deac/gitolite
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
gitolite/contrib/adc/rsync
Sitaram Chamarty 85da5572b2 some nice ADC changes... (warning: minor backward compat breakage) 
- support for ADCs with unchecked arguments
  - rsync, htpasswd, and svnserve gone from core; turned into ADCs

Backward compat breakage and fix: Please see documentation for details,
but if you're using gitolite to control rsync you will now need to setup
ADCs (admin defined commands), and install at least the new "rsync" ADC.

----

Thanks to Joey Hess (see commit prior to this) for forcing me to stop
being lazy and get this out of my long term todo list.
2011-10-17 18:42:57 +05:30

64 lines
2.2 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
# 'rsync' helper ADC. See bottom of this file for more info
use strict;
use warnings;
BEGIN {
die "ENV GL_RC not set\n" unless $ENV{GL_RC};
die "ENV GL_BINDIR not set\n" unless $ENV{GL_BINDIR};
unshift @INC, $ENV{GL_BINDIR};
}
use gitolite_rc;
use gitolite;
my $cmd = $ENV{SSH_ORIGINAL_COMMAND};
# test the command patterns; reject if they don't fit. Rsync sends
# commands that looks like one of these to the server (the first one is
# for a read, the second for a write)
# rsync --server --sender -some.flags . some/path
# rsync --server -some.flags . some/path
die "bad rsync command: $cmd"
unless $cmd =~ /^rsync --server( --sender)? -[\w.]+(?: --(?:delete|partial))* \. (\S+)$/;
my $perm = "W";
$perm = "R" if $1;
my $path = $2;
die "I dont like some of the characters in $path\n" unless $path =~ $REPONAME_PATT;
# XXX make a better pattern for this if people complain ;-)
die "I dont like absolute paths in $cmd\n" if $path =~ /^\//;
die "I dont like '..' paths in $cmd\n" if $path =~ /\.\./;
# ok now check if we're permitted to execute a $perm action on $path
# (taken as a refex) using rsync.
check_access('EXTCMD/rsync', "NAME/$path", $perm);
# that should "die" if there's a problem
wrap_chdir($RSYNC_BASE);
log_it();
exec $ENV{SHELL}, "-c", $ENV{SSH_ORIGINAL_COMMAND};
__END__
This is an rsync helper ADC. It is an example of using gitolite's config
language, combined with the 'check_access()' function, to implement access
control for non-git software using a "fake" repo. For historical reasons,
fake repos start with "EXTCMD/". Gitolite does not auto-create fake repos, so
you can use those as namespaces to hold collections of rules for various
purposes.
So here's a fake git repository to collect rsync rules in one place. It grant
permissions to files/dirs within the $RSYNC_BASE tree. A leading NAME/ is
required as a prefix; the actual path starts after that. Matching follows the
same rules as given in "FILE/DIR NAME BASED RESTRICTIONS" elsewhere in the
gitolite documentation.
repo EXTCMD/rsync
RW NAME/ = sitaram
RW NAME/foo/ = user1
R NAME/bar/ = user2
RW NAME/baz/.*/.*\.c$ = user3
Reference in a new issue View git blame Copy permalink