# output of the "info" and "expand" commands
Running "ssh git@server info" or "ssh git@server expand" gives you certain
output. This doclet describes the output; you're welcome to help me make it
clearer :)
(Side note: if you installed using the "from-client" method, and you're the
administrator, please replace `ssh git@server` with `ssh gitolite`, all
through this document).
In this document:
* the "info" command
* interpreting the output
* using patterns to limit output
* side note: openssh 5.6
* the "expand" command
----
### the "info" command
Usage:
ssh git@server info [optional_pattern [list of users]]
The "info" command shows you all the repos (and repo patterns) in the config
file that you have been given any kind of access to. If you supply an
optional pattern the output will be limited to repos matching that pattern.
If you're an admin you can append a list of users to see their permissions
instead of your own; in this mode the pattern is mandatory, even if you just
use `.` to cheat.
Here is a sample output of the info command. There are 3 columns of
permissions (create, read, and write) in the output, although the first column
is often blank.
$ ssh git@server info
hello sitaram, the gitolite version here is v1.5.5-24-g2b066fc
the gitolite config gives you the following access:
R W SecureBrowse
R W anu-wsd
R W entrans
@R W git-notes
@R W gitolite
R W gitolite-admin
R W indic_web_input
@C R W private/sitaram/[\w.-]+
R W proxy
@C @R W public/sitaram/[\w.-]+
@R_ @W_ testing
R W vkc
#### interpreting the output
The meaning of C, R, and W are self-explanatory, but they may be prefixed or
suffixed by a symbol:
* an `@` prefix means "@all" users have been given this permission
repo foo
R = @all
* a `#` prefix means this user is a "superuser" (think root's shell prompt)
and so has access to `@all` repos. Which means you'll see this prefix
(or, in some cases, an `&`; see next bullet) for *all* the repos, or none
of them
repo @all
R = sitaram
* an `&` prefix means both of the above are true
The `_` suffix is special. This says the user has only implicit access (due
to one of the `@all` uses), but no explicit access.
#### using patterns to limit output
Here are a couple of samples with optional patterns:
$ ssh git@server info git
hello sitaram, the gitolite version here is v1.5.5-24-g2b066fc
the gitolite config gives you the following access:
@R W git-notes
@R W gitolite
R W gitolite-admin
$ ssh git@server info admin
hello sitaram, the gitolite version here is v1.5.5-24-g2b066fc
the gitolite config gives you the following access:
R W gitolite-admin
In "big-config" mode (i.e., when `GL_BIG_CONFIG` is set) the pattern is
**mandatory**. You can try and cheat the system by passing in a "." but
gitolite truncates the output after 20 results to prevent a DOS.
The pattern is also mandatory when an admin wants to find out what access some
*other* user has, which you may have guessed from the syntax in the "usage"
line above.
#### side note: openssh 5.6
It used to be that the gitolite documentation would say "just use `ssh
git@server`" in the past, because gitolite defaults to the "info" command if
no command is passed.
However, starting with [openssh 5.6][openssh56], this won't work. Openssh
will now "Kill channel when pty allocation requests fail". This means that
gitolite is not even invoked; you only get a message about pty allocation
failure, followed by "connection closed".
So now you have to use an explicit "info" command, (`ssh git@server info`) or
add the `-T` option to ssh (`ssh -T git@server`).
[openssh56]: http://www.openssh.org/txt/release-5.6
### the "expand" command
Usage:
ssh git@server expand [optional_pattern]
The "expand" command trawls through all the repositories on the server,
limiting to repos matching the pattern you provide (default is all repos
found).
For each repo found, it searches for it in the config -- either the actual
repo entry (when the repo is not a wildcard repo), or an entry for the
wildcard that matches it -- and reports permissions. It also takes into
account extra permissions enabled by the `setperms` command (see
doc/wildcard-repositories.mkd). It shows you the "creator" of the repo as
an additional column, defaulting to `` if it was not a wildcard
repo.