ERROR:gitosis.serve.main:Repository read access denied

[ I write this for I found the solution applied to my case at the 3rd link of the 2nd page of my Google search. I had never gone beyond the first page for years. ]

So there was this gitosis repository that lived on an Ubuntu server that had to move to a CentOS one.

Thankfully EPEL still carries gitosis and I did not built it from the source. I copied over the files and was done with it.

That is until I needed to change access to one of the repositories to add a user. Said user was denied any kind of access with:

ERROR:gitosis.serve.main:Repository read access denied

There are plenty of reasons for this occur (examples), but none seemed to fit in my case, so I brute forced the search results. And at the first comment that was posted on the third link at the second page Google came up with, the solution was found.

# cd ~gitosis/repositories/gitosis-admin.git/hooks/
# ls -l
total 48
-rwxr-xr-x 1 gitosis gitosis  452 Sep 11  2011 applypatch-msg.sample
-rwxr-xr-x 1 gitosis gitosis  896 Sep 11  2011 commit-msg.sample
-rwxr-xr-x 1 gitosis gitosis  160 Sep 11  2011 post-commit.sample
-rwxr-xr-x 1 gitosis gitosis  552 Sep 11  2011 post-receive.sample
lrwxrwxrwx 1 gitosis gitosis   61 Dec 21 09:53 post-update -> /usr/share/pyshared/gitosis/templates/admin/hooks/post-update
-rwxr-xr-x 1 gitosis gitosis  189 Sep 11  2011 post-update.sample
-rwxr-xr-x 1 gitosis gitosis  398 Sep 11  2011 pre-applypatch.sample
-rwxr-xr-x 1 gitosis gitosis 1578 Sep 11  2011 pre-commit.sample
-rwxr-xr-x 1 gitosis gitosis 4971 Sep 11  2011 pre-rebase.sample
-rwxr-xr-x 1 gitosis gitosis 1239 Sep 11  2011 prepare-commit-msg.sample
-rwxr-xr-x 1 gitosis gitosis 3611 Sep 11  2011 update.sample

Yeah, you’ve guessed it by now:

/usr/share/pyshared/gitosis/templates/admin/hooks/post-update

did not exist on CentOS but

/usr/lib/python2.6/site-packages/gitosis/templates/admin/hooks/post-update

did. Fixing the symbolic link fixed the problem.

/* Oh what fun it is to chase bugs into the night */

Προπαίδεια

[Το έγραψα χτες στο Facebook, αλλά του αξίζει μια πιο μόνιμη θέση]

Ο μικρός είχε κάνει λάθος κάποιες πράξεις στον πίνακα της προπαίδειας. Σβήνω τα λάθη και του λέω να τα ξανακάνει. Μετά από λίγο μου έρχεται με το tablet και το φύλλο εργασιών στο χέρι.

– Μάντεψε έπαιζα ή έγραφα;
– Έγραφες
– Σωστά. Το μόνο που έκανα ήταν αυτό

Και μου δείχνει πίνακα της προπαίδειας που βρήκε στο Δίκτυο…

Funny OpenDNS, VirtualBox and Debian weirdness

I was trying to install a virtual machine using the latest VirtualBox on a Windows 7 Host. The host was also running OpenDNS DNSCrypt 0.0.6 client. The guest operating system should be Debian/LXDE. Installation went fine until the installer tried to contact Debian mirrors to fetch missing packages.

It couldn’t find them. Like the common system administration mantra says:

Everything is a DNS problem.

So at the OpenDNS DNSCrypt client dashboard I (temporarily) disabled the DNS over TCP option and the installation continued smoothly. The same thing does not happen with OS X Mavericks as the host operating system. After the installation is finished, you can reenable DNS over TCP for DNSCrypt. The guest operating system’s resolver sees no issues with this.

I am posting this short note because it may bite others out there.

Jotter – new gadget

Parker Jotter, Navy Blue mechanical pencil
Parker Jotter, Navy Blue mechanical pencil

When I was a kid, I was fascinated with Parker pens. They were the good pens around that were not highly expensive and as such I was sometimes allowed to write with them at home.

The years passed and a lot of ballpoint Parkers (and fountain pens) came along my way. But the need to write with a ballpoint diminishes by the year, so they are all stuffed in a box waiting for the kids to use them.

I still write on paper, but I am more of a pencil person (I count 14 mechanical pencils on my desk). So when I found out that Jotter had a mechanical pencil version I could not resist. I visited eBay and got a Navy Blue one. And since for these pencils the tip is not retractable (which means it can damage your shirt’s pocket), I am using a Faber Castell eraser cap to protect the tip when carrying it around.

