我已經在這裏經歷了相關的問題,沒有什麼對我有效。Git推送結果返回代碼22
我想通過Apache設置通過LDAP身份驗證的git。驗證工作,我可以克隆。但是當我試圖推動我得到「返回代碼22」。
我試過CentOS 7和Ubuntu 16.04。兩者都已更新。
客戶端系統是Windows 10和git-scm.com的最新版本。
我猜我的Apache conf有一個問題。
下面是如何創建的git的目錄
git init --bare /var/www/html/git/gitrepo.git
cd /var/www/html/git/gitrepo.git
mv hooks/post-update.sample hooks/post-update
chmod a+x hooks/post-update
git update-server-info
這裏是我的Apache的conf:
LDAPSharedCacheSize 500000
LDAPCacheEntries 1024
LDAPCacheTTL 600
LDAPOpCacheEntries 1024
LDAPOpCacheTTL 600
LDAPVerifyServerCert Off
<Directory "/var/www/html/git">
Options +ExecCGI
Require all granted
</Directory>
<VirtualHost *:80>
AcceptPathInfo On
DocumentRoot "/var/www/html/git"
ServerName git.site.domain.com
DirectoryIndex index.html
SetEnv GIT_PROJECT_ROOT /var/www/html/git
SetEnv GIT_HTTP_EXPORT_ALL
SetEnv REMOTE_USER=$REDIRECT_REMOTE_USER
ScriptAlias /git/ /usr/libexec/git-core/git-http-backend/
RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
RewriteCond %{REQUEST_URI} /git-receive-pack$
RewriteRule ^/git/ - [E=AUTHREQUIRED:yes]
<LocationMatch "/">
Options +ExecCGI
AuthType Basic
AuthName "site.domain.com"
AuthLDAPBindAuthoritative on
AuthBasicProvider ldap
AuthLDAPBindDN "CN=LDAP_User,CN=Users,DC=site,DC=domain,DC=com"
AuthLDAPBindPassword "password"
AuthLDAPURL "ldap://dc.site.domain.com/dc=site,dc=domain,dc=com?sAMAccountName?Sub?(objectCategory=person)(objectClass=User)"
AuthLDAPGroupAttributeIsDN on
Require valid-user
</LocationMatch>
</VirtualHost>
下面是git的客戶端配置:
[core]
repositoryformatversion = 0
filemode = false
bare = false
logallrefupdates = true
symlinks = false
ignorecase = true
[remote "origin"]
url = http://192.168.16.147/gitrepo.git
fetch = +refs/heads/*:refs/remotes/origin/*
[branch "master"]
remote = origin
merge = refs/heads/master
我用GIT_CURL_VERBOSE它最初顯示身份驗證的工作,但在propfind後失敗:
$ GIT_CURL_VERBOSE=1 git push origin master
* Couldn't find host git.site.domain.com in the _netrc file; using defaults
* timeout on name lookup is not supported
* Trying 192.168.16.147...
