lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 16 Jan 2016 11:05:54 -0800
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Al Viro <viro@...iv.linux.org.uk>
Cc:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	linux-fsdevel <linux-fsdevel@...r.kernel.org>
Subject: Re: [git pull] vfs.git regression fix

On Sat, Jan 16, 2016 at 5:44 AM, Al Viro <viro@...iv.linux.org.uk> wrote:
>
> Having checked how git request-pull reacts to missing branch argument...

A missing branch name is the same as HEAD, so:

> Very similar bug there - it gives stats for HEAD and URI with no branch
> name.  Might've been fixed in later versions (it's 2.1.4 here - debian-stable)

If you say "no branch name", then it assumes that it's head in your
local and remote repositories.

So it's expected. It also *should* warn about the fact that the remote
repository HEAD does not match. Does it not do that?

Anyway, in general, you should always use a branch-name for "git
request-pull", since you use branches. The "no branch name" is really
only meant for the very original kind of git workflow where you don't
use branches at all. Some people still do that (David Miller seems to
prefer separate repositories over multiple branches, for example), but
it's starting to be unusual.

Also, if your local branch is named differently from your remote one,
you need to use the same format as you would have done for "git push"
to push it out, so you'd do

    git request-pull remote-repo local-branch-name:remote-branch-name

but quite frankly, I wouldn't recommend that workflow. I think it's
too prone to mistakes.

> FWIW, the main inconvenience with git request-pull is that it still needs
> s/gitolite@...kernel.org:/git:\/\/git.kernel.org/ postprocessing.

So what I always do on all my repositories is that "origin" ends up
being the public thing, and then I have a separate set of things I
push to.

Now, the reason I do that is that pushing is different from pulling,
not only because of the whole security thing, but because I push to
multiple repos.

So my .gti/config looks roughly like this:

[remote "origin"]
    url = git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
    fetch = +refs/heads/*:refs/remotes/origin/*

[branch "master"]
    remote = origin
    merge = refs/heads/master

[remote "all"]
    url = ra.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux
    url = git@...hub.com:torvalds/linux.git

and that means that when I pull from my own remote (which I actually
do when I travel - it's hoe I synchronize my laptop and desktop), I
use origin. And when I push, I do "git push all", and it pushes to
both kernel.org and to the github "mirror".

And a plain "git push" simply won't work, which is fine.

                  Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