On Tue, Mar 8, 2011 at 06:38, Miklos Vajna <vmiklos@xxxxxxxxxxxxxx> wrote:
> We have a repo where multiple users have push access, they access the
> repo via ssh. Now let's say one of the developers ("A") accidently create a
> branch named "foo" in the shared repo. Of course the tip of "foo" may
> not point to a commit authored by "A".
>
> IIRC reflogs could be used in that case when the push is done via http,
> as the HTTP username is recorded in the reflog, so we can know who to
> blame.
>
> Unfortunately - as far as I see - this is not true for ssh, there simply
> the author of the tip commit is used.
>
> Have I missed something? Would it be possible to have the username of
> the user in the reflog, even when pushing via ssh?
reflog identity entries are derived from GIT_COMMITTER_NAME and
GIT_COMMITTER_EMAIL in the environment at the time that the log event
takes place. If these aren't set, they are derived from the current
user's gecos, or from $GIT_DIR/config or ~/.gitconfig as the
user.name/user.email variables.
Perhaps over SSH one of these is triggering for a user, allowing the
user to fill in their own identity... or someone else's. If you want
to enforce an identity you should set these environment variables on
the SSH server side before invoking git-receive-pack, perhaps by way
of a forced SSH command the way gitosis or gitolite is installed.
--
Shawn.
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html