Shawn Pearce wrote:
Johannes Schindelin <Johannes.Schindelin@xxxxxx> wrote:
On Thu, 7 Dec 2006, Shawn Pearce wrote:
For various auditing reasons the repositories need to be tightly
controlled. That is the following cannot be permitted:
[...]
How about just one such user? After all, you already have this user: the
repo owner. Of course, people have to push via ssh, even on the same
machine.
How do I know which SSH key the client used to connect? Remember I'm
looking at the real uid to determine who is performing the operation.
In the situation you describe everyone looks the same to the
update hook...
For (probably stupid) reasons the server is the commerial F-Secure
SSH server, btw. So OpenSSH based things wouldn't apply. And best
that I can tell, F-Secure SSH won't tell me which key was used
to authenticate.
See Section 8.2.6.1
http://www.unix.org.ua/orelly/networking_2ndEd/ssh/ch08_02.htm
You should be able to do something similar for git as they do for SSH.
Rogan
-
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html