Re: How do you manage git users?

From: Owen Taylor <otaylor redhat com>
To: Pau Ruŀlan Ferragut <paurullan gmail com>
Cc: gnome-infrastructure gnome org
Subject: Re: How do you manage git users?
Date: Mon, 23 Mar 2009 16:31:04 -0400

On Mon, 2009-03-23 at 21:14 +0100, Pau Ruŀlan Ferragut wrote:
> The git migration is on its final stages but I can't find any document on how
> did you manage to administrate the users. What kind of infrastructure do you
> have in order to allow push?

We're just using the same infrastructure as we used for SVN.
Essentially:

 - We have an admin-only interface (Mango) for user management, and use
   'rt' to track requests for new accounts and account changes.

 - User information is stored in LDAP and accessed via nss-ldap.

 - SSH public keys are also stored in LDAP

 - We use scripts to write out SSH keys for users (in a look-aside
   read-only location.) For non-admin users, the SSH keys written
   on git.gnome.org restrict the user to running a single wrapper 
   script that validates what the user as doing as a git operation
   or certain special commands (like create-repository)

 - GNOME does not have ACLs on repositories (except for certain
   repositories which are restricted to the sysadmin team.) So 
   anybody, can push to any repository, assuming they have permission
   from the maintainer. ACLs could be added as part of our
   pre-receive scripts pretty easily if desired.

Does that answer your question?

- Owen

Follow-Ups:
- Re: How do you manage git users?
  - From: Pau =?utf-8?Q?Ru=C5=80lan?= Ferragut
- Re: How do you manage git users?
  - From: =?UTF-8?Q?=D0=90=D0=BB=D0=B5=D0=BA=D1=81=D0=B0=D0=BD=D0=B4=D1=8A=D1=80_?= =?UTF-8?Q?=D0=A8=D0=BE=D0=BF=D0=BE=D0=B2?=

References:
- How do you manage git users?
  - From: Pau =?utf-8?Q?Ru=C5=80lan?= Ferragut

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]