Search code examples
gitgitolite

Repository and User Access for git using gitolite

First I am new to GIT and gitolite. But I have read enough and cleared my basic concepts. I was following Sitaram's tutorial https://github.com/sitaramc/gitolite I wanted to ask few question for clarification and doubts.

  1. I have a user git. Is it really necessary for a git user to have no password (user created with --disabled-password option (which I can't make it working on RHEL. but it worked on ubuntu))? I understand that git user must be accessible with ssh.

  2. Lets say I have a GIT server and three clients gitadmin, cleintA and clientB. Now to make gitolite work, on gitadmin I copy clientA.pub, ClientB.pub (the public keys) to keydir then I edit my conf/gitolite.conf like as follows:

     repo phpsite
       RW+         =   clientA

 repo javasite
       RW+         = clientB

Now my question is when I commit these files and push them on server. What happens then? How these repos are created? do I have to manually create them or gitolite will create it?

Now when clientA needs to clone/checkout the repo what url will it use?

[email protected]:phpsite or will it be clientA@server:phpsite.

I know this question may be a little stupid, but I really need to clear these doubts

Any help or hint is much appreciable.

EDIT

After VonC answer I implemented the gitolite and got around another Doubt. Lets say I have a machine clientA which got two users alice,bob Now Ideally the public key should be alice.pub and bob.pub for these users. Now Question is can I generate and name a public key for alice like alice-clientA.pub? From my understanding a different file name should not be a issue for authentication. But what about conf/gitolite.conf the users name under repo should be like 

repo phpsite
   RW+     =  alice-clientA

OR

should it be same as before

 repo php:site
   RW+    =   alice

Thanks!

Solution

  • Is it really necessary for a git user to have no password (user created with --disabled-password option)

    No. 'git'is a regular account.

    when I commit these files and push them on server. What happens then

    Gitolite will create the bare repo phpsite.git and javasite.git in ~git/repositories/, and it will modify ~git/.ssh/authorized_keys in order to call the gitolite script using clientA and clientB public keys and parameter.
    It takes advantage of the ssh mechanism forced command.

    See more at "How do programs like gitolite work?".

    You always use an ssh connection as user git:

    [email protected]:phpsite

    You never tries an ssh as clientA: ssh will authenticate you as clientA because of your clientA public/private ssh keys.