kmx.io/git-auth/README.md

Branch : - branch - master v0.2 - tag - v0.1.0 v0.2.0 v0.2.1

• Show log

  Commit

• Author : Thomas de Grivel
  Date : 2020-03-09 14:08:05
  Hash : 3494bfc8
  Message : document rules

• README.md

• # GIT-AUTH
  
  ## Synopsis
  
      GIT_AUTH_ID=ID git-auth COMMAND [ARGS ...]</td>
  
  ## Description
  
  **git-auth** starts by reading rules from /etc/git-auth.conf, one rule
  per line. Empty lines and lines starting with # are ignored. Each rule
  is made of tokens separated by one or more spaces.
  
  **git-auth** executes COMMAND and ARGS using execvp if the requested ID,
  COMMAND and ARGS match any of the rules defined in /etc/git-auth.conf.
  
  **git-auth** matches a rule by matching all the rule's tokens with ID,
  COMMAND and ARGS in order. Comparison is case sensitive.
  
  A wildcard token "*" matches any string.
  
  ## Environment
  
   * **GIT_AUTH_ID** : an arbitrary token to match with the rules.
  This is usually set for each public key in /home/git/.ssh/authorized_keys
  with
      environment="GIT_AUTH_ID=..." ssh-rsa ...
  
  ## Configuration
  Access control rules for each git repository go into
  `/etc/git-auth.conf`.
  
  The syntax of this file is one rule per line.
  Each rule is composed of symbols separated by spaces.
  In order :
   - A **GIT_AUTH_ID** value that was set in
     `/home/git/.ssh/authorized_keys`.
   - A `git-shell` command : either `git-upload-pack` for read access,
     or `git-receive-pack` for write access.
   - A repository path, relative to `/home/git`,
     example: `thodg/config.git`
  
  ## Files
  
   * /etc/git-auth.conf
   * /home/git/.ssh/authorized_keys