Commit graph

64 commits

Author SHA1 Message Date
Sitaram Chamarty 5aba13cd80 allow 'D' for @all repos
...so that the new semantics can be made system-default if someone wants
to do that
2010-03-31 06:45:29 +05:30
Sitaram Chamarty 967af2c993 compile/update: new "D" permission
normally, RW+ means permission to rewind or delete.

Now, if you use "D" permission anywhere in a repo config, that means
"delete" and RW+ then means only "rewind", no delete.
2010-03-30 23:28:26 +05:30
Sitaram Chamarty 7bfb3676b7 @all for repos is now much cleaner; a true @all...
- no need to put it at the end of the config file now, yeaaay!
  - @all for @all is meaningless and not supported.  People asking will
    be told to get a life or use git-daemon.
  - NAME/ limits for @all repos is ignored for efficiency reasons.
2010-03-26 21:36:05 +05:30
Sitaram Chamarty 2456cc17c8 personal branches: de-emphasise old-style, document new-style
There are some disadvantages to the old-style personal branch scheme.
It only allows one specific pattern (of refname) to be used, forces that
pattern to be applicable to *all* repos in the entire config, and
requires editing the rc file (on the server) to be edited to achieve
this.

In other words, it's a very blunt instrument...

The new style depends on using lines like this within a specific repo
config:

        RW+ personal/USER/      =   @userlist

The important thing is that the "branch" name should contain `/USER/`
(including the slashes).  Access is still determined by the right hand
side of course.

This gives you the following advantages:

  - allow it only for repos that need it
  - allow different patterns to be used for different repos
  - allow *multiple* patterns; just add more than one such line
  - allow the pattern to have suffixes (eg: foo/USER/bar)
2010-03-16 18:27:26 +05:30
Eli Barzilay 9f805646fe minor typos 2010-02-27 12:32:28 +05:30
Sitaram Chamarty 6f740339e4 doc/3 last reorg missed moving some anchors and preamble text 2010-02-16 04:57:14 +05:30
Sitaram Chamarty 7e34a39050 doc/3 reorg; one section was getting too long! 2010-02-11 09:04:07 +05:30
Sitaram Chamarty 388f4d873d (IMPORTANT; read this in full) no more "wildrepos"
The wildrepos branch has been merged into master, and deleted.  It will no
longer exist as a separate branch.  Instead, a new variable
called $GL_WILDREPOS has been added which acts as a switch; when
off (which is the default), many wildrepos features are disabled.
(the "C" permissions, and the getperms (etc.) commands mainly).

Important: if you are using wildrepos, please set "$GL_WILDREPOS = 1;" in
the RC file when you upgrade to this version (or just before you do the
upgrade).
2010-02-07 13:22:43 +05:30
Sitaram Chamarty c43560d2ef Merge branch 'master' into wildrepos
lots of conflicts, esp in gl-auth-command, due to refactoring the
"special commands" stuff on master

Conflicts:
	doc/3-faq-tips-etc.mkd
	src/gitolite.pm
	src/gl-auth-command
	src/gl-compile-conf
2010-02-04 14:42:10 +05:30
Sitaram Chamarty 67c10a34fe auth: new subcommand "htpasswd"
great idea by Robin Smidsrød: since users are already capable of
authenticating themselves to gitolite via ssh keys, use that to let them
set or change their own HTTP passwords (ie, run the "htpasswd" command
with the correct parameters on behalf of the "git" user on the server)

code, rc para, and documentation.  In fact everything except... ahem...
testing ;-)

and while we're about it, we also reorganised the way these helper
commands (including the venerable "info" are called)
2010-02-04 11:55:24 +05:30
Sitaram Chamarty 09195afd44 document deny rules a bit better 2010-02-01 15:59:03 +05:30
Sitaram Chamarty 98a4c79dce (read this in full) access control for non-git commands running over ssh
This is actually a pretty big deal, and I am seriously starting wonder
if calling this "gito*lite*" is justified anymore.

Anyway, in for a penny, in for a pound...

This patch implements a generic way to allow access control for external
commands, as long as they are invoked via ssh and present a server-side
command that contains enough information to make an access control
decision.

The first (and only, so far) such command implemented is rsync.

