• Properties

  • Git HTTP https://git.kmx.io/kmx.io/git-auth.git
    Git SSH git@git.kmx.io:kmx.io/git-auth.git
    Public access ? public
    Description

    Authentication and ACL system for git.

    Users
    thodg
    Tags

  • README.md

  • GIT-AUTH

    Synopsis

    GIT_AUTH_ID=ID git-auth COMMAND [ARGS ...]</td>

    Description

    git-auth starts by reading rules from /etc/git-auth.conf, one rule per line. Empty lines and lines starting with # are ignored. Each rule is made of tokens separated by one or more spaces.

    git-auth executes COMMAND and ARGS using execvp if the requested ID, COMMAND and ARGS match any of the rules defined in /etc/git-auth.conf.

    git-auth matches a rule by matching all the rule’s tokens with ID, COMMAND and ARGS in order. Comparison is case sensitive.

    A wildcard token “*” matches any string.

    Environment

    • GIT_AUTH_ID : an arbitrary token to match with the rules. This is usually set for each public key in /home/git/.ssh/authorized_keys with environment=”GIT_AUTH_ID=…” ssh-rsa …

    Configuration

    Access control rules for each git repository go into /etc/git-auth.conf.

    The syntax of this file is one rule per line. Each rule is composed of symbols separated by spaces. In order :

    • A GIT_AUTH_ID value that was set in /home/git/.ssh/authorized_keys.
    • A git-shell command : either git-upload-pack for read access, or git-receive-pack for write access.
    • A repository path, relative to /home/git, example: thodg/config.git

    Files

    • /etc/git-auth.conf
    • /home/git/.ssh/authorized_keys