git-http-backend,ro 适用于所有人,写入需要密码吗?(使用 lighttpd)

git-http-backend,ro 适用于所有人,写入需要密码吗?(使用 lighttpd)

我想为所有人提供对我的 GIT 存储库的只读访问权限(即不需要用户名/密码),但需要身份验证才能写入。git-http-backend手册页建议通过匹配位置来实现这一点^/git/.*/git-receive-pack$。对于 Apache 2.x,它看起来像这样:

<LocationMatch "^/git/.*/git-receive-pack$">
    AuthType Basic
    AuthName "Git Access"
    Require group committers
    ...
</LocationMatch>

现在,我正在使用 lighttpd,但翻译上述内容不会造成问题。只是我的访问日志表明上述内容无论如何都行不通。这是我执行以下命令时看到的内容git push

192.168.1.84 tracsrv.local - [06/Apr/2013:20:00:20 +0200] "GET /git/foo.git/info/refs?service=git-receive-pack HTTP/1.1" 403 5 "-" "git/1.8.2"

因此,看来我需要匹配查询字符串。对于 lighty,我尝试了以下方法:

$HTTP["querystring"] =~ "service=git-receive-pack" {
    $HTTP["url"] =~ "^/git" {
        cgi.assign = ( "" => "" )
        setenv.add-environment = (
            "GIT_PROJECT_ROOT" => "/srv/git",
            "GIT_HTTP_EXPORT_ALL" => ""
        )

        auth.backend = "plain"
        auth.backend.plain.userfile = "/srv/tracprjs/trac.plain"
        auth.require = (
            "/" => (
                "method" => "basic",
                "realm" => "trac",
                "require" => "valid-user"
                )
            )
    }
}

$HTTP["url"] =~ "^/git" {
    cgi.assign = ( "" => "" )
    setenv.add-environment = (
        "GIT_PROJECT_ROOT" => "/srv/git",
        "GIT_HTTP_EXPORT_ALL" => ""
    )
}

不需要密码git fetch,而需要密码git push。但是,git push实际上并没有成功。有什么关于如何实现这一点的指示吗?

答案1

在 git 邮件列表人员的帮助下,我找到了一个可行的配置:http://www.spinics.net/lists/git/msg203744.html

相关内容