Please read the changes in this commit (at least the ones in conf/ and
doc/) carefully.
2010-02-01 11:49:21 +05:30
Sitaram Chamarty 29260476fb Merge branch 'master' into pu-wildrepos 2010-02-01 10:48:17 +05:30
Sitaram Chamarty 90fed77927 Merge remote branch 'origin/pu' 2010-02-01 10:44:48 +05:30
Sitaram Chamarty b4a65ab73c doc/3: couple of clarifications
- deny rules only apply to "W" ops
  - be more specific about what allows "R" to pass
2010-01-30 08:35:43 +05:30
Sitaram Chamarty 76f8615a92 Merge branch 'pu' into pu-wildrepos 2010-01-29 09:12:24 +05:30
Sitaram Chamarty 7afaafc54a document the "include" mechanism 2010-01-27 16:48:56 +05:30
Sitaram Chamarty e68d76f127 doc/6 revamp; would appreciate reviews ;-) 2010-01-22 20:28:35 +05:30
Sitaram Chamarty c1de05a8a5 doc/3: gitweb integ; trailing slash on $projectroot
It's not clear whether $projectroot has or does not have a trailing
slash.  Current code assumes it does, but we need to cater for it not
having one also.  Otherwise the final reponame ends up with a leading
slash, once $projectroot has been stripped from the beginning of the
full repo path.
2010-01-22 06:15:34 +05:30
Sitaram Chamarty bede47e2db Merge branch 'master' into wildrepos
Conflicts:
	src/hooks/update
2010-01-14 20:47:04 +05:30
Sitaram Chamarty 7124faa9f3 NAME-based restrictions
Gitolite allows you to restrict changes by file/dir name.  The syntax
for this used "PATH/" as a prefix to denote such file/dir patterns.
This has now been changed to "NAME/" because PATH is potentially
confusing.

While this is technically a backward-incompatible change, the feature
itself was hitherto undocumented, and only a few people were using it,
so I guess it's not that bad...

Also added documentation now.
2010-01-09 20:30:53 +05:30
Sitaram Chamarty 203d5690be Merge branch '@all-for-repos' into wildrepos
Conflicts:
	src/gl-compile-conf
2009-12-21 23:02:02 +05:30
Sitaram Chamarty ba3cbd7ecf doc/3, conf: document @all for repos
plus some refactoring of doc/3
2009-12-21 22:58:47 +05:30
Sitaram Chamarty d49bb6b423 Merge branch 'master' into wildrepos
Conflicts:
	src/gitolite.pm
	src/gl-auth-command
2009-12-20 06:58:33 +05:30
Sitaram Chamarty ed2bf526f8 minor docfix 2009-12-13 19:17:18 +05:30
Sitaram Chamarty ff28acb059 Merge branch 'master' into wildrepos
master brought in:

  - full email addresses as usernames
  - repo-specific git config

Conflicts:
	doc/3-faq-tips-etc.mkd
	src/gitolite.pm
	src/gl-compile-conf
2009-12-11 11:23:26 +05:30
Sitaram Chamarty 780b4cca20 ssh-copy-id workaround detail plus a couple other doc fixes 2009-12-10 17:07:46 +05:30
Sitaram Chamarty 64979c18ea document repo config support 2009-12-09 12:16:22 +05:30
Sitaram Chamarty 4441ed82e4 compile: allow full email addresses as usernames
we had usurped the email style syntax to separate multiple keys
belonging to the same person, like sitaram@desktop.pub and
sitaram@laptop.pub.  If you have so many users that you need the full
email address to disambiguate some of them (or you want to do it for
just plain convenience), you couldn't.

This patch fixes that in a backward compatible way.  See
doc/3-faq-tips-etc.mkd for details.
2009-12-08 15:14:05 +05:30
Sitaram Chamarty 6214ad3ab6 wildrepos: first cut documentation 2009-12-06 20:36:12 +05:30
Sitaram Chamarty 8a4bb453a0 document that @all doesnt work as expected in deny rules
@all in a deny rule doesnt work as it might look in the config file,
because @all rights are checked last.  This is fine if you dont have any
DENYs (and so rule order doesn't matter), but with DENY it causes some
problems.

I never bothered to document it because I did not expect that any repo
that is "serious" enough to have deny rules *at all* should then allow
*any* kind of "write* access to @all.  That's a very big contradiction
in terms of paranoia!

Translation: this will not be supported.  Don't bother asking.  You know
who you are :)
2009-12-05 14:57:21 +05:30
Sitaram Chamarty d71720d050 fold rebel into master :) [please read]
Well, something even more outrageous than deny rules and path-based
limits came along, so I decided that "rebel" was actually quite
"conformist" in comparision ;-)

Jokes apart, the fact is that the access control rules, even when using
deny rules and path-limits, are still *auditable*.  Which means it is
good enough for "corporate use".

