725] AH01691: auth_ldap authenticate: using URL ldap://192.168.16.222/dc=site,dc=domain,dc=com?sAMAccountName?Sub?(objectCategory=person)(objectClass=User) 
[Wed Apr 26 15:27:07.177094 2017] [authnz_ldap:debug] [pid 32543] mod_authnz_ldap.c(593): [client 192.168.16.216:54725] AH01697: auth_ldap authenticate: accepting bobsaget 
[Wed Apr 26 15:27:07.177100 2017] [authz_core:debug] [pid 32543] mod_authz_core.c(809): [client 192.168.16.216:54725] AH01626: authorization result of Require valid-user : granted 
[Wed Apr 26 15:27:07.177104 2017] [authz_core:debug] [pid 32543] mod_authz_core.c(809): [client 192.168.16.216:54725] AH01626: authorization result of <RequireAny>: granted 
[Wed Apr 26 15:27:07.227516 2017] [authz_core:debug] [pid 32548] mod_authz_core.c(809): [client 192.168.16.216:54728] AH01626: authorization result of Require valid-user : denied (no authenticated user yet) 
[Wed Apr 26 15:27:07.227564 2017] [authz_core:debug] [pid 32548] mod_authz_core.c(809): [client 192.168.16.216:54728] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet) 

편집 : 나는 자식에 따라 필요한 환경 변수를 내을 httpd.conf에 "는 AcceptPathInfo On"을 추가 확인 도움 http 백엔드가 설정됩니다.

거기에 사용 된 다시 쓰기 조건도 추가했습니다. 그에 따라 위의 구성을 업데이트했습니다.

+0

제프 답을 못을 박았다 것으로 보인다 : 그것은 다른 사람에 유용 경우

이 지금까지 노력하고 내 conf의입니다 msg302317.html – VonC

+0

예. 그는 거기에 나와 대답했다. 나는 모듈이로드되고 모든 것이 git help http-backend에 따라 멋지게 보이지만 아직 해결책이 없다. – user3889271

답변

1

그래서 git 메일 링리스트 덕택에 구성에 오류가 있음을 확인했습니다.

DocumentRoot는 "/ var/www/html"이어야합니다. http://www.spinics.net/lists/git/ :

LDAPSharedCacheSize 500000 
LDAPCacheEntries 1024 
LDAPCacheTTL 600 
LDAPOpCacheEntries 1024 
LDAPOpCacheTTL 600 
LDAPVerifyServerCert Off 

<Directory "/var/www/html/git"> 
    Options +ExecCGI 
    Require all granted 
</Directory> 

<VirtualHost *:80> 
    AcceptPathInfo On 
    DocumentRoot "/var/www/html" 
    ServerName git.site.domain.com 
    DirectoryIndex index.html 

    SetEnv GIT_PROJECT_ROOT /var/www/html/git 
    SetEnv GIT_HTTP_EXPORT_ALL 
    SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER 
    ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/ 
    RewriteCond %{QUERY_STRING} service=git-receive-pack [OR] 
    RewriteCond %{REQUEST_URI} /git-receive-pack$ 
    RewriteRule ^/git/ - [E=AUTHREQUIRED:yes] 


    <LocationMatch "/"> 

     Options +ExecCGI 
     AuthType Basic 
     AuthName "site.domain.com" 
     AuthLDAPBindAuthoritative on 
     AuthBasicProvider ldap 
     AuthLDAPBindDN "CN=LDAP_User,CN=Users,DC=site,DC=domain,DC=com" 
     AuthLDAPBindPassword "password" 
     AuthLDAPURL "ldap://dc.site.domain.com/dc=site,dc=domain,dc=com?sAMAccountName?Sub?(objectCategory=person)(objectClass=User)" 
     AuthLDAPGroupAttributeIsDN on 
     Require valid-user 

    </LocationMatch> 

</VirtualHost> 
+0

좋은 의견, 좋은 캐치. +1 – VonC