I'm really at a loss here. I've read through quite a few examples, and tried all of them. The most basic ones work fine, but anytime I try to move to something a bit more complicated everything falls apart (even when I'm directly copying the example). Also, for the record I am on gitolite version 3 as shown by the server spam:

我真的很茫然。我已经阅读了很多示例，并尝试了所有示例。最基本的工作正常，但每当我尝试转向更复杂的东西时，一切都会崩溃（即使我直接复制示例）。另外，作为记录，我使用的是 gitolite 版本 3，如服务器垃圾邮件所示：

    this is gitolite@ubuntuserver running gitolite3 v3.1-2-g3eefc06 on git 1.7.9.5         

All this said what I am TRYING to accomplish is (I THINK) relatively simple. I have a group of junior developers [@scrubs], and I only want them to create and commit to new branches, and be able to read/pull master. That way I can review their code before it gets merged in.

所有这一切都表明我试图完成的是（我认为）相对简单。我有一群初级开发人员 [@scrubs]，我只希望他们创建和提交新分支，并且能够读取/拉取 master。这样我就可以在合并之前查看他们的代码。

I have a group of senior developers [@vets] that I want to have free reign.

我有一群高级开发人员 [@vets]，我想自由支配。

My config file is as follows:

我的配置文件如下：

     @scrubs         = al ted matthew
     @vets           = kevin will guy

     @offlimitbranches = master$

     repo    gitolite-admin
             RW+     =   @vets matthew

     repo    dawebsite
             RW+                     =   @vets
             -   @offlimitbranches   =   @scrubs
             RW+                     =   @scrubs
             R   @offlimitbranches   =   @scrubs
             R                       =   daemon
             option deny-rules = 1

     dawebsite "Owner"               = "This is THE site"

I noticed nothing worked at all for denying till I added :

在我补充之前，我注意到没有任何东西可以否认：

    option deny-rules = 1

of which I think I found in maybe one out of 20 examples (a touch of a rant forgive the frustration.

其中我想我可能在 20 个例子中找到了一个（有点咆哮原谅了沮丧。

With this current set up vets can do anything as expected.

有了这个当前的设置，兽医可以按预期做任何事情。

scrubs can neither pull or push to master (and I think that's because it grabs the first rule it can possible match?) Scrubs also can not pull or push to any non master branch, nor push newly created branches. Each attempt returns the same message "FATAL: [R/W] any dawebsite matthew DENIED by refs/heads/master$"

擦洗既不能拉取或推送到主分支（我认为这是因为它抓住了它可能匹配的第一个规则？）擦洗也不能拉或推送到任何非主分支，也不能推送新创建的分支。每次尝试都返回相同的消息“FATAL: [R/W] any dawebsite matthew DENIED by refs/heads/master$”

I've tried using master, master$, @offlimitbranches and even refs/heads/master to no avail for the branch ref.

我试过使用 master、master$、@offlimitbranches 甚至 refs/heads/master 对分支 ref 无济于事。

If anyone can help shed some light on this for me I'd be quite appreciative.

如果有人可以帮助我对此有所了解，我将不胜感激。

Update**

更新**

Playing around with things I've noticed that if i remove matthew from the scrubs group and try to manipulate him directly with

玩弄我注意到的事情，如果我从磨砂组中删除马修并尝试直接操纵他

    -       master$         =   matthew
    RW+                     =   matthew

if he moves to a new branch and tried the following: (thanks VonC for the heads up on the logs)

如果他搬到一个新的分支并尝试以下操作：（感谢 VonC 对日志的提醒）

git pull origin newBranch
git push origin newBranch

each returns an error

每个都返回一个错误

PULL:

拉：

ARGV=matthew    SOC=git-upload-pack 'dawebsite.git'     FROM=172.24.1.198
access(dawebsite, matthew, R, 'any'),-> R any dawebsite matthew DENIED by refs/heads/master$
trigger,Writable,access_1,ACCESS_1,dawebsite,matthew,R,any,R any dawebsite,matthew DENIED by refs/heads/master$
R any dawebsite matthew DENIED by refs/heads/master$<<newline>>(or you mis-spelled the reponame)

PUSH:

推：

ARGV=matthew    SOC=git-receive-pack 'dawebsite.git'    FROM=172.24.1.198
access(dawebsite, matthew, W, 'any'),-> W any medehrdev matthew DENIED by refs/heads/master$
trigger,Writable,access_1,ACCESS_1,dawebsite,matthew,W,any,W any dawebsite matthew DENIED by refs/heads/master$
W any dawebsite matthew DENIED by refs/heads/master$<<newline>>(or you mis-spelled the reponame)

It seems all my branches match against the ref master$ is that because they are all spawned off of master?

似乎我所有的分支都与 ref master$ 匹配是因为它们都是从 master 中产生的？