zno2

Gitolite 权限控制

官网 http://gitolite.com/gitolite/index.html

安装配置 http://gitolite.com/gitolite/install/

傻瓜安装教程 http://gitolite.com/gitolite/fool_proof_setup/

快速指南(中文)https://git-scm.com/book/zh/v1/%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%B8%8A%E7%9A%84-Git-Gitolite

快速指南(英文)https://git-scm.com/book/en/v1/Git-on-the-Server-Gitolite

1安装

1) 创建 git 用户

useradd git
passwd changeit

2)使用root用户安装git

yum list git
yum install git

3)安装 perl-Data-Dumper.x86_64 (因为执行 gitolite/install 时的异常 Can't locate Data/Dumper.pm in @INC

yum list perl*Dumper*
yum install perl-Data-Dumper.x86_64

4)切换到 git 用户并克隆 gitolite 源码

su git                                        
cd ~
git clone https://github.com/sitaramc/gitolite

 

    ./install -to <dir>
        to copy the entire 'src' directory to <dir>.  If <dir> is not in
        $PATH, use the full path to run gitolite commands.

        Please provide a full path, not a relative path.
5)安装 gitolite 
ls gitolite -l
./gitolite/install -to ~/bin

 

Usage:  gitolite setup [<option>]

-pk, --pubkey <file>        pubkey file name

'-pk' can be used to replace the admin key; useful if you lost the admin's private key but do have shell access to the server.
6)上传并设置 public key ,公钥文件名即账户名 
./bin/gitolite setup -pk zxg.pub

 

7)在服务器端显示自动创建的仓库的目录结构

./repositories/gitolite-admin.git/
./repositories/gitolite-admin.git/HEAD
./repositories/gitolite-admin.git/logs
./repositories/gitolite-admin.git/logs/HEAD
./repositories/gitolite-admin.git/logs/refs
./repositories/gitolite-admin.git/logs/refs/heads
./repositories/gitolite-admin.git/logs/refs/heads/master
./repositories/gitolite-admin.git/index
./repositories/gitolite-admin.git/description
./repositories/gitolite-admin.git/COMMIT_EDITMSG
./repositories/gitolite-admin.git/hooks
./repositories/gitolite-admin.git/hooks/pre-push.sample
./repositories/gitolite-admin.git/hooks/post-update
./repositories/gitolite-admin.git/hooks/prepare-commit-msg.sample
./repositories/gitolite-admin.git/hooks/update.sample
./repositories/gitolite-admin.git/hooks/commit-msg.sample
./repositories/gitolite-admin.git/hooks/pre-rebase.sample
./repositories/gitolite-admin.git/hooks/update
./repositories/gitolite-admin.git/hooks/pre-commit.sample
./repositories/gitolite-admin.git/hooks/pre-applypatch.sample
./repositories/gitolite-admin.git/hooks/applypatch-msg.sample
./repositories/gitolite-admin.git/hooks/post-update.sample
./repositories/gitolite-admin.git/gl-conf
./repositories/gitolite-admin.git/branches
./repositories/gitolite-admin.git/refs
./repositories/gitolite-admin.git/refs/tags
./repositories/gitolite-admin.git/refs/heads
./repositories/gitolite-admin.git/refs/heads/master
./repositories/gitolite-admin.git/objects
./repositories/gitolite-admin.git/objects/内容略
./repositories/gitolite-admin.git/config
./repositories/gitolite-admin.git/info
./repositories/gitolite-admin.git/info/exclude

 

8) 在客户端验证该服务是否成功

git ls-remote git@123.206.22.178:gitolite-admin

 

结果(显示的是gitolite-admin 仓库内容):

e173b96b63241df3946f5babd0fcdc819a4eb0df        HEAD
e173b96b63241df3946f5babd0fcdc819a4eb0df        refs/heads/master

 

2 授权

1) 克隆 gitolite-admin 仓库到本地

git clone git@123.206.22.178:gitolite-admin

其目录结构为:

└─gitolite-admin
    ├─conf
    │      gitolite.conf
    │
    └─keydir
            zxg.pub

2)假设为小红授权

① 将 xiaohong.pub 复制到 keydir 下

② 编辑 gitolite.conf 文件追加如下内容:

repo foo
    RW+     =   xiaohong
    R       =   zxg

③ add 、commit 、push 三步提交到服务器即可

 

3)权限控制详细文档

access rule examples

Gitolite's access rules are very powerful. The simplest use was already shown above. Here is a slightly more detailed example:

repo foo
    RW+                     =   alice
    -   master              =   bob
    -   refs/tags/v[0-9]    =   bob
    RW                      =   bob
    RW  refs/tags/v[0-9]    =   carol
    R                       =   dave

Here's what these example rules say:

  • alice can do anything to any branch or tag -- create, push, delete, rewind/overwrite etc.

  • bob can create or fast-forward push any branch whose name does not start with "master" and create any tag whose name does not start with "v"+digit.

  • carol can create tags whose names start with "v"+digit.

  • dave can clone/fetch.

Please see the main documentation linked above for all the gory details, as well as more features and examples.

groups

Gitolite allows you to group users or repos for convenience. Here's an example that creates two groups of users:

@staff      =   alice bob carol
@interns    =   ashok

repo secret
    RW      =   @staff

repo foss
    RW+     =   @staff
    RW      =   @interns

Group lists accumulate. The following two lines have the same effect as the earlier definition of @staff above:

@staff      =   alice bob
@staff      =   carol

You can also use group names in other group names:

@all-devs   =   @staff @interns

Finally, @all is a special group name that is often convenient to use if you really mean "all repos" or "all users".

posted on 2017-09-25 18:40  zno2  阅读(1739)  评论(0编辑  收藏  举报

导航