tags:

views:

397

answers:

2
+2  Q: 

git-shell equivalent of svnserve -r?

I'm trying set up a git repository on a shared hosting account that can be accessed by both me and a friend. I have successfully done this with a Subversion repository by adding this line to ~/.ssh/authorized_keys:

command="/usr/bin/svnserve -t -r /path/to/svn/repo \
  --tunnel-user=myfriend",no-port-forwarding,no-agent-forwarding,\
  no-X11-forwarding,no-pty [ssh key]

I have got so far as to learn that git-shell is git's equivalent of svnserve, but there doesn't seem to be an equivalent of the -r option to restrict access to particular path. This is problematic because there are other git repositories that I don't want my friend to have access to.

I've read briefly about gitosis, which seems to be able to do what I'm wanting, but I want to see if there's a simpler solution before trying to set up another piece of software to accomplish this one specific requirement. Thanks in advance!

Edit: I found this article that provides a script to do it:

http://eagain.net/blog/2007/03/22/howto-host-git.html

But in fact, it's written by the same guy that later wrote gitosis and is marked as obsolete. It also seems that gitosis won't be possible in my situation because it requires creating a dedicated UNIX user which I can't do with a shared hosting account. I'd love to be proven wrong if I've misunderstood any of this, however!

A: 

I think it's simpler than all that: setting up a remote git repository

RyanWilcox  2010-01-03 00:28:48
That is a good resource but it doesn't seem to cover my particular issue. I understand how to set up a remote git repository. What I need to do is control access to it because it's not a public repository.
Jimmy Cuadra  2010-01-03 00:36:32
Ignoring the second half of the article -- shouldn't the first give you a repository that's controlled (to people who can log into that username on your machine)? It could be that I'm missing something, so if I am please let me know -- I assumed this would work for keeping repositories private, but maybe I was mistaken (and should change some things on my own servers)
RyanWilcox  2010-01-03 02:46:17
That guide does make the repository private in the sense that you must be able to connect via SSH to access it. The difference in my situation is that I have multiple git repositories under the shell account in question and only want to allow my friend to access one specific repository. git-shell doesn't seem to have a directly equivalent of svnserve's -r option, which allows you to restrict commands executed by a user with a particular SSH key to a specific path. Using that, I could set up my friend's connection to only have access to ~/repos/repo1 instead of everything under ~/repos.
Jimmy Cuadra  2010-01-03 03:52:07
You need to use separate IDs to give separate privileges, I think. That is, while you and your friend are sharing the same ID, you have the same privileges--that's what sharing means. If you don't want the sharing, separate the IDs.
Jonathan Leffler  2010-01-04 00:47:33
Not sure what you mean by IDs. There is only one shell account, but we're using different SSH keys. Restricting access to a particular directory is possible in this situation through svnserve when using a Subversion repository, but not through git-shell for a Git repository, as I have learned.
Jimmy Cuadra  2010-01-04 11:30:11
+1  A: 

Here are some options:

  • Control which repositories a user can access using normal Unix permissions.

  • Use a restricted login shell such as rssh and have your friend use rsync:// URLs for his remotes.

  • Serve the repository over HTTP or HTTPS with a username and password to protect it. You'll want to enable the git hook for updating the metadata.

daf  2010-01-03 01:37:50

related questions

Best strategy to write hooks for subversion in Windows
Database Version Control
Version control PHP Web Project
Experience with SVN vs. Team Foundation Server?
Best SVN Client Ignore Pattern for VB.NET Solutions?
SVN merge merged extra stuff
What is your favorite web app deployment workflow with SVN?
Integrating Fogbugz with TortoiseSVN with no URL/Subversion backend
Version Control. Getting started...
ASP.NET Display SVN Revision Number
How do I create a branch in SVN?
What do the result codes in svn mean?
Could you recommend a good free project hosting website?
Federated (Synced) Subversion servers?
Mechanisms for tracking DB schema changes
What are the advantages of using SVN over CVS?
Use SVN Revision to label build in CCNET
Best subversion client for Mac OS
Why is Git better than Subversion?
ASP.NET, Visual Studio and Subversion - how to integrate?
Best Practice: Collaborative Environment, Bin Directory, SVN
How do I sync the SVN revision number with my ASP.NET web site?
Best Subversion clients for Windows Vista (64bit)
Good branch/merge tutorials for Tortoise SVN?
How can you get Subclipse in Aptana to work with the newest release of Subversion?