示例#1
0
文件: main.go 项目: jcantrill/geard
func switchnsGit() {
	var u *user.User
	var err error
	var repoId git.RepoIdentifier

	uid := os.Getuid()
	originalCommand := os.Getenv("SSH_ORIGINAL_COMMAND")

	if u, err = user.LookupId(strconv.Itoa(uid)); err != nil {
		fmt.Printf("Couldn't find user with uid %n\n", uid)
		os.Exit(2)
	}

	if uid != 0 {
		if !isValidGitCommand(originalCommand, !gitRw) {
			fmt.Printf("Invalid git command: %s\n", originalCommand)
			os.Exit(2)
		}
		if repoId, err = git.NewIdentifierFromUser(u); err != nil {
			fmt.Printf("Couldn't create identifier for user %v\n", u)
			os.Exit(2)
		}
		env := []string{fmt.Sprintf("HOME=%s", repoId.RepositoryPathFor())}
		client, err := docker.GetConnection("unix:///var/run/docker.sock")
		if err != nil {
			fmt.Printf("Unable to connect to server\n")
			os.Exit(3)
		}

		runCommandInContainer(client, "geard-githost", []string{"/usr/bin/git-shell", "-c", originalCommand}, env)
	} else {
		fmt.Println("Cannot switch into any git repo as root user")
		os.Exit(2)
	}
}
示例#2
0
文件: main.go 项目: roacobb/geard
func switchnsGit(cmd *cobra.Command, args []string) {
	var u *user.User
	var err error
	var repoId git.RepoIdentifier

	uid := os.Getuid()
	originalCommand := os.Getenv("SSH_ORIGINAL_COMMAND")

	if u, err = user.LookupId(strconv.Itoa(uid)); err != nil {
		os.Exit(2)
	}

	if uid != 0 {
		if !isValidGitCommand(originalCommand, !git_rw) {
			os.Exit(2)
		}
		if repoId, err = git.NewIdentifierFromUser(u); err != nil {
			os.Exit(2)
		}
		env := []string{fmt.Sprintf("HOME=%s", repoId.RepositoryPathFor())}
		runCommand("geard-githost", []string{"/usr/bin/git-shell", "-c", originalCommand}, env)
	} else {
		fmt.Println("Cannot switch into any git repo as root user")
		os.Exit(2)
	}
}
示例#3
0
func createUser(repositoryId git.RepoIdentifier) error {
	cmd := exec.Command("/usr/sbin/useradd", repositoryId.LoginFor(), "-m", "-d", repositoryId.HomePath(), "-c", "Repository user")
	if out, err := cmd.CombinedOutput(); err != nil {
		fmt.Println(out)
		return err
	}
	selinux.RestoreCon(repositoryId.HomePath(), true)
	return nil
}
示例#4
0
func InitializeRepository(repositoryId git.RepoIdentifier, repositoryURL string) error {
	var err error
	if _, err = user.Lookup(repositoryId.LoginFor()); err != nil {
		if _, ok := err.(user.UnknownUserError); !ok {
			return err
		}
		if err = createUser(repositoryId); err != nil {
			return err
		}
	}
	if err := os.MkdirAll(repositoryId.HomePath(), 0700); err != nil {
		return err
	}
	if err := os.MkdirAll(repositoryId.RepositoryPathFor(), 0700); err != nil {
		return err
	}

	var u *user.User
	if u, err = user.Lookup(repositoryId.LoginFor()); err != nil {
		return err
	}

	uid, _ := strconv.Atoi(u.Uid)
	gid, _ := strconv.Atoi(u.Gid)

	if err = os.Chown(repositoryId.HomePath(), uid, gid); err != nil {
		return err
	}

	if err = os.Chown(repositoryId.RepositoryPathFor(), uid, gid); err != nil {
		return err
	}

	switchns := filepath.Join("/", "usr", "bin", "switchns")
	cmd := exec.Command(switchns, "--container=geard-githost", "--", "/git/init-repo", repositoryId.RepositoryPathFor(), u.Uid, u.Gid, repositoryURL)
	cmd.Stdout = os.Stdout
	cmd.Stderr = os.Stderr
	err = cmd.Run()
	if err != nil {
		return err
	}

	if err := selinux.RestoreCon(repositoryId.RepositoryPathFor(), true); err != nil {
		return err
	}
	return nil
}