X-Git-Url: https://oss.titaniummirror.com/gitweb?a=blobdiff_plain;f=README;h=746b25db72b9793eddcd21164d15f2d3d9583cf2;hb=af04042a17a26cf6f4d3fb7ac5af35cd1311cc2a;hp=a6045429a50f923d00617843e30e50bb242cad2b;hpb=a6c6f0d2cfe2ffaa3995c52af97cdbdf9757ed43;p=repo_shell.git diff --git a/README b/README index a604542..746b25d 100644 --- a/README +++ b/README @@ -213,6 +213,34 @@ application use output from the repo_shell -c command to determine access. This command returns one of three results. An empty return string means no access, an "r" means read-only, and "rw" means read-write access. += Allow other users to create repositories + +With the following configuration, other users could be configured to run the +`gitcreate` command using sudo. + +First, run `visudo` as root to edit the `/etc/sudoers` file. These entries +should appear before less specific rules. The Runas_Alias REPOUSER should be +set to the value of the `owner` variable defined in `/etc/repo_shell.conf`. + + # Allow select users to run gitcreate + User_Alias REPOCREATORS = user1, user2, user3 + Runas_Alias REPOUSER = repo + REPOCREATORS ALL = (REPOUSER) NOPASSWD: /usr/local/bin/gitcreate + +Now any users listed in the User_Alias REPOCREATORS can run the gitcreate +command. The command would be invoked as follows: + + ssh + sudo -u repo gitcreate path/to/newrepo.git + +Note that as of right now, repo_shell cannot be used to run this command in a +single ssh invocation, such as: + + ssh sudo gitcreate path/to/newrepo.git + +This is because repo_shell does not implement a full tty needed by sudo if it +must ask the user for a password to authenticate the action. + = References and links repo_shell owes great thanks to work shared by two other projects: