gitlab:调用gitlab-shell
gitlab: invocation of gitlab-shell
我一直在研究 gitlab-shell. I am unable to understand how it is invoked. If I made a pull to my server(on which gitlab-shell is installed), how does gitlab-shell knows about it? bin/gitlab-shell 的代码,将这一行作为注释:
GitLab shell, invoked from ~/.ssh/authorized_keys
authorized_keys 中是否有调用 gitlab-shell 的行? (听起来不太可能)。
blob line you mention 将 authorized_keys 行构建为:
"command=\"#{ROOT_PATH}/bin/gitlab-shell [auserID]\",\
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa [aPubKey]
这是利用 SSH 功能(与 Git 或 GitLab 无关),称为“forced command”。
你可以看到图示in gitolite, which explains强制命令允许:
- 限制shell访问
- 区分一个用户与另一个用户
对于 GitLab,允许将 SSH 调用限制为 gitlab-shell。
我一直在研究 gitlab-shell. I am unable to understand how it is invoked. If I made a pull to my server(on which gitlab-shell is installed), how does gitlab-shell knows about it? bin/gitlab-shell 的代码,将这一行作为注释:
GitLab shell, invoked from ~/.ssh/authorized_keys
authorized_keys 中是否有调用 gitlab-shell 的行? (听起来不太可能)。
blob line you mention 将 authorized_keys 行构建为:
"command=\"#{ROOT_PATH}/bin/gitlab-shell [auserID]\",\
no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa [aPubKey]
这是利用 SSH 功能(与 Git 或 GitLab 无关),称为“forced command”。
你可以看到图示in gitolite, which explains强制命令允许:
- 限制shell访问
- 区分一个用户与另一个用户
对于 GitLab,允许将 SSH 调用限制为 gitlab-shell。