DavLockDB “/usr/var/DavLock”

I then checked the /usr/ directory, the ‘var’ directory was missing.
$ mkdir var
$ cd var
$ chown www .
$ chgrp www .

And then repeating the process seems that now I can push!! =)

So hereby the answer for those who should come by and have the same problem.

I’ve got some trouble trying to set up a git server.
Here’s my goal:

1: read/write server (preferrably using webdav)
2: GitX client (eg. a user-interface client)

I’m used to CVS, and know how to use the terminal app. for basic CVS operations, but I don’t want to do that anymore. As it’s been a while since I used CVS, I don’t have any current installation, but want to have some version control again.
I also got tired of typing. Now I want a button I can click, whenever I want the computer to work for me.

Here’s what I’ve learned / done so far. I’m using Mac OS X Leopard for everything.

install git:
* Download git-1.7.0.tar.gz, depack it, run ./configure && make && sudo make install
* Check version by doing $git –version, verified, this works.
* Download and install man pages, verified, this works.
* Customize prompt to use __git_ps1, this works.
* Create a repository at /Web/git/repository.git/, enable WebDAV with BasicAuth, this seems to work, as when I go there, my browser asks me for username/password. I can view the files/folders in the browser after restarting Apache.
* Created a .netrc file in my home directory on my client machine. This seems to work if using curl –netrc.

Now… This is where I’m stuck.
I made a junk-project; eg. a folder with an Xcode project in it, and a few text-files.
I want to add this to the repository on the server.
From what I understood, I have to first create a repository inside the project folder, so I’ve tried…
$ git init
Initialized empty Git repository in /Users/username/MyProject/.git/
(master) $ git add .
(master) $ git config remote.upload.url http://username@domain/repository.git/
(master) $ git commit
[typing ‘initial commit.’ in vi and pressing :wq to write and exit
(master) $ git push upload master
Here I’m asked to type a password.
If I type my sudo password, I get
fatal: HTTP request failed
If I type my repository password, I get…
error: cannot lock existing info/refs
fatal: git-http-push failed

-So I guess I am supposed to type my repository password, which makes more sense.

I then tried something different…

$ mkdir test; cd test
$ git clone http://username:password@domain/repository.git/
Initialized empty Git repository in /Users/jens/__test/repository/.git/
warning: You appear to have cloned an empty repository.
$ cd repository/
(master) $ echo “helloiamjmp” >testfile.txt
(master) $ git add testfile.txt
(master) $ git commit
(master) $ git config remote.upload.url http://username@domain/repository.git/
(master) $ git push upload master
Password: (entered repository password)
Password: (entered repository password)
error: cannot lock existing info/refs
fatal: git-http-push failed

Do you have any idea on where I’m going wrong, and perhaps why / how ?

In doing knowledge management I had to think in floating structures and moving targets – this is more like gardening too. That does not mean that there are no plans! It means that there are overlapping and sometimes conflicting plans. I suppose, that in programming it will help to analyze dependencies of (a) goals and (b) structures at an early stage - and permanently. (But I am not in that business, maybe this is actually done that way.)

If you don’t trust HTTPS, then maybe HTTPS should change or be replaced for something better. I don’t see what OpenID can do here.

However, there are some ideas to implement the OpenID provider into the browser. I am not sure how this will work out technically, but it sounds like a solution to your problem.

What kind of phishing attacks for conventional login methods do you mean?

Besides: Conventional logins are all vulnerable to phishing, as we know. At least OpenID doesn’t do anything worse. To take it further, it enables the use of phishing proof authentication methods (e.g. public/private key, chipcard) for all OpenID enabled sites.

I’d start getting suspicious if it asked me for my user/pwd. Even if it did, my browser (Opera) would display the “magic wand” highlighting signifying that the browser already knows the credentials for that site. I’d be VERY worried if it didn’t show that.

I more strongly suspect that OpenID in its current form won’t ever go mainstream, so we probably won’t even see OpenID phishing attacks.