summaryrefslogtreecommitdiff
path: root/doc/todo
diff options
context:
space:
mode:
authorGravatar Joey Hess <joey@kitenet.net>2011-10-15 13:17:00 -0400
committerGravatar Joey Hess <joey@kitenet.net>2011-10-15 13:17:00 -0400
commitbae3008d17d492b174db552f64c0cdfaf1804bdd (patch)
treecced1f0fb724915a65fbcc99a822e18487c758f1 /doc/todo
parentc867ae842ae15e03eb7d36704a33ce62f2a8fe16 (diff)
add a copy of my mailing list post
Diffstat (limited to 'doc/todo')
-rw-r--r--doc/todo/gitolite_and_gitosis_support.mdwn20
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/todo/gitolite_and_gitosis_support.mdwn b/doc/todo/gitolite_and_gitosis_support.mdwn
index 0131cdc07..daa54854d 100644
--- a/doc/todo/gitolite_and_gitosis_support.mdwn
+++ b/doc/todo/gitolite_and_gitosis_support.mdwn
@@ -10,5 +10,25 @@ git-annex-shell subcommands to read-only users.
I have posted an RFC for modifying gitolite to the
[gitolite mailing list](http://groups.google.com/group/gitolite?lnk=srg).
+> I have not developed a patch yet, but all that git-annex needs is a way
+> to ssh to the server and run the git-annex-shell command there.
+> git-annex-shell is very similar to git-shell. So, one way to enable
+> it is simply to set GL_ADC_PATH to a directory containing git-annex-shell.
+>
+> But, that's not optimal, since git-annex-shell will send off receive-pack
+> commands to git, which would bypass gitolite's permissions checking.
+> Also, it makes sense to limit readonly users to only download, not
+> upload/delete files from git-annex. Instead, I suggest adding something
+> like this to gitolite's config:
+
+ # If set, users with W access can write file contents into the git-annex,
+ # and users with R access can read file contents from the git-annex.
+ $GL_GIT_ANNEX = 0;
+
+> If this makes sense, I'm sure I can put a patch together for your
+> review. It would involve modifying gl-auth-command so it knows how
+> to run git-annex-shell, and how to parse out the "verb" from a
+> git-annex-shell command line, and modifying R_COMMANDS and W_COMMANDS.
+
As I don't write python, someone else is needed to work on gitosis.
--[[Joey]]