aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStevan Radaković <stevan.radakovic@linaro.org>2013-01-31 15:38:46 +0100
committerStevan Radaković <stevan.radakovic@linaro.org>2013-01-31 15:38:46 +0100
commitea423e75618689ad0d9e811fd599bd293fc5cf8a (patch)
tree62d2f15646624ebf28596555835e50b500667cfb
parentd0b9efe4ac7f5f1076c9bf3c77fda25b57d84432 (diff)
parent171e01a28002fde56e4d2bf2243e2d229770f605 (diff)
downloadrhodecode-config-ea423e75618689ad0d9e811fd599bd293fc5cf8a.tar.gz
Merge branch 'stevanr_master'
-rw-r--r--SETUP65
1 files changed, 65 insertions, 0 deletions
diff --git a/SETUP b/SETUP
new file mode 100644
index 0000000..54926ce
--- /dev/null
+++ b/SETUP
@@ -0,0 +1,65 @@
+Rhodecode Setup
+===============
+
+
+SSH Keys and access to public repos
+===================================
+
+The main goal is to have the same ACL when connecting to our git server
+via SSH protocol as the one over the Rhodecode web interface.
+All the user/group restrictions must apply as well for both read/write
+access.
+
+To manage this, all the groups and users from the Rhodecode database must
+be mirrored and synced with system users and groups.
+Couple of potential problems were observed and discussed.
+
+
+Rhodecode system user
+---------------------
+
+The Rhodecode app uses the 'rhodecode' system user for all git and mercurial
+interactions so this user must have read/write access over all repositories.
+Easiest way to do this and not intefere with other permissions is to have
+all repository directories user ownership given to this user.
+Group ownerships will be used to control SSH user/group ACL.
+
+The question is does having a user which can access all repositories
+present a security threat?
+For one, we can disable shell access after installation for this user as well.
+See section on "Disabling shell access for git SSH users".
+
+
+Nested groups
+-------------
+
+Since Rhodecode supports nested groups and the need for them will most
+likely be present, there are couple of ways to mimic this feature with the
+system groups. Both ways include some form of synchronization between
+Rhodecode users/groups with the systems' one.
+
+First solution assume that all users and groups on Rhodecode reflects those on
+the system. It includes having the sync script assign particular system user
+not only to the group which he is assigned to in Rhodecode, but to all
+*parent* groups of this particular group.
+
+Second solution includes having all the users from the Rhodecode synced in the
+system as well, but not all of the groups. Group will exist in the system only
+and only if it is the *mother* group (meaning it has no parent) and it has at
+least one user belonging to either that group or any child group.
+
+
+Disabling shell access for git SSH users
+----------------------------------------
+
+In order for users to have access to git using SSH keys for public repositories
+the idea provide them with limited access to git+ssh protocol.
+SSH keys will be picked up by Rhodecode from LDAP service.
+
+Users will be deprived of shell access to the system by enabling git-shell for
+each user via the .ssh/authorized_keys file.
+
+ command="git-shell -c $SSH_ORIGINAL_COMMAND" ssh-rsa AAAAB3NzaC***...***
+
+For more info on git-shell and what commands it supports please refer to the
+manual. \ No newline at end of file