| GNU Rush – a restricted user shell. (split by section): |
Section: |
 |
 |
Chapter: |
 |
 |
 |
Doc: |
 |
 |
|
? |
6.6 git
Remote access to Git repositories over ssh causes execution of
git-receive-pack and git-upload-pack on the server.
The simplest rule for Git is:
| | rule git
command ^git-(receive|upload)-pack
transform[0] s|^|/usr/bin/|
|
The transform action is necessary to ensure the proper location
of Git binaries to use. This example supposes they are placed in
‘/usr/bin’, you will have to tailor it if they are located
elsewhere on your system.
To limit Git accesses to repositories under ‘/gitroot’ directory, use
match[1] construct, as shown in the example below:
| | rule git
command ^git-(receive|upload)-pack
match[1] ^/gitroot[^ ]+\.git$
transform[0] s|^|/usr/bin/|
|
To provide more helpful error messages, you may follow this rule by a
trap rule (see section trap rules):
| | # Trap the rest of Git requests:
rule git-trap
command ^git-.+
exit fatal: access to this repository is denied.
|
| GNU Rush – a restricted user shell. (split by section): |
Section: |
|
|
Chapter: |
|
|
|
Doc: |
|
|
|
? |
This document was generated by
Sergey Poznyakoff on
October, 27 2009 using
texi2html 1.78.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.
![[image of the Head of a GNU]](/graphics/gnu-head-sm.jpg)