diff options
author | Joey Hess <joey@kitenet.net> | 2011-10-15 13:17:00 -0400 |
---|---|---|
committer | Joey Hess <joey@kitenet.net> | 2011-10-15 13:17:00 -0400 |
commit | bae3008d17d492b174db552f64c0cdfaf1804bdd (patch) | |
tree | cced1f0fb724915a65fbcc99a822e18487c758f1 /doc/todo | |
parent | c867ae842ae15e03eb7d36704a33ce62f2a8fe16 (diff) |
add a copy of my mailing list post
Diffstat (limited to 'doc/todo')
-rw-r--r-- | doc/todo/gitolite_and_gitosis_support.mdwn | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/todo/gitolite_and_gitosis_support.mdwn b/doc/todo/gitolite_and_gitosis_support.mdwn index 0131cdc07..daa54854d 100644 --- a/doc/todo/gitolite_and_gitosis_support.mdwn +++ b/doc/todo/gitolite_and_gitosis_support.mdwn @@ -10,5 +10,25 @@ git-annex-shell subcommands to read-only users. I have posted an RFC for modifying gitolite to the [gitolite mailing list](http://groups.google.com/group/gitolite?lnk=srg). +> I have not developed a patch yet, but all that git-annex needs is a way +> to ssh to the server and run the git-annex-shell command there. +> git-annex-shell is very similar to git-shell. So, one way to enable +> it is simply to set GL_ADC_PATH to a directory containing git-annex-shell. +> +> But, that's not optimal, since git-annex-shell will send off receive-pack +> commands to git, which would bypass gitolite's permissions checking. +> Also, it makes sense to limit readonly users to only download, not +> upload/delete files from git-annex. Instead, I suggest adding something +> like this to gitolite's config: + + # If set, users with W access can write file contents into the git-annex, + # and users with R access can read file contents from the git-annex. + $GL_GIT_ANNEX = 0; + +> If this makes sense, I'm sure I can put a patch together for your +> review. It would involve modifying gl-auth-command so it knows how +> to run git-annex-shell, and how to parse out the "verb" from a +> git-annex-shell command line, and modifying R_COMMANDS and W_COMMANDS. + As I don't write python, someone else is needed to work on gitosis. --[[Joey]] |