Click here to Skip to main content
15,945,939 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Hello,

I am having a problem managing git repositories user permissions on my local server.
Is there a way to manage whom can access the repository and who can not?

Thank you

What I have tried:

I have tried by managing the folder permission and limit the access with that and it partially work. Which means that i can not get the repository with the command "git clone" but i can get the repository if i clone the repository from Visual Studio.
Posted
Updated 20-Nov-23 22:40pm
v2

1 solution

I had a similar issue a while back and we made use of 'SSH keys' for authentication -

1) Make sure that each of your users has a 'SSH key pair'. You can generate one with 'ssh-keygen' if they don't have it, many samples to be found at - using ssh-keygen[^]

To collect each user's public key '~/.ssh/id_rsa.pub or similar)'

2) On your server, go to your Git repository's directory, inside the repository, create a folder named 'hooks' if it does not exist.

3)Inside your hooks folder, create a file named 'pre-receive' with no file extension at naming at all.
Add the following script to the 'pre-receive' file -
Bash
#!/bin/bash
while read oldrev newrev refname
do
    if [ "$refname" == "refs/heads/master" ]; then
        # Add your access control logic here...
        # Maybe as an example, allow only specific SSH keys which was created by you...
        authorized_keys="/path/to/your/authorized_keys_file"
        git rev-list $oldrev..$newrev | xargs -I {} ssh-keyscan -t rsa {} >> $authorized_keys
    fi
done


Now make the script executable -
Bash
chmod +x pre-receive


4) Create a file to store authorized keys e.g., '/path/to/authorized_keys_file'. Add your public keys of users who should have access, one per line.

5) Make sure that the pre-receive script and the authorized keys file are accessible and have the right permissions.

6) To test your set-up, try to clone your repository using git clone over SSH. Users without authorized keys should not be able to push.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900