[The stuff that I'm working on now takes away the auditability aspect --
individual users can "own" repos, create rules for themselves, etc.

So let's just say that is the basis of distinguishing "master" now.]
2009-12-01 07:15:05 +05:30
Sitaram Chamarty 601eaf8ea1 tips doc: add pointer to later section on excludes 2009-12-01 05:55:59 +05:30
Sitaram Chamarty 604669ca02 rebel edition -- cos when you need it, you need it bad :-)
Summary: much as I did not want to use "excludes", I guess if we don't put the
code in "master" it's OK to at least *write* (and test) the code!

See the example config file for how to use it.

See "design choices" section in the "faq, tips, etc" document for how it
works.
2009-12-01 05:55:58 +05:30
Sitaram Chamarty d8cb62934f docs: document how to specify "owner" for gitweb 2009-11-27 13:47:33 +05:30
Sitaram Chamarty 9a85f5d0d6 auth: print permissions for @all also
I don't have a use for "@all" at all (pun not intended!) other than the
"testing" repo, but <teemu dot matilainen at iki dot fi> sent in a patch
to mark those repos with "R" and "W" in the permissions list, and I
started thinking about it.

This could actually be useful if we *differentiated* such access from
normal (explicit username) access.  From the "corporate environment"
angle, it would be nice if a project manager could quickly check if any
of his projects have erroneously been made accessible by @all.

So what we do now is print "@" in the corresponding column if "@all" has
the corresponding access.

Also, when someone has access both as himself *and* via @all, we print
the "@"; printing the "R" or "W" would hide the "@", and wouldn't
correctly satisfy the use case described above.
2009-11-25 09:15:36 +05:30
Sitaram Chamarty 1c786d880a doc/3: $repo_base -> $projectroot; honor @all in perm check
- it appears that what we call $repo_base, gitweb already needs as
    $projectroot
  - allow read of repos defined as readable by @all

plus some minor declaration changes to make the sample code work as is

(thanks to teemu dot matilainen at iki dot fi)
2009-11-25 08:46:21 +05:30
Sitaram Chamarty 05a06a2c75 README, doc/3: gitweb "description" feature 2009-11-18 07:18:05 +05:30
Sitaram Chamarty 92d5062ad0 doc/src: major doc/help text revamp
also removed some dead code from compile (pre PTA days)
2009-10-31 00:21:37 +05:30
Sitaram Chamarty a19a7f01d7 auth, doc/3: print useful information when no command given 2009-10-28 21:46:57 +05:30
Sitaram Chamarty a23622a31b doc/3: add section on unexpected gitwebauth good-ness! 2009-10-28 21:46:57 +05:30
Sitaram Chamarty 96fa0da946 allow a/b/c type repos to be created 2009-10-23 10:14:41 +05:30
Sitaram Chamarty 481242f6cb doc/3: minor fix to an already minor change :) 2009-10-13 11:46:04 +05:30
Sitaram Chamarty 59e15e62a1 support git installed outside default $PATH
(also some minor fixes to doc/3)
2009-10-13 10:03:12 +05:30
Sitaram Chamarty d125488107 doc/3 minor re-arrangement 2009-10-13 10:03:12 +05:30
Sitaram Chamarty 9e46920fe3 faq: explain one user many keys a bit better 2009-10-12 20:02:38 +05:30
Sitaram Chamarty d78bbe8c3e lots of doc changes reflecting "push to admin" is default now :)
- added comments to easy install to help do it manually
  - README: some stuff moved to tips doc, brief summary of extras
    (over gitosis) added
  - INSTALL: major revamp, easy install and manual install,
    much shorter and much more readable!

plus other docs changed as needed, and updated the tips doc to roll in
some details from "update.mkd" in the "ml" branch
2009-10-11 14:19:00 +05:30
Sitaram Chamarty fa5567f22c doc/5-delegation added, doc/4 (PTA) enhanced
This is complete user documentation for delegation
2009-10-04 10:22:41 +05:30
Sitaram Chamarty 70d26d810b compile, all docs/confs: specify gitweb/daemon access + bonus
bonus: documented the "bits and pieces" thing properly; should have done this
long ago, but it came to the forefront now thanks to this item
2009-09-25 13:50:59 +05:30
Sitaram Chamarty 2a763dfdb1 doc/3: updated the log line description 2009-09-21 19:36:39 +05:30