* TCP_NODELAY set
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0)
> GET /gitrepo.git/info/refs?service=git-receive-pack HTTP/1.1
Host: git.site.domain.com
User-Agent: git/2.12.2.windows.2
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache
< HTTP/1.1 401 Unauthorized
< Date: Wed, 26 Apr 2017 19:27:03 GMT
< Server: Apache/2.4.6 (CentOS)
< WWW-Authenticate: Basic realm="site.domain.com"
< Content-Length: 381
< Content-Type: text/html; charset=iso-8859-1
<
* Connection #0 to host git.site.domain.com left intact
* Couldn't find host git.site.domain.com in the _netrc file; using defaults
* Found bundle for host git.site.domain.com: 0x290be50 [can pipeline]
* Re-using existing connection! (#0) with host git.site.domain.com
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0)
* Server auth using Basic with user 'bobsaget'
> GET /gitrepo.git/info/refs?service=git-receive-pack HTTP/1.1
Host: git.site.domain.com
Authorization: Basic encryptedstring
User-Agent: git/2.12.2.windows.2
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache
< HTTP/1.1 200 OK
< Date: Wed, 26 Apr 2017 19:27:03 GMT
< Server: Apache/2.4.6 (CentOS)
< Last-Modified: Tue, 25 Apr 2017 18:11:35 GMT
< ETag: "0-54e01a77ac500"
< Accept-Ranges: bytes
< Content-Length: 0
< Content-Type: text/plain; charset=UTF-8
<
* Connection #0 to host git.site.domain.com left intact
* Couldn't find host git.site.domain.com in the _netrc file; using defaults
* Found bundle for host git.site.domain.com: 0x290be50 [can pipeline]
* Re-using existing connection! (#0) with host git.site.domain.com
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0)
* Server auth using Basic with user 'bobsaget'
> GET /gitrepo.git/HEAD HTTP/1.1
Host: git.site.domain.com
Authorization: Basic encryptedstring
User-Agent: git/2.12.2.windows.2
Accept: */*
Accept-Encoding: gzip
Pragma: no-cache
< HTTP/1.1 200 OK
< Date: Wed, 26 Apr 2017 19:27:07 GMT
< Server: Apache/2.4.6 (CentOS)
< Last-Modified: Mon, 24 Apr 2017 20:51:42 GMT
< ETag: "17-54defc6469818"
< Accept-Ranges: bytes
< Content-Length: 23
<
* Connection #0 to host git.site.domain.com left intact
* Couldn't find host git.site.domain.com in the _netrc file; using defaults
* timeout on name lookup is not supported
* Trying 192.168.16.147...
* TCP_NODELAY set
* Connected to git.site.domain.com (192.168.16.147) port 80 (#0)
> PROPFIND /gitrepo.git/ HTTP/1.1
Host: git.site.domain.com
User-Agent: git/2.12.2.windows.2
Accept: */*
Depth: 0
Content-Type: text/xml
Content-Length: 172
Expect: 100-continue
* The requested URL returned error: 401 Unauthorized
* stopped the pause stream!
* Closing connection 0
error: Cannot access URL http://git.site.domain.com/gitrepo.git/, return code 22
fatal: git-http-push failed
error: failed to push some refs to 'http://git.site.domain.com/gitrepo.git'
Apache的錯誤日誌顯示身份驗證成功,但沒有進行第二次嘗試失敗:
[Wed Apr 26 15:27:07.177075 2017] [authnz_ldap:debug] [pid 32543] mod_authnz_ldap.c(501): [client 192.168.16.216:54725] AH01691: auth_ldap authenticate: using URL ldap://192.168.16.222/dc=site,dc=domain,dc=com?sAMAccountName?Sub?(objectCategory=person)(objectClass=User)
[Wed Apr 26 15:27:07.177094 2017] [authnz_ldap:debug] [pid 32543] mod_authnz_ldap.c(593): [client 192.168.16.216:54725] AH01697: auth_ldap authenticate: accepting bobsaget
[Wed Apr 26 15:27:07.177100 2017] [authz_core:debug] [pid 32543] mod_authz_core.c(809): [client 192.168.16.216:54725] AH01626: authorization result of Require valid-user : granted
[Wed Apr 26 15:27:07.177104 2017] [authz_core:debug] [pid 32543] mod_authz_core.c(809): [client 192.168.16.216:54725] AH01626: authorization result of <RequireAny>: granted
[Wed Apr 26 15:27:07.227516 2017] [authz_core:debug] [pid 32548] mod_authz_core.c(809): [client 192.168.16.216:54728] AH01626: authorization result of Require valid-user : denied (no authenticated user yet)
[Wed Apr 26 15:27:07.227564 2017] [authz_core:debug] [pid 32548] mod_authz_core.c(809): [client 192.168.16.216:54728] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet)
編輯:我添加了「中的AcceptPathInfo在」我的httpd.conf文件,並檢查根據需要git的環境變量幫助http後端設置。
我還添加了那裏使用的重寫條件。相應地更新了上面的配置。
傑夫似乎已經釘了答案:http://www.spinics.net/lists/git/ msg302317.html – VonC
是的。他在那裏回答我。我還沒有解決方案,但隨着模塊加載,根據git help http-backend,一切看起來都很好。 – user3889271