summaryrefslogtreecommitdiff
path: root/doc/todo/git-annex-shell.mdwn
blob: 47db0c1ca73d6ad078f030b2b2d6c75122758d0d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
I've been considering adding a `git-annex-shell` command. This would
be similar to `git-shell` (and in fact would pass unknown commands off to
`git-shell`).

## Reasons

* Allows locking down an account to only be able to use git-annex (and
  git).
* Avoids needing to construct complex shell commands to run on the remote
  system. (Mostly already avoided by the plumbing level commands.)
* Could possibly allow multiple things to be done with one ssh connection
  in future.
* Allows expanding `~` and `~user` in repopath on the remote system.

## Design

`git-annex-shell -c <command> <repopath> <arguments>`

### options

Need at least `--quiet`, `--backend`, `--key`, `--force`

### commands

* `configlist repopath`

  Returns `git config --list`, for use by `tryGitConfigRead`.
  
  May filter the listed config to only the options git-annex really needs,
  to prevent info disclosure.

* `inannex repopath key ...`

  Checks if the keys are in the annex; shell exits zero if so.

* `dropkey repopath key ... `

  Same as `git annex dropkey`, and taking the same dashed options.

* `setkey repopath tmpfile`

  Same as `git annex setkey`, and taking the same dashed options.

### TODO

* To be usable as a locked down shell, needs a way to launch the
  rsync server, for file receiving. Safely?
* Also needs a way to support receiving files by scp.