0

We have our server implementation of git repo. I would like to restrict push to the one of the branch of the repo for everyone except of me.

So, I added under .git/hooks/update on server git dir such script

#!/bin/sh
if [ "$USER" != "Aleksey" ] && [ "$1" == refs/heads/test_br ];then
echo "Manual pushing to this repo is restricted"
exit 1
fi

And I see that condition "$USER" != "Aleksey" is always true. Second condition looks like is work good, but name condition not...

Who know what is the problem? Maybe I need to compare with user mail? Or something else?

Feel free to ask

Sirop4ik
  • 4,543
  • 2
  • 54
  • 121

1 Answers1

0

git doesn't have any notion of users. Whatever protocol you use to push to remote $USER is the user under which server-side git operates. For example if you push like git push git@remote-server/repo.git then $USER is always git.

If you want user-based branch protection you need to install something that has a notion of users — gitolite, github, gitlab, etc.

phd
  • 82,685
  • 13
  • 120
  • 165
  • but because of we have the remote server implementation of git I can't install something to additional... I can add a script or something like this... Do you have an idea how can I do this, without to install additional soft? – Sirop4ik Dec 30 '18 at 20:01
  • I don't understand… Do you have your own git implementation? That is, a collection of programs that doesn't use original git but implements git protocol? In that case that implementation has to manage users. And if it doesn't — you're out of luck. – phd Dec 30 '18 at 20:35
  • No, I just have git bare repo on our server side... Did you get? – Sirop4ik Dec 31 '18 at 07:11
  • No, you cannot have *__just__ a bare repo* — there have to be a transport level. Either you access the bare repo over ssh, or http(s), or via local filesystem (the transport then is CIFS/SMB, actually, but it doesn't matter). Both ssh and https transports have notion of users but how they're used depends on the server-side configuration which you haven't explained. So the next question is: what transport do you use and how? Can you show the result of `git remote show` (remove passwords)? – phd Dec 31 '18 at 13:10
  • we are using local file system and `git remote show` return me `origin`... – Sirop4ik Jan 01 '19 at 09:50
  • With local file system `$USER` should be your login user name. What it really is? – phd Jan 01 '19 at 11:25
  • I have done such thing `echo "Manual pushing to this repo is restricted ask ++ $USER ++ !!!` and there is the output from `echo` `Manual pushing to this repo is restricted ask ++ ++ !!!` – Sirop4ik Jan 01 '19 at 11:42
  • It looks like it is empty... hmmm – Sirop4ik Jan 01 '19 at 11:42
  • What do you think? Is there a way how to make it? – Sirop4ik Jan 02 '19 at 13:04