I'm having trouble setting up gitweb with gitolite. Gitolite works correctly, but gitweb keeps giving me a 404 – no projects found.

What's strange is that when I run the cgi script as the apache user the following way it seems to work correctly.

# su apache /var/www/git/gitweb.cgi --shell=/bin/sh
<tr class="dark">
<td><a class="list" href="?p=testing.git;a=summary">testing.git</a></td>
<td><a class="list" title="Test repo 3" href="?p=testing.git;a=summary">Test repo 3</a></td>

Gitweb should have reading access, and I've set $REPO_UMASK = 0022; in gitweb.conf and added apache to the gitolite group # usermod -a -G gitolite apache

# ls -l gitolite/
total 8
-rw-r--r--. 1 gitolite gitolite   12 Sep 28 08:47 projects.list
drwxr-x---. 4 gitolite gitolite 4096 Sep 28 04:52 repositories

My apache git config:

Alias /git /var/www/git

<Directory /var/www/git>
  Options +ExecCGI
  AddHandler cgi-script .cgi
  DirectoryIndex gitweb.cgi

Can anyone help me get this working? Been trying all day, reading different blogs and posts but it just won't work

Best Answer

Fixed it! I am running on RHEL and it turns out it was a problem with SELinux. When I disabled it, everything worked correctly. Since I didn't want to disable it for good, I found the solution on a blog for writing a module that sets the correct policies and installs it.

What I did was:

# mkdir gitolite-selinux; cd gitolite-selinux
# touch local.te local.if local.fc
# vim local.te

module gitolite 1.0;

require {
type git_system_t;
type httpd_t;
type var_t;
type gitosis_var_lib_t;
type httpd_git_script_t;
class dir { search read getattr open };
class file { getattr read open ioctl };

#============= git_system_t ==============
allow git_system_t gitosis_var_lib_t:dir { read search open getattr };
allow git_system_t gitosis_var_lib_t:file { read getattr open };

#============= httpd_git_script_t ==============
allow httpd_git_script_t gitosis_var_lib_t:dir { read search open getattr };
allow httpd_git_script_t gitosis_var_lib_t:file { read getattr open ioctl };

#============= httpd_t ==============
allow httpd_t var_t:file getattr;

# make -f /usr/share/selinux/devel/Makefile
# semodule -i gitolite.pp
