blob: 47db0c1ca73d6ad078f030b2b2d6c75122758d0d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
I've been considering adding a `git-annex-shell` command. This would
be similar to `git-shell` (and in fact would pass unknown commands off to
`git-shell`).
## Reasons
* Allows locking down an account to only be able to use git-annex (and
git).
* Avoids needing to construct complex shell commands to run on the remote
system. (Mostly already avoided by the plumbing level commands.)
* Could possibly allow multiple things to be done with one ssh connection
in future.
* Allows expanding `~` and `~user` in repopath on the remote system.
## Design
`git-annex-shell -c <command> <repopath> <arguments>`
### options
Need at least `--quiet`, `--backend`, `--key`, `--force`
### commands
* `configlist repopath`
Returns `git config --list`, for use by `tryGitConfigRead`.
May filter the listed config to only the options git-annex really needs,
to prevent info disclosure.
* `inannex repopath key ...`
Checks if the keys are in the annex; shell exits zero if so.
* `dropkey repopath key ... `
Same as `git annex dropkey`, and taking the same dashed options.
* `setkey repopath tmpfile`
Same as `git annex setkey`, and taking the same dashed options.
### TODO
* To be usable as a locked down shell, needs a way to launch the
rsync server, for file receiving. Safely?
* Also needs a way to support receiving files by scp.
|