Is there a way to restrict git-annex-shell to a specific directory? Currently, if git-annex is paired to a remote repository, it adds this to the authorized_keys:

$ cat ~/.ssh/authorized_keys
command="~/.ssh/git-annex-shell",no-agent-forwarding,no-port-forwarding,no-X11-forwarding ssh-rsa AAAAB3...

$ cat ~/.ssh/git-annex-shell 
#!/bin/sh
set -e
exec git-annex-shell -c "$SSH_ORIGINAL_COMMAND"

That gives whoever has the pubkey the right to access all repositories of one user. It would be nice to have a manual way to limit the access to a specific repository like

$ cat ~/.ssh/git-annex-shell 
#!/bin/sh
set -e
export GIT_ANNEX_SHELL_REPO=~/annex
exec git-annex-shell -c "$SSH_ORIGINAL_COMMAND"

Or maybe some chroot hackery is the way to go?

I've added a GIT_ANNEX_SHELL_DIRECTORY environment variable, that, if set, prevents git-annex-shell from operating on any other directory.

I've made the assistant include that setting in authorized_keys that it sets up. For example:

command="GIT_ANNEX_SHELL_DIRECTORY=/home/me/annex ~/.ssh/git-annex-shell" ...
Comment by http://joeyh.name/ Mon Nov 5 16:40:39 2012

Wow, thank you for implementing this so quickly!

Just one question: As far as I understood git-annex-shell relays all unknown commands to git-shell. In this case are there the same restrictions active, too?

Thanks again...

Comment by http://olg.myid.net/ Mon Nov 5 23:34:20 2012
All commands usually run by git-shell have the repository directory as their last parameter, and git-annex-shell depends on that being the case and checks them. It's possible to add some commands to git-shell by putting them in a special directory, and if those commands don't take the directory last, they wouldn't work.
Comment by http://joeyh.name/ Mon Nov 5 23:42:10 2012
Comments on this page are closed.