On Wed, Feb 26, 2020 at 12:29:13PM -0800, Junio C Hamano wrote: > Jeff King <peff@xxxxxxxx> writes: > > > On Wed, Feb 26, 2020 at 10:10:05AM +0100, Andrei Rybak wrote: > > > >> > I've not yet found a way to get this to work without keeping the > >> > repositories in the git user's home folder. > >> > >> Disclaimer: I'm not at all familiar with git server setup. Would it make sense > >> to change git user home directory to be the required dedicated directory? > > > > Yeah, that's what I would suggest. git-shell does explicitly cd to > > $HOME, so any chdir you do before then will be lost (though you could > > perhaps just set $HOME in ~/.ssh/rc). > > I didn't suggest it because the original request did not sound like > building a dedicated machine that is used only to push into without > interactive shell access. If $HOME is moved to such a git centric > place, that would make it almost impossible to use the account for > shell interactive access, I would imagine, and if that is acceptable, > perhaps something like gitolite would fit the bill better? I took the mention of /home/git to mean it was a dedicated "git" user. But yeah, that would be an awful suggestion for a regular user. :) And I second the notion of gitolite for a dedicated setup like this (I haven't really used it much myself, but the design always seemed quite sane to me). I _do_ keep git repositories on a host accessible by my normal user. It's a mild inconvenience to have to clone "git.peff.net:git/foo.git" instead of just "git.peff.net:foo.git". We could allow a config or environment variable to re-root a relative path given to upload-pack. As long as it was clear this isn't a security feature (it's for people who already have shell access, and could be overridden by an absolute path), I think it would be OK. -Peff
