From d9fc214c094bdb4ae4f7a855a1cc61134a5b519e Mon Sep 17 00:00:00 2001 From: Matthias Lucas Jaros Date: Sun, 19 Oct 2025 11:40:00 +0200 Subject: Finally works with permission checks --- docker-compose.yml | 2 +- init | 2 +- run | 4 +++- sudo-git | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 6327962..2ccd530 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -11,7 +11,7 @@ services: - "--users" - pass,yolo - "--repos" - - pass:pass + - pass:pass,yolo:yolo volumes: - ./keys:/var/keys - ./repos:/srv/repos diff --git a/init b/init index 430acc8..3802633 100755 --- a/init +++ b/init @@ -35,7 +35,7 @@ for repoConfig in (string split ',' $_flag_r) # write user as allowed into permission file for user in $parsedConfig[2..] - echo "$repo:$user" >> /srv/repos/permissions + echo "$repoDir:$user" >> /srv/repos/permissions end # setup repo dir diff --git a/run b/run index 01751a7..061b5a3 100755 --- a/run +++ b/run @@ -2,7 +2,9 @@ # echo check for permissions set -l USER (whoami) -#cat /srv/repos/permission | grep -E "^ +set matcher (string match -r -g "^.*'(.*)'\$" "$argv") +cat /srv/repos/permissions | grep -q -E "^$matcher[1]:$USER" +or exit 1; # run command /usr/bin/sudo -u git /usr/bin/git-shell -c "$argv" diff --git a/sudo-git b/sudo-git index 6a5fc22..cd2f413 100644 --- a/sudo-git +++ b/sudo-git @@ -1,2 +1,2 @@ Defaults:pass !requiretty -pass ALL=(git) NOPASSWD: /usr/bin/git-shell +ALL ALL=(git) NOPASSWD: /usr/bin/git-shell -- cgit v1.3.1