[RE]Re: Authentication log Questions
김태호
taehokim at hicare.net
Fri Jun 11 10:07:02 UTC 2021
Hello KallitheaThank you for your answer !We have solved Question1 and Question3 but the second one.So, let me elaborate on the second question.The following attempts have been made to download kallithea-git repository which is about 150MB size:1.Changed the http_server option from gearbox to waitress.This makes it possible to download more files than the gearbox, but the 150MB file still fails.>> Command that I tired.ubuntu at DESKTOP-VD6IGV2:~$ git clone https://taehokim@scm.dev.my-company.net/my-company-smart/v2/hub-androidCloning into 'hub-android'...Password for 'https://taehokim@scm.dev.my-company.net:error: RPC failed; HTTP 504 curl 22 The requested URL returned error: 504fatal: the remote end hung up unexpectedly2. git config -> http.postbuffer=524288000It did not work at all...I wonder if it only works for git push command.3. NginxI thought Nginx possibly could solve this problem so I applied this to my server :https://kallithea.readthedocs.io/en/default/setup.html#nginx-virtual-host-examplethen it leaves log (kallithea.access.log) as following:13.209.204.126 - - [11/Jun/2021:07:59:04 +0000] "GET /my-company-Smart/v2/hub-android/info/refs?service=git-upload-pack HTTP/1.1" 401 448 "-" "git/2.25.1"13.209.204.126 - admin [11/Jun/2021:07:59:04 +0000] "GET /my-company-Smart/v2/hub-android/info/refs?service=git-upload-pack HTTP/1.1" 401 448 "-" "git/2.25.1"13.209.204.126 - admin [11/Jun/2021:07:59:06 +0000] "GET /my-company-Smart/v2/hub-android/info/refs?service=git-upload-pack HTTP/1.1" 200 7807 "-" "git/2.25.1"4. Changed repository settingI changedenable downloads option. (checked the box) So I could download the zip file.I don't think I can keep using this because all my coworkers usingSourcetree app. ButBut I think it's going to be a clue to solve this problem.Please let me know if you need me to try something else or more information.Thank you again !----- Original Message -----From : Mads Kiilerich <mads at kiilerich.com>To : "김태호" <taehokim at hicare.net>, <kallithea-general at sfconservancy.org>Cc : "박정환" <jeonghwan.park at hicare.net>Sent : 2021-06-10 21:26:19Subject : Re: Authentication log Questions
Hi
On 6/10/21 9:25 AM, 김태호 wrote:
>>
Question 1
We are constantly getting this kind of log as following (at
WARNING level) :
...
2021-06-10 07:04:42.989 ERROR
[kallithea.lib.auth_modules.auth_internal] user admin had a
bad password
2021-06-10 07:04:42.989 WARNI [kallithea.lib.auth_modules]
User `admin` failed to authenticate against
kallithea.lib.auth_modules.auth_internal
2021-06-10 07:04:48.507 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:04:48.853 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:05:18.535 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:05:18.848 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:05:48.560 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:05:48.859 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:06:18.592 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:06:18.865 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:06:39.255 WARNI [kallithea.lib.auth_modules]
User `member1` failed to authenticate against
kallithea.lib.auth_modules.auth_crowd
2021-06-10 07:06:45.635 WARNI [kallithea.lib.auth_modules]
User `member1`
failed to authenticate against
kallithea.lib.auth_modules.auth_crowd
2021-06-10 07:06:48.719 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:06:48.884 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
[2021-06-10 07:07:10 +0000] [5664] [INFO] Handling signal:
winch
2021-06-10 07:07:18.640 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:07:18.911 WARNI [kallithea.lib.auth] user is
anonymous and NOT authenticated with regular auth @
HomeController:index
2021-06-10 07:07:22.535 WARNI [kallithea.lib.auth_modules]
User `member1`
failed to authenticate against
kallithea.lib.auth_modules.auth_crowd
2021-06-10 07:07:28.507 WARNI [kallithea.lib.auth_modules]
User `member1`
failed to authenticate against
kallithea.lib.auth_modules.auth_crowd
...
I wonder why the log prints that the authentication
failedeven if login is successful.
It is very possible that some of the logging statements in the
code are too verbose. The code path might seem warning-ish when
looking at the particular function, but perhaps less relevant when
used in production. We can fix that.
For example, I noticed that one of the messages seems too verbose
and not helpful, so I will propose something like
https://kallithea-scm.org/repos/kallithea-incoming/changeset/2b37222f8d71
for next release.
Even if not a Python programmer, it should be possible for you to
find the log statements in the code and get an idea under what
circumstances it is emitted. That can provide a good argument why
the logging should be different.
For the log entries you show, the timestamps are so different
that it must be for different requests. INFO logging for
[logger_kallithea] will give more context ... but also make the
logging much more verbose and impossible to read if there are
multiple simultaneous requests.
Can you be more precise about which "wrong" log statements come
from one successful login?
>> Question 2
We changed http_server to waitress to download a large size
file from my kallithea-git.
Also I put larger value for channel_timeout
andmax_request_body_size(channel_timeout = 180,
max_request_body_size = 322122547200) in my .ini file.
But I still haven't received the same size file as the next
attached picture.
But I can still download small size files from Kallithea.
(Is this related to the other question asked some days ago? If
so: It is much better to follow up in that thread so we have all
the relevant information in one place, without mixing things up.
And make sure to answer all questions if you want help.)
Exactly what problem do you see? Can you reproduce it in a test
setup? Can you describe how you think we can reproduce the
problem?
>> Question 3
As a guest, whenever I push to git repositoy, the following
error message occurs.
ERROR MESSAGE 1:
POSTgit-receive-pack(642bytes)
remote:Traceback(mostrecentcalllast):
remote:File"hooks/pre-receive",line16,in<module>
remote:fromkallithea.lib.hooksimporthandle_git_pre_receiveas_handler
remote:ModuleNotFoundError:Nomodulenamed'kallithea'
ERROR MESSAGE 2:
Enumeratingobjects:46,done.
Deltacompressionusingupto8threads
Total32(delta17),reused0(delta0),pack-reused0
POSTgit-receive-pack(34113bytes)
Remote:Traceback(mostrecentcalllast):
Remote:File"hooks/pre-receive",line16,in<module>
Remote:fromkallithea.lib.hooksimporthandle_git_pre_receiveas_handler
Remote:ModuleNotFoundError:Nomodulenamed'kallithea'
Why cannot it find the 'kallithea' module?
This hook must have been installed by a previous Kallithea
version. Did you follow
https://kallithea.readthedocs.io/en/default/upgrade.html#reinstall-internal-git-repository-hooks
?
/Mads
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sfconservancy.org/pipermail/kallithea-general/attachments/20210611/b54f2b87/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0716925001623406022.png
Type: image/png
Size: 5022 bytes
Desc: not available
URL: <http://lists.sfconservancy.org/pipermail/kallithea-general/attachments/20210611/b54f2b87/attachment-0001.png>
More information about the kallithea-general
mailing list