Please build from a repository clone, as the make script uses
'git describe --tags' to generate the resulting executable's version string.
-= Configure /etc/repo_shell.cfg
+= Configure /etc/repo_shell.conf
-The file /etc/repo_shell.cfg must contain certain fields as shown in the example
-below. The spaces surrounding the equal sign ('=') are optional.
+The file /etc/repo_shell.conf must contain certain fields as shown in the
+example below. The spaces surrounding the equal sign ('=') are optional.
owner = repo
svn_root = /var/lib/svn/repositories
git_root = /var/lib/git
- git_acl_file = /var/lib/git/.gitacls
allowed_interactive =
owner is the system account username which will own all repositories, and is
svn_root and git_root are self-explanatory, being the longest filesystem path
shared by repositories of that type, e.g. their shared root directory.
-git_acl_file is the pathname of a file providing ACL information for git
-repository access, as implemented internally bit repo_shell. A recommended
-pathname is /var/lib/git/.gitacls
-
allow_interactive contains a list of users that may log into the server via SSH,
or that may issue arbitrary commands to the server via SSH. Instead of a list,
the wildcard character '*' can be used to indicate all users. Note that this
In accordance with the settings in /etc/repo_shell.conf:
- adduser --system --group <owner> --home /var/lib/svn \
- --shell /usr/local/bin/repo_shell <owner>
- sudo install -d -o <owner> -g <owner> -m 0755 <svn_root>
- sudo install -d -o <owner> -g <owner> -m 0755 <git_root>
+ sudo adduser --system --group <owner> --home /var/lib/svn \
+ --shell /bin/false <owner>
+ sudo install -d -o <owner> -g <owner> -m 0750 <svn_root>/..
+ sudo install -d -o <owner> -g <owner> -m 0750 <svn_root>
+ sudo install -d -o <owner> -g <owner> -m 0750 <git_root>
= Configure subversion repository ACLs
= Configure git repository ACLs
-Git repository access control is managed by the git acl file, nominally located
-at {git_root}/.gitacls. This file has a format similar but not exactly like
-Subversion's authz file. The file defines one of three levels of access for
-various combinations of users and repositories, then compared to the git command
-arriving via SSH to determine if the access will be allowed. Please see
-README.gitacls for more information.
+Git repository access control is managed by the git acl file, located at
+{git_root}/.gitacls (git_root is defined in /etc/repo_shell.conf). This file
+has a format similar but not exactly like Subversion's authz file. The file
+defines one of three levels of access for various combinations of users and
+repositories, then compared to the git command arriving via SSH to determine if
+the access will be allowed. Please see README.gitacls for more information.
= Create a subversion repository
sudo -u repo gitcreate mirrors/tinyos/tinyos-main.git
+If a subdirectory path being requested doesn't already exist, the script will
+ask the operator if it is OK to create it. To automatically create non-existent
+subdirectory paths, add the -y option:
+
+ sudo -u repo gitcreate -y mirrors/tinyos/tinyos-main.git
+
= Configuring user accounts
Each user to access repositories via client side tools need an account on the
Users interact with subversion and git repositories using what we somewhat
incorrectly call access paths. In both cases, the access path is relative to
-the respective repository type root, as defined in /etc/repo_shell.cfg. In
+the respective repository type root, as defined in /etc/repo_shell.conf. In
other words, the user does not need to know where the repository is stored. In
the case of git, a repository can be under a subdirectory. A couple of
examples:
projects / repo_shell.git / blobdiff