[sr-dev] [OT] How does SR Git repository handle access permissions?
Andrei Pelinescu-Onciul
andrei at iptel.org
Thu Oct 15 10:05:15 CEST 2009
On Oct 14, 2009 at 16:46, I??aki Baz Castillo <ibc at aliax.net> wrote:
> Hi, sorry for this off-topic.
>
> I'm starting with Git (yeah!) and creating a repository in my server to manage
> various projects.
>
> I'm learning about Git and access control (users, permissions, authorization
> per repository and so).
>
> How is this stuff implemented in SR Git repository? does it use Gitosis? If
> not, how is managed the permissions?
No, it doesn't use gitosis.
All devels have an account on the machine with git-shell as a shell
which enables them restricted ssh access (only 4 git commands).
Each user has his name and email address set up as an env var
(e.g. GIT_COMMITTER_EMAIL="andrei at iptel.org").
The permissions are based on the group.
(I might have missed something, Jan did all the work)
The branch permissions are based on a modified update hook
(I don't remember where the original version came from, but now its
"merged" also with
http://www.kernel.org/pub/software/scm/git/docs/howto/update-hook-example.txt).
It uses a permissions file with the following format:
branch_pattern user_pattern_list
where all the patterns are REs, e.g.:
refs/heads/master$ .*
(everybody can commit on master).
Andrei
More information about the sr-dev
mailing list