Andre Masella wrote: >>> As I understand it, none of the repository backends allow any per-user >>> per-branch access control. SSH and HTTP come the closest with the right >>> hooks, but since the repository is writeable by those users, there is >>> little to stop them from changing the repository directly. >> I wonder if it would be enought for SSH (and perhaps HTTP/WebDAV access) >> just to rely on filesystem write access to refs/heads files (different >> files having different access rights), and filesystem ACLs. > > It could probably be done, but it would be very complicated. For instance, if > a user is allowed to run prune, then they must have permissions to delete > files which would include any of the objects. > Pruning is considered a "repository admin task". Since each git developer has a full copy of the entire project locally, they can prune their local repo as much as they like without it affecting the mothership repo. Pruning of the mothership repo should be done by whoever administers the host where it is hosted, and probably not even by him/her unless diskspace becomes an issue. We have 42 mothership repos at our workplace. Combined in those repos we've got 2962 dangling objects. Pruning them would save me 8.5MiB of diskspace. It's hardly worth even thinking about. > For DAV, this breaks down completely because all access to the repository will > happen as the Apache user. Indeed. We use real system accounts for pushing/pulling. It's convenient for those of us who use ssh-agent, and functional for those who don't. It also allows "fine-grained-enough" access control to the repos. Normally we have all repos owned by <project-leader>:devel and created with umask 002. All developers are in the "devel" group and can thus by default push and fetch from all repositories. Some repos require stricter access rights. For those we create a group specially. The "everyone can read" thingie isn't necessary, but it's nice because it lets our head of development take a look at whatever he wants without us running any risk of him damaging it (he's a suit after all). -- Andreas Ericsson andreas.ericsson@xxxxxx OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html