[Cryptech Core] Two proposed changes to gitolite configuration

[Rob Austein]

I'm proposing two minor changes to the current gitolite configuration.
Silence will be taken as assent, but discussion or outright
disagreement is welcome if anybody but me actually cares.  Both
proposed changes are just trying to automate mess prevention, no real
security issues or anything like that here.

1) We've talked about having a user/ tree.  While we can do that
   already with the current configuration, the Principle of Least
   Astonishment suggests that, by default, nobody but user foo should
   be allowed to create or push to user/foo/bar.  In theory this is a
   four line addition to the config file (it's even documented).

2) I've come to the conclusion that, at least for our purposes,
   gitolite's default behavior of creating an empty repository when
   one clones a repository that doesn't exist is probably a mistake.
   I've been through several cycles of cleaning up empty repositories
   created this way, no big deal, but also pretty clearly not what
   users expect when they type the wrong URI for a repository they
   want to clone.  There are two possible fixes for this:

   2a) Disable create-on-clone but continue to allow create-on-push.

   2b) Disable automatic creation entirely, so creating a new
       repository would require an explicit command:

       $ ssh git at git.cryptech.is create foo/bar

   For those masochistic enough to follow along in the gitolite
   documentation, these options refer to the .gitolite.rc options
   "no-create-on-read" and "no-auto-create", respectively.

   Absent strong opinions, I'll go with (2a), as my guess is that
   this group is reasonably careful when pushing stuff to a new
   repository for the first time; the mess to date has pretty clearly
   just been accidental create-on-clone.