shell

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README

commit 8d60db10c6c9897ed71cfe0c7cc0e5542309e4a0
parent 4e969f6e746cdb5b2c61c0d4dfeadd184e2351cb
Author: flupe <flupe@sbi.re>
Date:   Tue, 16 Nov 2021 19:39:25 +0100

basic shell functionality

Diffstat:
MREADME.md | 25+++++++++++++++++++++++++
Mshell.py | 32++++++++++++++++++++++++++++++++
2 files changed, 57 insertions(+), 0 deletions(-)

diff --git a/README.md b/README.md @@ -1 +1,26 @@ Custom git shell for public sbi.re repositories. + +## Setup + +Put `shell.py` in `/var/lib/git/` which should be the home of system user `git`. +Make sure it is executable, and setup `.ssh/authorized_keys` as such: + +``` +command="~/shell.py lucas",no-port-forwarding,no-X11-forwarding,no-agent-forwarding SSH_KEY +command="~/shell.py peio",no-port-forwarding,no-X11-forwarding,no-agent-forwarding SSH_KEY +``` + +The first argument should be the username associated with the given SSH key. +This username is only used for permissions, nothing git related. + +## Commands + +``` +$ ssh user@sbi.re help +``` + +### TODO + +``` +$ ssh user@sbi.re desc myrepo This is a repo of me +``` diff --git a/shell.py b/shell.py @@ -1,3 +1,35 @@ #!/bin/python3 +import sys +import os +import subprocess +def main(): + user = sys.argv[1] + cmd, *args = os.getenv("SSH_ORIGINAL_COMMAND").split(" ") + + if cmd == "git-receive-pack": + repo = args[0][1:-1] + path = os.path.join(os.getcwd(), repo) + # TODO: check authorization for pushing to repo + + # if repo does not exist, create it + # TODO: this fails when creating the repo + # on 2nd push everything is fine + if not os.path.isdir(path): + subprocess.run(["git", "init", "--bare", repo]) + sys.stderr.write("Created repository %s" % repo) + + subprocess.run(["git-receive-pack", args[0][1:-1]]) + if cmd == "git-upload-pack": + # TODO: check whether repo exists + # TODO: check authorization for reading from repo + subprocess.run(["git-upload-pack", args[0][1:-1]]) + + elif cmd == "help": + print(("Hello there, {}!\n" + "This is our custom shell for git.").format(user)) + + +if __name__ == '__main__': + main()