Re: gitosis question: identifying/logging remote user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Jun 2, 2009 at 12:01 PM, Robin H. Johnson <robbat2@xxxxxxxxxx> wrote:
> On Tue, Jun 02, 2009 at 09:32:40AM +0530, Sitaram Chamarty wrote:
>> I want to be able to log the information that the post-receive hook
>> receives, but I *also* want, along with that, the name of the pubkey
>> that was used in this particular "push".
> I've got a partial patch that I never finished for using this with the
> gitosis-gentoo fork that powers git.overlays.gentoo.org. It needs
> re-implementation from scratch, but here's the design notes:
> 1. Use the username to open the file in keydir again.

This is the directory that contains all the *.pub files, so ok...

> 2. At the top, look for RFC822 headers with a leading "# " as padding:
>   Examples from my own patch:
>   # Full-Name: "Robin H. Johnson (robbat2)" <robbat2@xxxxxxxxxx>
>   # cia-vc-username: robbat2

Hmmm... is this a significantly different gitosis?  The files in my
keydir mostly contain just one line (some have two, for people who
work from different machines), looking like this:

ssh-rsa [long series of base64 type characters]== some.one@xxxxxxxxxxx

>   The headers are followed by a blank line then further text is free-form
>   and not parsed. Continuation lines are NOT supported.
> 3. The header field names are transformed to enviornoment variable names
>   as follows:
>   - y/[[:lower:]]/[[:upper:]]/g
>   - s/-/_/g
> 4. Export the environment variables, named per above, with the full
>   content of the rest of the line.
>
> (We need to export the CIA.vc data, and also send off a commit mail).

Nope, I'm completely lost.  Perhaps I failed miserably in explaining
what I want... !

----------

I'm thinking along the lines of a simple change to this:

    TEMPLATE=('command="gitosis-serve %(user)s",no-port-forwarding,'
              +'no-X11-forwarding,no-agent-forwarding,no-pty %(key)s')

(in function generateAuthorizedKeys of gitosis/ssh.py) to generate an
additional ssh directive in the authorized_keys file:

    environment="REMOTEUSER=%(user)s"

I haven't tested it yet, but I'm expecting that this will pass on the
name of the user (like "sitaram" in my case) as an env var so that I
can do whatever I want with it in the hooks.

Thanks,

Sitaram
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]