Posted by Marko Poutiainen Thursday, May 14 2009 15:34:25
Posted by Marko Poutiainen Thursday, May 14 2009 14:58:25
In repo 1:
- Edit some stuff,
- git commit,
- git tag -a,
- git push --tags.
In repo 2:
- git pull --tags,
-> The changes from the edit are visible.
This definitely isn't clear from the documentation:
All refs under $GIT_DIR/refs/tags are pushed, in addition to refspecs explicitly listed on the command line.--cut--
But very cool, neverthless. This means it's not possible to accidentally only push the tags and not the changes associated with them.
Posted by Marko Poutiainen Friday, May 08 2009 12:58:58
Posted by Marko Poutiainen Thursday, May 07 2009 17:09:27
So here's how you can do it:
1. The user creates a gpg key with gpg --gen-key.
2. Then he exports the public key with gpg --armor --export firstname.lastname@example.org > mypk
3. He sends the public key file to you for you to save it in the git user's keyring (assuming you are using gitosis). You then import it with gpg --import mypk. It might also be a good idea to sign this key with gpg --edit-key email@example.com.
4. Next you need to add the verification somewhere in the git hooks, pre-receive might be the best bet. Checking the validity is done with git tag -v "tag_id". The code could be something like (I haven't done this yet myself):
m/(.+) (.+) refs\/tags\/(.+)/;
my $ret = open(FH, "-|", "git-tag", "-v", $3);
# Check that output shows the signature is good
And hey presto! You have just made sure that your system only accepts tags signed by people you have accepted.
Posted by Marko Poutiainen Thursday, May 07 2009 16:44:26
Anyways, what I wanted to do was to check that the user is who he says. By simply saying "git config firstname.lastname@example.org && git config user.name=Mr. Fake" a user can hide his identity - in practice allowing him to add what he wants to the repository as long as he has write access. Also, there is no extra security for anything else. For instance if you have conditional hooks in your git repository, you can't just the user id for access rights.
The solution is to use gitosis and check that the user really is who he says he is. I already asked this question in stackoverflow and then ended up solving the problem myself. The solution requires fixing gitosis, reinstalling it and the adding a pre-receive hook to the git repository. Not overly complicated, but hopefully someone could add that fix to the "official" gitosis code as well.
This solution verifies that the user email address used to create the ssh key for gitosis matches the address the user is using which should be pretty secure. This way the repository history is correct and the culprits can always be tracked down.
Posted by Marko Poutiainen Wednesday, December 03 2008 15:13:29
Here's the collection, it now includes Mari's DVD's as well.
Posted by Marko Poutiainen Friday, February 29 2008 20:18:55
Speaking of games, yahtzee's Zero Punctuation column at the Escapist Magazine is by far my favourite games reviewer. Maybe not the most accurate or punctual or factual of them, but definitely the funniest. He also manages to find the actual problems and strenghts of the games he reviews.
Posted by Marko Poutiainen Saturday, November 24 2007 14:08:34
Funny how simple ideas can be so interesting. Like guessing the meaning of words and making a miniscule donation every time you get one right.
Free Rice is just that. Every time you know the meaning of an English word right, the organisation donates 10 grains of rice to the developing countries. Doesn't sound that much, does it? But just yesterday the total was about 150,000,000 grains of rice - that's in one day. Total number is now close to 3,5 billion grains, which is quite a lot considering the site opened October 7th.
The game is surprisingly addictive because it adapts to your level, so it's not just random numbers, rather it pushes you to your limit all the time.
Here's how it works: First you get a few random words. Your result with these define roughly your level. Levels are simply decided by how many people get each word right, so the fewer know a word, the higher it's level. Every time you get a word wrong, your level drops by one. If you get three consecutive words right, you rise a level.
My level seems to be about 30, fluctuating between 26 and 35. The only gripe I have about this site is it doesn't "remember" you between sessions, so you can't see you totals. Apart from that this is a great way of having fun, learning AND donating something to the poor. Not a bad effort at all.