将 Git 凭据帮助程序与 gnome-keyring 一起用作 Sudo 时出错
[英]Error when using Git credential helper with gnome-keyring as Sudo
问题描述
I was looking for a way to store credentials securely while connecting to our Git server which uses SSL.
我一直在寻找一种在连接到使用 SSL 的 Git 服务器时安全存储凭据的方法。 I came across this suggestion by @james-ward (only edit I made was I updated our "system" config instead of our "global" config for Git ( https://stackoverflow.com/a/14528360/6195194 )我通过@james-ward 遇到了这个建议(我所做的唯一编辑是我更新了我们的“系统”配置而不是 Git 的“全局”配置( https://stackoverflow.com/a/14528360/6195194 )
sudo apt-get install libgnome-keyring-dev
cd /usr/share/doc/git/contrib/credential/gnome-keyring
sudo make
git config --system credential.helper /usr/share/doc/git/contrib/credential/gnome-keyring/git-credential-gnome-keyring
I then can run然后我可以跑
git clone https://ipaddress/git/repo.git
and the credential helper will store my credentials, however when I run the following:并且凭证助手将存储我的凭证,但是当我运行以下命令时:
sudo git clone https://ipaddress/git/repo.git testfolder
it give me the following error它给了我以下错误
** (process:3713): CRITICAL **: Error communicating with gnome-keyring-daemon
I sometimes need to run sudo git clone since sometimes the directory where I need to make a clone requires it.我有时需要运行 sudo git clone 因为有时我需要进行克隆的目录需要它。 Any help would be appreciated.任何帮助将不胜感激。
Versions I am using: - git version 1.9.1 - Ubuntu Server 14.0.4我使用的版本: - git 版本 1.9.1 - Ubuntu Server 14.0.4
Thank you in advance!提前谢谢你! -Richard O. -理查德·O。
3 个解决方案
解决方案1
101 2016-10-28 19:37:07
Beside the use of sudo, note that in 2016, libgnome-keyring is specific to GNOME and is now deprecated (since January 2014, actually ).除了使用 sudo 之外,请注意,在 2016 年, libgnome-keyring特定于 GNOME,现在已弃用( 实际上自2014年1 月以来)。
Git 2.11+ (Q4 2016) will include a new credential helper using libsecret . Git 2.11+(2016 年第四季度)将包含一个使用libsecret的新凭证助手。
See commit 87d1353 (09 Oct 2016) by Mantas Mikulėnas ( grawity ) .参见Mantas Mikulėnas ( grawity ) 提交的 87d1353 (2016 年 10 月 9 日) 。
(Merged by Junio C Hamano -- gitster -- in commit bfe800c , 26 Oct 2016) (由Junio C gitster合并-- gitster --在提交 bfe800c 中,2016 年 10 月 26 日)
A new credential helper that talks via " libsecret " with implementations of XDG Secret Service API has been added to
contrib/credential/.contrib/credential/添加了一个新的凭证助手,它通过“ libsecret ”与 XDG 秘密服务 API 的实现进行对话。it uses
libsecretwhich can support other implementations of XDG Secret Service API.libsecret。
You can install
libsecretand the development libraries with:您可以使用以下命令安装libsecret和开发库:sudo apt-get install libsecret-1-0 libsecret-1-devThen you need to build the credential manager
然后你需要构建凭证管理器cd /usr/share/doc/git/contrib/credential/libsecret(copy the credential/libsecret folder from source , if it's not installed automatically)cd /usr/share/doc/git/contrib/credential/libsecret(如果没有自动安装,请从源复制credential/libsecret文件夹)sudo makeFinally, you should point git to the newly created file in your config:
最后,您应该将git指向配置中新创建的文件:git config --global credential.helper /usr/share/doc/git/contrib/credential/libsecret/git-credential-libsecret
As noted by mati865 in the comments :正如mati865在评论中所指出的:
It should be noted that some distros like Arch and Fedora provide helpers available as both binary and source.
- Libsecret binary on Arch:
/usr/lib/git-core/git-credential-libsecret, and/usr/lib/git-core/git-credential-libsecret,以及- Libsecret binary on Fedora:
/usr/libexec/git-core/git-credential-libsecret./usr/libexec/git-core/git-credential-libsecret。
Note: As @rugk adds in the comments, for Fedora and Git v2.25.2-1 or higher , you need to install an extra package with that binary, because it has been split from the main git package :注意:正如@rugk在评论中添加的那样, 对于 Fedora 和 Git v2.25.2-1 或更高版本,您需要使用该二进制文件安装一个额外的包,因为它已从主 git 包中分离出来:
dnf install git-credential-libsecret
解决方案2
3 2016-04-13 06:15:22
Using sudo runs the command as root.使用sudo以 root 身份运行命令。 It's like asking your sysadmin, if you have one, to run a command for you.这就像要求您的系统管理员(如果您有)为您运行一条命令。 The root user is not meant to do anything development-related, and therefore git is not meant to be used as root. root用户不打算做任何与开发相关的事情,因此git不打算用作 root。
Once you run a command as another user (root or any other), it is expected that this other user cannot communicate normally with your usual user (in particular, it doesn't find your gnome-keyring-daemon here).一旦您以其他用户(root 或任何其他用户)身份运行命令,预计该其他用户将无法与您的常用用户正常通信(特别是,它在这里找不到您的 gnome-keyring-daemon)。
So, the answer is: "don't do that".所以,答案是:“不要那样做”。 If you really need to clone in a particular directory, give yourself permissions on that directory as suggested in CodeWizard's answer.如果您确实需要在特定目录中进行克隆,请按照 CodeWizard 的回答中的建议为自己授予对该目录的权限。 Actually, if you need to clone in a directory where you don't have permission, ask yourself whether you are doing something wrong: in principle, this shouldn't happen (my guess is: you already used sudo too much in the past and this is the reason why you have um-writable directories here and there).实际上,如果您需要在没有权限的目录中进行克隆,请问问自己是否做错了什么:原则上,这不应该发生(我的猜测是:您过去已经过多地使用了sudo并且这就是为什么你在这里和那里都有 um-writable 目录的原因)。
解决方案3
2 已采纳 2016-04-13 01:08:50
I sometimes need to run sudo git clone since sometimes the directory where I need to make a clone requires it.
The folder in which you try to clone the repository into was created by root so you dont have permission to write or to create folder under it unless you are root ( sudo ), set the permissions ( chmod or chown ) and you will be able to clone into the folder.您尝试将存储库克隆到的文件夹是由 root 创建的,因此除非您是 root ( sudo ),否则您无权在其下写入或创建文件夹,设置权限 ( chmod或chown ),您将能够克隆到文件夹中。
chmod 755 /path
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.