| GNU Rush – a restricted user shell. (split by section): |
Section: |
 |
 |
Chapter: |
 |
 |
 |
Doc: |
 |
 |
|
? |
6.6 git
Remote access to Git repositories over ssh causes execution of
git-receive-pack and git-upload-pack on the server.
The simplest rule for Git is:
| | rule git
command ^git-(receive|upload)-pack
transform[0] s|^|/usr/bin/|
|
The transform action is necessary to ensure the proper location
of Git binaries to use. This example supposes they are placed in
‘/usr/bin’, you will have to tailor it if they are located
elsewhere on your system.
To limit Git accesses to repositories under ‘/gitroot’ directory, use
match[1] construct, as shown in the example below:
| | rule git
command ^git-(receive|upload)-pack
match[1] ^/gitroot[^ ]+\.git$
transform[0] s|^|/usr/bin/|
|
To provide more helpful error messages, you may follow this rule by a
trap rule (see section trap rules):
| | # Trap the rest of Git requests:
rule git-trap
command ^git-.+
exit fatal: access to this repository is denied.
|
| GNU Rush – a restricted user shell. (split by section): |
Section: |
|
|
Chapter: |
|
|
|
Doc: |
|
|
|
? |
This document was generated by
Sergey Poznyakoff on
July, 8 2010 using
texi2html 1.78.
Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.
![[image of the Head of a GNU]](/graphics/gnu-head-sm.jpg)