From 716ea2918161094d2fdbdef60e924bbfc065ec47 Mon Sep 17 00:00:00 2001
From: Till Maas <till@fedoraproject.org>
Date: Feb 09 2010 14:56:36 +0000
Subject: - RHEL defines %{_sharedstatedir} to be %{_prefix}/com, so use a %global

    redirection to set the homedir to a proper value (/var/lib). Red Hat
    Bug #185862
- add missing exit 0 to %pre
- Update wiki UserAndGroups Url to the redirection target
- create empty authorized_keys file for gitolite user
- make homedir not world readable

---

diff --git a/README b/README
index 0a933e4..03a1b9e 100644
--- a/README
+++ b/README
@@ -5,8 +5,11 @@ should work.
 
 The "easy" installation should be done as follows:
 
-1.) Create ~gitolite/.ssh/authorized_keys and add your key there
-2.) gl-easy-install gitolite localhost $LOGNAME 
+1.) Add your key to ~gitolite/.ssh/authorized_keys
+2a.) If gitolite is running on the same machine, that you are using, run:
+     gl-easy-install gitolite localhost $LOGNAME 
+2b.) If gitolite is running on another machine, run on your local machine:
+     gl-easy-install gitolite <hostname> <your_gitolite_username> 
 3.) gitolite-admin is cloned. Now you can add repositories by modyfing
     configuration there and pushing it back.
 
diff --git a/gitolite.spec b/gitolite.spec
index 3266234..7cd309c 100644
--- a/gitolite.spec
+++ b/gitolite.spec
@@ -71,6 +71,7 @@ rm -rf $RPM_BUILD_ROOT
 
 # Directory structure
 install -d $RPM_BUILD_ROOT%{gitolite_homedir}
+install -d $RPM_BUILD_ROOT%{gitolite_homedir}/.ssh
 install -d $RPM_BUILD_ROOT%{_bindir}
 install -d $RPM_BUILD_ROOT%{perl_vendorlib}
 install -d $RPM_BUILD_ROOT%{_datadir}/%{name}
@@ -80,17 +81,21 @@ install -p src/gl-* $RPM_BUILD_ROOT%{_bindir}
 install -p -m644 src/*.pm $RPM_BUILD_ROOT%{perl_vendorlib}
 cp -a conf src/hooks src/ga-* $RPM_BUILD_ROOT%{_datadir}/%{name}
 
+# empty authorized_keys file
+touch $RPM_BUILD_ROOT%{gitolite_homedir}/.ssh/authorized_keys
+
  
 %clean
 rm -rf $RPM_BUILD_ROOT
 
 
 %pre
-# Add "gitolite" user per http://fedoraproject.org/wiki/Packaging/UsersAndGroups
+# Add "gitolite" user per https://fedoraproject.org/wiki/Packaging:UsersAndGroups
 getent group %{name} >/dev/null || groupadd -r %{name}
 getent passwd %{name} >/dev/null || \
 useradd -r -g %{name} -d %{gitolite_homedir} -s /bin/sh \
         -c "git repository hosting" %{name}
+exit 0
 
 
 %files
@@ -98,7 +103,10 @@ useradd -r -g %{name} -d %{gitolite_homedir} -s /bin/sh \
 %{_bindir}/*
 %{perl_vendorlib}/*
 %{_datadir}/%{name}
-%attr(-,%{name},%{name}) %{gitolite_homedir}
+# make homedir non world readable
+%attr(750,%{name},%{name}) %{gitolite_homedir}
+%attr(750,%{name},%{name}) %{gitolite_homedir}/.ssh
+%config(noreplace) %attr(640,%{name},%{name}) %{gitolite_homedir}/.ssh/authorized_keys
 %doc doc/COPYING doc/*.html README
 
 
@@ -107,6 +115,10 @@ useradd -r -g %{name} -d %{gitolite_homedir} -s /bin/sh \
 - RHEL defines %%{_sharedstatedir} to be %%{_prefix}/com, so use a %%global
   redirection to set the homedir to a proper value (/var/lib).
   Red Hat Bug #185862
+- add missing exit 0 to %%pre
+- Update wiki UserAndGroups Url to the redirection target
+- create empty authorized_keys file for gitolite user
+- make homedir not world readable
 
 * Thu Jan 21 2010 Lubomir Rintel (GoodData) <lubo.rintel@gooddata.com> - 0.95-3.20091216git
 - Add documentation