diff options
| author | Rafael Laboissiere <rafael@laboissiere.net> | 2016-01-21 18:23:51 -0200 |
|---|---|---|
| committer | Rafael Laboissiere <rafael@laboissiere.net> | 2016-01-21 18:34:29 -0200 |
| commit | e861551f7330a17f89f2b0704c906dd3451f8fbd (patch) | |
| tree | 4b9f00cc0b9a27f4c1fb10a0e8cece635408f5b6 /add-git-user | |
| parent | 728464761221bcaaf80cd4a2b0c7d323be396cbb (diff) | |
Allow the inclusion of RSA keys with read-only access
This is accomplished by using option 'command="..."' that precede the
key sting in the authorized_keys file. The add-authorized-keys script
accepts now the -r option for enabling the inclusion of the option
above.
The included option is actually 'command="read-only"', which points to
a new script named read-only that is installed in the
git-shell-commands directory of the Git user's login directory. This
is done in the add-git-user script.
Also, this commit makes some improvement in the code. The
add-authorized-keys script has now a usage function and accepts a -h
option. The add-git-user script has been better documented
Diffstat (limited to 'add-git-user')
| -rwxr-xr-x | add-git-user | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/add-git-user b/add-git-user index 1f5eec1..84660cb 100755 --- a/add-git-user +++ b/add-git-user @@ -63,6 +63,21 @@ printf '%s\\n\\n' "provide interactive shell access." exit 128 EOF chmod +x $nolog + +### Create the read-only script +readonly=$gitshdir/read-only +cat > $readonly <<EOF +#!/bin/bash +read -a tokens <<< "\$SSH_ORIGINAL_COMMAND" +if [ "\${tokens[0]}" != git-receive-pack ] ; then + exec git-shell -c "\$SSH_ORIGINAL_COMMAND" +else + exit 128 +fi +EOF +chmod +x $readonly + +### Adjust owner of git-shell-commands directory chown -R $user:$user $gitshdir ### Initialize the SSH directory |