Skip to content

parazyd/git-restrict

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 4 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github/workflows
 
 
contrib
 
 
.gitignore
 
 
LICENSE
 
 
Makefile
 
 
README.md
 
 
git-restrict.1
 
 
git-restrict.c
 
 
test.sh
 
 
git-restrict Basic usage License

README.md

git-restrict

Build Status

A minimal utility that allows repository permission management based on ssh keys when used with the command directive in ssh's authorized_keys file.

If used, it will only allow git-upload-pack and git-receive-pack as the commands allowed to be ran by a specific user/SSH key.

git-restrict is C99 portable and compiled as a static binary so it's easy to use it in chroot environments. This is obviously intentional.

Basic usage

Set up SSH and a git user on a host machine that will serve the git repositories. Ideally the repos should be stored in the user's $HOME.

After this, compile and install git-restrict and use something like the following to set repo permissions for specific SSH keys:

$ cat ~/.ssh/authorized_keys
command="/usr/bin/git-restrict repo0 repo1 repo2" ssh-ed25519 AAA...1 user0@machine
command="/usr/bin/git-restrict repo3 repo0" ssh-ed25519 AAA.Z user1@machine

It is also useful to see the contrib directory to see an automation example.

License

GNU Affero General Public License version 3.

About

Simple utility for git repository permission management

Topics

git security minimal static chroot permission-management

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

5 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

4 tags

Languages