University Chain of Command

With all the unrest that dominates the Greek Universities (among them my alma mater) due to imminent layoffs, I thought I should copy here something that was sent to me once via twitter (and was posted on pastebin). Surprisingly, not many links point to this document, so here is one more:

  • Dean: Leaps tall buildings in a single bound. Is more powerful than a locomotive. Is faster than a speeding bullet. Walks on water. Gives policy to God.
  • Department Head: Leaps short buildings in a single bound. Is more powerful than a switch engine. Is just as fast as a speeding bullet. Talks with God.
  • Professor: Leaps short buildings with a running start and favorable winds. Is almost as powerful as a switch engine. Is faster than a speeding BB. Walks on water in an indoor swimming pool. Talks with God if a special request is honored.
  • Associate Professor: Barely clears a quonset hut. Loses tug of war with a locomotive. Can fire a speeding bullet. Swims well. Is occasionally addressed by God.
  • Assistant Professor: Makes high marks on the walls when trying to leap tall buildings. Is run over by locomotives. Can sometimes handle a gun without inflicting self-injury. Treads water. Talks to animals.
  • Instructor: Climbs walls continually. Rides the rails. Plays Russian Roulette. Walks on thin ice. Prays a lot.
  • Graduate Student: Runs into buildings. Recognizes locomotives two out of three times. Is not issued ammunition. Can stay afloat with a life jacket. Talks to walls.
  • Undergraduate Student: Falls over doorstep when trying to enter buildings. Says “Look at the choochoo”. Wets himself with a water pistol. Plays in mud puddles. Mumbles to himself.
  • Department Secretary: Lifts buildings and walks under them. Kicks locomotives off the tracks. Catches speeding bullets in her teeth and eats them. Freezes water with a single glance. She IS God.

In a humorous way this document displays the needs that administrative personnel serves within a University (or any organization for that matter).

This is copied from the University of Toronto, Faculty of Information Studies newsletter (issue 49). PDF here.

Are all the servers running the latest version? Ansible to the rescue

After a certain size of servers, it is impossible to remember whether they are all current or not, or even check a documentation wiki page to find out about. So how can one use ansible to find out the answer? The setup module enters the room. Assuming an all Debian installation one could run:

ansible debian-machines -m setup --tree /tmp/invetory
cd /tmp/inventory
grep ansible_distribution_version * | grep -v 7\.2

This will list Debian machines not running 7.2 (Wheezy). You can build more complex versions of the above to match your infrastructure.

PS: Many thanks to @laserllama and @jpmens.

Run Lola, run

“Let me tell you the story of a company who’s on the verge of closing because of n-tier complexity, application server requirements and all that mambo jumbo” said a friend.

That company’s current client is a major public service institution. That institution has a set of complex policies designed, oh, by consultants whose employing firm of course was heavily paid to customize current “best practices” to secure the operating environment and making it use all the buzzwords that run around for it had to be modern. So when said company tried to deliver a software that it had a contract on, it was impossible to debug for they could not have any kind of access on the deployment systems. Which were run, not by the customer but, oh, by another consulting firm who was obliged to follow the rules set by the first one.

The governance of the above scheme looks good on paper, doesn’t it? At least I cannot deny it is a job creator for the consulting firms at the expense of those who want to do actual work.

Which brings me to the elitist question that I am going to fire up the next time I am lectured about Enterprise Architectures: “Have you personally implemented such a system? You, not someone you directed, you! Show me how, NOW!”. I’ve grown tired of people offering their paid opinion on IT systems that will improve anything when in fact the only system they’ve done is restoring their laptop’s Windows installation.

I’ve grown tired of people who prove the laws of Systemantics right with their ambitious, unworkable designs, namely:

A complex system designed from scratch never works and cannot be patched up to make it work. You have to start over, beginning with a working simple system.

where in fact we know that since sometimes systems work, this is because:

A complex system that works is invariably found to have evolved from a simple system that works.

But I guess in IT we are big fans of Rube Goldberg machines.

“Hack like it’s the last day of your life”

Hack like it’s the last day of your life, cuz one day it will be.”

I had a neighbor who studied Movie direction. He told me that their final project was a movie that they would have complete responsibility on it, from the script to the final cut. They were advised to work on it like it would be their last movie, even though it was their first. Their teacher wanted them to do so for two reasons: Because for most of them that would be their last movie and he wanted them to put their best. And also because if this was not their last movie, they would never know which one would be, but they still had to put their best on the current project.

My neighbor had a career in the Health sector but he was always proud of his movie, even though very few people actually saw it. He had done his best.

PS: Just like Sid (whose death prompted Wim Remes‘s tweet), my neighbor is also dead.