[PATCH v2 2/2] gitcredentials(7): make shell-snippet example more realistic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



There's an example of using your own bit of shell to act as a credential
helper, but it's not very realistic:

 - It's stupid to hand out your secret password to _every_ host. In the
   real world you'd use the config-matcher to limit it to a particular
   host.

 - We never provided a username. We can easily do that in another config
   option (you can do it in the helper, too, but this is much more
   readable).

 - We were sending the secret even for store/erase operations. This
   is OK because Git would just ignore it, but a real system would
   probably be unlocking a password store, which you wouldn't want to do
   more than necessary.

Signed-off-by: Jeff King <peff@xxxxxxxx>
---
 Documentation/gitcredentials.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Documentation/gitcredentials.txt b/Documentation/gitcredentials.txt
index 8127dfcd2f..0d0f7149bd 100644
--- a/Documentation/gitcredentials.txt
+++ b/Documentation/gitcredentials.txt
@@ -233,8 +233,9 @@ Here are some example specifications:
 	helper = "/path/to/my/helper --with-arguments"
 
 # or you can specify your own shell snippet
-[credential]
-	helper = "!f() { echo \"password=$(cat $HOME/.secret)\"; }; f"
+[credential "https://example.com";]
+	username = your_user
+	helper = "!f() { test \"$1\" = get && echo \"password=$(cat $HOME/.secret)\"; }; f"
 ----------------------------------------------------
 
 Generally speaking, rule (3) above is the simplest for users to specify.
-- 
2.26.2.933.gdf62622942



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux