From bf019ca1db87a419d8ede6b49b4022419cc6230d Mon Sep 17 00:00:00 2001
From: Antoine Beaupré <anarcat@debian.org>
Date: Mon, 4 Apr 2016 16:33:02 -0400
Subject: simplify manpage example and ask another question

sorry for the noise again...
---
 ...ent_3_ad9c8630afa3358d438e41953dd8acac._comment | 15 +++++++++++++
 doc/git-annex-shell.mdwn                           | 25 +++++++++-------------
 2 files changed, 25 insertions(+), 15 deletions(-)
 create mode 100644 doc/bugs/git-annex-shell__58___bad_parameters_when_trying_to_configure_a_shell_sandbox/comment_3_ad9c8630afa3358d438e41953dd8acac._comment

diff --git a/doc/bugs/git-annex-shell__58___bad_parameters_when_trying_to_configure_a_shell_sandbox/comment_3_ad9c8630afa3358d438e41953dd8acac._comment b/doc/bugs/git-annex-shell__58___bad_parameters_when_trying_to_configure_a_shell_sandbox/comment_3_ad9c8630afa3358d438e41953dd8acac._comment
new file mode 100644
index 000000000..4fd37bee9
--- /dev/null
+++ b/doc/bugs/git-annex-shell__58___bad_parameters_when_trying_to_configure_a_shell_sandbox/comment_3_ad9c8630afa3358d438e41953dd8acac._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="anarcat"
+ subject="""fixed up"""
+ date="2016-04-04T20:30:22Z"
+ content="""
+
+Why doesn't the assistant use git-annex -c instead of setting up a
+wrapper that can potentially break? Seems like one moving parts too
+many...
+
+I have removed the wrapper from the manpage, as it seems a little
+annoying to setup manually for no real advantage that I can see. Note
+that the double-quotes need to be quoted otherwise the public key is
+completely ignored.
+"""]]
diff --git a/doc/git-annex-shell.mdwn b/doc/git-annex-shell.mdwn
index 502a1358a..ae696aec3 100644
--- a/doc/git-annex-shell.mdwn
+++ b/doc/git-annex-shell.mdwn
@@ -136,25 +136,20 @@ changed.
 
 # EXAMPLES
 
-git-annex-shell(1) is usually called through a wrapper installed by the git-annex-assistant(1) in the `~/.ssh/authorized_keys` file on the remote host. To make such a setup manually, you will need the following wrapper installed in `~/.ssh/git-annex-shell`:
+git-annex-shell(1) is usually called through a wrapper installed by
+the git-annex-assistant(1) in the `~/.ssh/authorized_keys` file on the
+remote host. You can also do a similar setup by adding a specific
+line with a `command=` parameter to `~/.ssh/authorized_keys` by hand.
 
-    #!/bin/sh
-    
-    set -e
-    if [ "x$SSH_ORIGINAL_COMMAND" != "x" ]; then
-        exec /usr/bin/git-annex-shell -c "$SSH_ORIGINAL_COMMAND"
-    else
-        exec /usr/bin/git-annex-shell -c "$@"
-    fi
+For example, the following forces the key to be read-only, run only
+git-annex commands on the given directory:
 
-Then restrictions can be implemented to specific SSH keys using the
-`command=` parameter. For example, the following forces the key to be
-read-only, run only git-annex commands on the given directory:
-
-    command="GIT_ANNEX_SHELL_DIRECTORY=/srv/annex GIT_ANNEX_SHELL_LIMITED=true GIT_ANNEX_SHELL_READONLY=true ~/.ssh/git-annex-shell",no-agent-forwarding,no-port-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1y[...] user@example.com
+    command="GIT_ANNEX_SHELL_DIRECTORY=/srv/annex GIT_ANNEX_SHELL_LIMITED=true GIT_ANNEX_SHELL_READONLY=true git-annex-shell -c \"$SSH_ORIGINAL_COMMAND\"",no-agent-forwarding,no-port-forwarding,no-X11-forwarding ssh-rsa AAAAB3NzaC1y[...] user@example.com
 
 Obviously, `ssh-rsa AAAAB3NzaC1y[...] user@example.com` needs to
-replaced with your SSH key.
+replaced with your SSH key. The above also assumes `git-annex-shell`
+is availble in your `$PATH`, use an absolute path if it is not the
+case.
 
 # SEE ALSO
 
-- 
cgit v1.2.3