blob: 7e24c4e57b5b5a0e0bc6132c038dc6119aebc5e9 (
plain)
1 #!/usr/bin/env bash
2 #
3 # Gitaccess implements basic access controls for git.
4 # Copyright (C) 2015 Aaron Ball <nullspoon@iohq.net>
5 #
6 # This program is free software; you can redistribute it and/or modify it under
7 # the terms of the GNU General Public License as published by the Free Software
8 # Foundation; either version 2 of the License, or (at your option) any later
9 # version.
10 #
11 # This program is distributed in the hope that it will be useful, but WITHOUT
12 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13 # FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
14 # details.
15 #
16 # You should have received a copy of the GNU General Public License along with
17 # this program; if not, write to the Free Software Foundation, Inc., 51
18 # Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19 #
20 #
21 # Description
22 # -----------
23 #
24 # This script is intended solely to read variables passed to it and set them up
25 # as environmental variables for later use.
26 #
27 # This script should be called by ~/.ssh/authorized keys using the following syntax
28 #
29 # # Key for user <username>
30 # command="~/bin/gitaccess <username>" ecdsa-sha2-nistp521 AAAAE2v....
31 #
32
33 # Detect if someone tries to launch this script from this script, thus creating
34 # an infinite recursive loop spawning subshells.
35 if [ "${SSH_ORIGINAL_COMMAND:-}" == "$(basename ${0})" ]; then
36 printf "ERROR: Blocking infinite recursion\n"
37 exit 1
38 fi
39
40
41 # All checks passed...
42
43 # The first argument should be the username, as defailed in the script
44 # instructions
45 export GIT_USER="${1}"
46
47 # Environmental variables set up. Proceed as was originally planned.
48 /usr/bin/env git shell -c "${SSH_ORIGINAL_COMMAND}"
|
