I just set up several repositories on my Ubuntu server. I can pull from them just fine, but when I try:
hg push ssh://myserver//hg/repo
I get
abort: could not lock repository ... Permission denied
This is a permissions issue. The name being used to authenticate must either be the owner of all the files, or be in a group that has write permission to all the files.
Alternatively, you could set the permissions to 777, but that last 7 is a really bad idea, as then anyone who is able to gain any kind of access to the server could play havoc with the repositories.
Related
I am trying to make a push using mercurial to a repo on Bitbucket. I made sure to copy correctly the ssh key from ~/.ssh/id_rsa.pub to my bitbucket account.
cat .hg/hgrc
[paths]
default = ssh://bitbucket.org/mcarey/arakoon
Still when pushing I got this error:
pushing to ssh://bitbucket.org/mcarey/arakoon
remote: Permission denied (publickey).
abort: no suitable response from remote hg!
I would assume the problem is as the repo shall be
ssh://hg#bitbucket.org/mcarey/arakoon
Is this correct? If so how to modify it? If not, what is it about?
Just edit .hg/hgrc:
[paths]
default = ssh://hg#bitbucket.org/YOURNAME/REPONAME
Ok. important to note the following
hg# before the bitbucket.org/YOURNAME/REPONAME
YOURNAME shall be the name in the repo not the user name. the username is attached in the SSH key or HTTPS username/password.
These were my problems. Its solved now
I am using SSH to push to the central mercurial repository on the remote server.
I put in a hook so the remote repo will update:
[hooks]
changegroup = hg update >&2
when I try to push to the remote repo, the push succeeds, but I get this output:
remote: added 1 changesets with 1 changes to 1 files
remote: abort: Permission denied: /var/www/sites/businesslicenses/.hgignore
remote: warning: changegroup hook exited with status 255
any ideas for me?? thanks!
If you use SSH and don't setup a dedicated user account on your server, then you will need to ensure that:
the necessary users are in a common group and
newly created files belong to that group
newly created files are group writable
See "The filesystem method" in the wiki for more information. Generally, I find that it's easier to user a dedicated user on the server and then grant people access by adding SSH public keys to .ssh/authorized_keys.
Check if /var/www/sites/businesslicenses/.hgignore is owned by the current user and is not owned by root.
I have a problem. Actually I want to push, but gives some error.
error: unable to push: Push will not be performed as it would create
remote branches. You must first resync by doing a pull from the target
repository and merge.
Then, I want to pull and I get this error2.
error2:
Output: [comparing with
http://mercurial.intuxication.org/hg/itucs-blg361-2011-g03, searching
for changes, abort: Permission denied: /home/burak_bundle0]
Do you have permission on /home/burak_bundle0?
I've got a mercurial repository, which pulls in dependencies using the subrepository functionality (as defined in the .hgsub file), but I'm struggling to get this working in TeamCity.
I've enabled the mercurial_keyring extension in order to save credentials (so when TeamCity provides authentication details for the root repository, it remembers them for the subrepositories). I've added an [auth] section to mercurial.ini too:
[auth]
bitbucket.schemes = https
bitbucket.prefix = https://bitbucket.org/xyz
bitbucket.username = xyz
If I run hg clone from the command line, I get prompted for a password once, and all is good. But the initial checkout when run via TeamCity fails with
VCS root: mercurial: https://bitbucket.org/xyz/projectA {instance id=23, parent id=1}, due to error: 'cmd /c hg update -C -r 4a08f587bb1f' command failed. stderr: abort: http authorization required stdout: pulling subrepo src\Common.Library from https://bitbucket.org/xyz/common.library
What am I missing, or am I going about this in completely the wrong way? Many thanks!
It seems that passing in credentials directly from TeamCity doesn't work with mercurial_keyring, but if I specify both username and password in plaintext in the mercurial.ini file (making sure it's accessible under the account the TeamCity build agent is running under), then this works.
The mercurial.ini file can be placed under <mercurial install path>\mercurial.ini if it does not work under user path.
Not ideal, but a solution... if anyone else finds a better one, please let me know.
May be it got fixed in last versions of TeamCity, but the following works for me:
Configure build agent service to run under domain account with
access to HG repositories (both root and subrepos)
Enable mercurial_keyring on build agent and add [auth] section
to mercurial config
Try to clone repository manually, enter
password. No need to wait until the whole repo is cloned -- it could
be terminated when "requesting all changes" message is shown.
Have fun -- now service will use keyring.
Probably the [auth] section shouldn't be added at all to the mercurial.ini for the TC agent. Team City uses --config auth... options to hg. I would also recommend not to use the mercurial_keyring but to set the username and password in VCS root - this is both secure and shared between different TC agents.
Not sure about the bitbucket, but in other cases usage of https scheme can require certificates configuration. This can be configured in mercurial.ini:
[web]
cacerts =
[hostfingerprints]
# hides mercurial warnings
domain-name = ab:cd:...:01
And last part: depending on .hgsub it might be needed to use VCS checkout mode "Automatically on agent" in Team City Version Control Settings.
I have a centralized Mercurial repository which I want to provide access to via SSH.
I did a chown root:developers repository -R on the repository directory, so all users in group 'developers' should have access.
So, I clone, add my initial files to the repository as user A, commit, push, done. Now, I go as user B, clone, add a file, commit, and push. But then, when I do a pull, an update, and change that file as user A and then try to push, I get
pushing to /var/hg/repository
searching for changes
1 changesets found
adding changesets
adding manifests
adding file changes
transaction abort!
rollback completed
abort: Permission denied: /var/hg/repository/.hg/store/data/test.i
Am I missing a configuration step? Should I not be using SSH?
EDIT I found that using the sticky bit solves the problem: How to set permissions so two users can work on the same hg repository?. Is this a bad solution?
Sticky group bit is the right way to do this. Also, it used to be the case that user's umasks needed to be set such that group read/write would be on for new files they add, but for the last year or two mercurial copies the permissions (not ownership) of the .hg directory in the repo itself on to newly created files, so the umask isn't as important.
Maybe you could be interested by mercurial-server: http://www.lshift.net/mercurial-server.html
mercurial-server is useful if you don't want to provide a shell to developers on server hosting mercurial central repository.
The Mercurial documentation says using the setgid flag is okay.