add a copy of my mailing list post
This commit is contained in:
Joey Hess
parent
c867ae842a
commit
bae3008d17
1 changed files with 20 additions and 0 deletions
|
|
@ -10,5 +10,25 @@ git-annex-shell subcommands to read-only users.
|
|||
I have posted an RFC for modifying gitolite to the
|
||||
[gitolite mailing list](http://groups.google.com/group/gitolite?lnk=srg).
|
||||
|
||||
> I have not developed a patch yet, but all that git-annex needs is a way
|
||||
> to ssh to the server and run the git-annex-shell command there.
|
||||
> git-annex-shell is very similar to git-shell. So, one way to enable
|
||||
> it is simply to set GL_ADC_PATH to a directory containing git-annex-shell.
|
||||
>
|
||||
> But, that's not optimal, since git-annex-shell will send off receive-pack
|
||||
> commands to git, which would bypass gitolite's permissions checking.
|
||||
> Also, it makes sense to limit readonly users to only download, not
|
||||
> upload/delete files from git-annex. Instead, I suggest adding something
|
||||
> like this to gitolite's config:
|
||||
|
||||
# If set, users with W access can write file contents into the git-annex,
|
||||
# and users with R access can read file contents from the git-annex.
|
||||
$GL_GIT_ANNEX = 0;
|
||||
|
||||
> If this makes sense, I'm sure I can put a patch together for your
|
||||
> review. It would involve modifying gl-auth-command so it knows how
|
||||
> to run git-annex-shell, and how to parse out the "verb" from a
|
||||
> git-annex-shell command line, and modifying R_COMMANDS and W_COMMANDS.
|
||||
|
||||
As I don't write python, someone else is needed to work on gitosis.
|
||||
--[[Joey]]
|
||||
|
|
|
|||
Loading…
Reference in a new issue