tags:

views:

152

answers:

1
+2  Q: 

Can Gitosis enforce correct user name/email?

Gitosis is able to authenticate users based on public/private key pair. It is able to find out which user is currently committing. However, the user name and email is taken from the client's Git configuration ('git config user.name' etc.), which can be set to arbitrary values. Is there any way to associate user names and emails with their public keys and then make Gitosis uses these names and emails as the name and email of the committer?

I do not care if I will use Gitosis or WebDAV or some other alternative to share the repository. It just seems to me that none of the available methods supports this enforcement of using some kind of "correct" user name and email. If there exists some alternative, please tell me about it.

+1  A: 

The example update-paranoid hook in Git sources does the following check:

For all new commit or tag objects the committer (or tagger) line within the object must exactly match one of the user.committer values listed in the acl file.

I guess that one can configure Gitosis or Gitolite to do similar check, or you can write your own upate or pre-receive hook. In all those cases the push must be done via "smart" transport, one that can use Git. This mean pushing via SSH, or via "smart" HTTP (git-http-backend); it excludes pushing via WebDAV ("dumb" HTTP(S)).

Note that it doesn't make sense to check authorship of commits, as they may come from patches send by email (it is committer that should check them before applying), or from cherry-picking or rebasing.

Jakub Narębski  2010-04-18 10:51:53
Thank you for your answer. I will most probably try git-http-backend. The problem with using hooks with Gitosis was that it did not set the name of the user who was logged in (it was always set to "git")
koumes21  2010-04-19 14:56:13
@koumes21: Gitosis (and Gitolite) does authentication based on SSH key used, so it has notion which user accessed repository ("logged in"), even if it uses 'git' shell account. Gitolite provides user that "logged in" in `GL_USER` environment variable; I don't know about Gitosis.
Jakub Narębski  2010-04-19 16:35:04

related questions

How to have two remote orgins for Git?
Why is branching and merging easier in Mercurial than in Subversion?
Is there a better way of writing a git pre-commit hook to check any php file in a commit for parse errors ?
Bug tracker setup with Git integration?
Does git have anything like `svn propset svn:keywords` or pre-/post-commit hooks?
git-stash vs. git-branch
Git "bad sha1 file" error
Should I use GitHub+Fogbugz or Assembla?
How do you remove a specific revision in the git history?
How do you organise multiple git repositories?
What is the Difference Between Mercurial and Git?
How do I restore files to previous states in git?
Is there anything like TortoiseCVS and TortoiseSVN for git?
Good Git repository viewer for Mac
Deploying a Git subdirectory in Capistrano
How to "unversion" a file in either svn and/or git
How can I graph the Lines of Code history for git repo?
Switch branch names in git
Migrating to GIT
How can I set up an editor to work with Git on Windows?
How do you deal with configuration files in source control?
Undoing a git reset --hard HEAD~1
Version Control. Getting started...
Why is Git better than Subversion?
Distributed source control options