diff --git a/conf/example.gitolite.rc b/conf/example.gitolite.rc index 2dee034..550d6f3 100644 --- a/conf/example.gitolite.rc +++ b/conf/example.gitolite.rc @@ -150,6 +150,20 @@ $RSYNC_BASE = ""; # $RSYNC_BASE = "/home/git/up-down"; # $RSYNC_BASE = "/tmp/up-down"; +# -------------------------------------- +# EXTERNAL COMMAND HELPER -- SVNSERVE + +# security note: runs an external command (svnserve) with specific arguments, +# as specified below. %u is substituted with the username. + +# This setting allows launching svnserve when requested by the ssh client. +# This allows using the same SSH setup (hostname/username/public key) for both +# SVN and git access. Leave it undefined or set to the empty string to disable +# svnserve access. + +$SVNSERVE = ""; +# $SVNSERVE = "/usr/bin/svnserve -r /var/svn/ -t --tunnel-user=%u"; + # -------------------------------------- # ALLOW REPO CONFIG TO USE WILDCARDS diff --git a/doc/3-faq-tips-etc.mkd b/doc/3-faq-tips-etc.mkd index bb9c9d6..ffb5f43 100644 --- a/doc/3-faq-tips-etc.mkd +++ b/doc/3-faq-tips-etc.mkd @@ -650,14 +650,34 @@ powerful feature. See `doc/admin-defined-commands.mkd`. Gitolite now has a mechanism for allowing access control for arbitrary external commands, as long as they are invoked via ssh and present a server-side command that contains enough information to make an access control -decision. The first (and only, so far) such command implemented is rsync. +decision. Note that this is incompatible with giving people shell access as described in `doc/6-ssh-troubleshooting.mkd` -- people who have shell access are not subject to this mechanism (it wouldn't make sense to try and control someone who has shell access anyway). -Please see the config files (both of them) for examples and usage. +In general, external commands require changes in one or both the config files; +the sample files in `conf/` double as documentation, so you should look there +for examples and usage. + +Commands implemented so far are: + + * rsync + * svnserve (see next section for a brief description; this has been + contributed by Simon and Vladimir) + + + +##### svnserve + +If you are transitioning from SVN to gitolite, and have a lot of users using +public-key authentication with SVN, this feature may be useful to you. Once +you migrate all users' public keys into gitolite, you can set the `$SVNSERVE` +variable in `~/.gitolite.rc` to tie `svnserve` with gitolite's authentication +system. Assuming you installed gitolite to the same user as the one you used +for SVN, SVN connectivity will be retained, and users will be able to use +both SVN and git using the same SSH configuration. ## design choices diff --git a/src/gitolite.pm b/src/gitolite.pm index 998c894..0d64f17 100644 --- a/src/gitolite.pm +++ b/src/gitolite.pm @@ -411,7 +411,7 @@ sub cli_repo_rights { sub special_cmd { - my ($GL_ADMINDIR, $GL_CONF_COMPILED, $shell_allowed, $RSYNC_BASE, $HTPASSWD_FILE) = @_; + my ($GL_ADMINDIR, $GL_CONF_COMPILED, $shell_allowed, $RSYNC_BASE, $HTPASSWD_FILE, $SVNSERVE) = @_; my $cmd = $ENV{SSH_ORIGINAL_COMMAND}; my $user = $ENV{GL_USER}; @@ -432,6 +432,8 @@ sub special_cmd &ext_cmd_htpasswd($HTPASSWD_FILE); } elsif ($RSYNC_BASE and $cmd =~ /^rsync /) { &ext_cmd_rsync($GL_CONF_COMPILED, $RSYNC_BASE, $cmd); + } elsif ($SVNSERVE and $cmd eq 'svnserve -t') { + &ext_cmd_svnserve($SVNSERVE); } else { # if the user is allowed a shell, just run the command &log_it("$ENV{GL_TS}\t$ENV{SSH_ORIGINAL_COMMAND}\t$ENV{GL_USER}\n"); @@ -528,4 +530,17 @@ EOFhtp die "htpasswd command seems to have failed with $rc return code...\n" if $rc; } +# ---------------------------------------------------------------------------- +# external command helper: svnserve +# ---------------------------------------------------------------------------- + +sub ext_cmd_svnserve +{ + my $SVNSERVE = shift; + + $SVNSERVE =~ s/%u/$ENV{GL_USER}/g; + exec $SVNSERVE; + die "svnserve exec failed\n"; +} + 1; diff --git a/src/gl-auth-command b/src/gl-auth-command index a2f827b..b888af0 100755 --- a/src/gl-auth-command +++ b/src/gl-auth-command @@ -24,7 +24,7 @@ use warnings; # ---------------------------------------------------------------------------- # these are set by the "rc" file -our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR, $RSYNC_BASE, $HTPASSWD_FILE, $GL_WILDREPOS, $GL_ADC_PATH); +our ($GL_LOGT, $GL_CONF_COMPILED, $REPO_BASE, $GIT_PATH, $REPO_UMASK, $GL_ADMINDIR, $RSYNC_BASE, $HTPASSWD_FILE, $GL_WILDREPOS, $GL_ADC_PATH, $SVNSERVE); # and these are set by gitolite.pm our ($R_COMMANDS, $W_COMMANDS, $REPONAME_PATT, $REPOPATT_PATT); our %repos; @@ -167,7 +167,7 @@ if ($ENV{SSH_ORIGINAL_COMMAND} =~ $CUSTOM_COMMANDS) { my ($verb, $repo) = ($ENV{SSH_ORIGINAL_COMMAND} =~ /^\s*(git\s+\S+|\S+)\s+'\/?(.*?)(?:\.git)?'/); unless ( $verb and ( $verb eq 'git-init' or $verb =~ $R_COMMANDS or $verb =~ $W_COMMANDS ) and $repo and $repo =~ $REPONAME_PATT ) { # ok, it's not a normal git command; call the special command helper - &special_cmd ($GL_ADMINDIR, $GL_CONF_COMPILED, $shell_allowed, $RSYNC_BASE, $HTPASSWD_FILE); + &special_cmd ($GL_ADMINDIR, $GL_CONF_COMPILED, $shell_allowed, $RSYNC_BASE, $HTPASSWD_FILE, $SVNSERVE); exit; } die "$repo ends with a slash; I don't like that\n" if $repo =~ /\/$/;