Re: [RFC] Secure central repositories by UNIX socket authentication

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Shawn O. Pearce <spearce@...>

Cc: Johannes Schindelin <Johannes.Schindelin@...>, <git@...>

Subject: Re: [RFC] Secure central repositories by UNIX socket authentication

Date: Monday, January 28, 2008 - 4:14 am

On Sun, Jan 27, 2008 at 12:32:13PM -0500, Shawn O. Pearce wrote:
quoted text> 
> So you come down to four options:

<snip>

How about gitosis? It requires only one extra user (usually called git),
which is the owner of all repos. This user has git-shell as its login
shell. All users are authorized by their ssh keys. The configuration and
kyes are stored in the special repo called gitosis-admin. You can define
what users to what repositories have read or write access. This is done
by adding a user to one or more groups defined in gitosis configuration.
You can have as much groups as you want. The default configuration looks
like this:

[group gitosis-admin]
writable = gitosis-admin
members = your-name

It defines the gitosis-admin group, member of which can write to the
gitosis-admin repo, and you are member of that group.

WRRNING: I have not used gitosis myself, but it looks worthy of a try.

Dmitry
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[RFC] Secure central repositories by UNIX socket authenticat..., Shawn O. Pearce, (Sun Jan 27, 6:39 am)

Re: [RFC] Secure central repositories by UNIX socket authent..., Junio C Hamano, (Sun Jan 27, 6:56 pm)

Re: [RFC] Secure central repositories by UNIX socket authent..., Shawn O. Pearce, (Sun Jan 27, 8:47 pm)

Re: [RFC] Secure central repositories by UNIX socket authent..., Junio C Hamano, (Mon Jan 28, 3:25 am)

Re: [RFC] Secure central repositories by UNIX socket authent..., Shawn O. Pearce, (Mon Jan 28, 3:56 am)

Re: [RFC] Secure central repositories by UNIX socket authent..., Shawn O. Pearce, (Mon Jan 28, 3:51 am)

Re: [RFC] Secure central repositories by UNIX socket authent..., Asheesh Laroia, (Mon Jan 28, 10:23 am)

Re: [RFC] Secure central repositories by UNIX socket authent..., Shawn O. Pearce, (Mon Jan 28, 11:11 pm)

git-daemon is insecure? (was: [RFC] Secure central repositor..., Shawn O. Pearce, (Sun Jan 27, 8:16 pm)

Re: git-daemon is insecure?, Junio C Hamano, (Sun Jan 27, 11:00 pm)

Re: git-daemon is insecure?, Shawn O. Pearce, (Sun Jan 27, 11:20 pm)

Re: [RFC] Secure central repositories by UNIX socket authent..., Johannes Schindelin, (Sun Jan 27, 10:04 am)

Re: [RFC] Secure central repositories by UNIX socket authent..., Shawn O. Pearce, (Sun Jan 27, 1:32 pm)

Re: [RFC] Secure central repositories by UNIX socket authent..., Dmitry Potapov, (Mon Jan 28, 4:14 am)

Re: [RFC] Secure central repositories by UNIX socket authent..., Johannes Schindelin, (Sun Jan 27, 2:51 pm)

Re: [RFC] Secure central repositories by UNIX socket authent..., Shawn O. Pearce, (Sun Jan 27, 8:54 pm)


linux-kernel:
Theodore Tso	Re: -mm merge plans for 2.6.23 -- sys_fallocate
Amit K. Arora	[RFC] Heads up on sys_fallocate()
Tarkan Erimer	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Greg Kroah-Hartman	[PATCH 011/196] sysfs: Fix a copy-n-paste typo in comment
git:

linux-netdev:
Jarek Poplawski	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
David Miller	Re: [GIT]: Networking
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Frans Pop	svc: failed to register lockdv1 RPC service (errno 97).
openbsd-misc:

Re: [RFC] Secure central repositories by UNIX socket authentication

Online users