Git Installation and Permissions control (using Gitolite)

Source: Internet
Author: User

One: Git installation (CentOS) (ref. http://www.ccvita.com/tag/git/)

Attention:

A:git has no server-side and client-side points, and Git belongs to the Distributed version control system.

B:git Installation Steps

Yum Install Curl Curl-devel zlib-devel openssl-devel perl cpio expat-devel Gettext-devel

wget https://www.kernel.org/pub/software/scm/git/git-2.6.2.tar.gz

Autoconf

./configure

Make

Make install


Two: Use Gitolite to control git permissions (refer to http://blog.it985.com/12344.html)

I use three machines to verify the Gitolite control of git permissions

1:192.168.1.250 CentOS (hereinafter referred to as "250 machine") #这个机器作为存放最终版代码, and the code for all projects will be submitted to this machine.

2:192.168.1.25 Ubuntu (hereinafter referred to as "25 machine") #这个机器是运维工作人员的机器. It is necessary to control the permissions of all repositories on the 192.168.1.250 machine with the addition of the user.

3:192.168.1.88 Windows (hereinafter referred to as "88 machine") #这个机器是普通开发人员的机器, permissions are limited.


A: Create a user on the 250 machine (such as git) This user does not have to set the password, that is, cannot telnet (set password is also OK because git user will not be able to log in after installing Gitolite).

The role of Git users:

1: After installing gitolite with a git user. The git user's home directory automatically generates a repositories directory with two project directories (Gitolite-admin.git and Testing.git).

2: Developers use git clone [email protected]:testing.git to get the code. Command structure (git clone user @ipdizhi: Project directory)

Adding users will not say much. It's easy to useradd git ...

B: Generate SSH Key on the 25 machine,

Ubuntu system Generation Sshkey is also simple as with CentOS just need to execute the following command

Ssh-keygen-t sra-c "e-mail Address" #下面会提示输入密码, you can not enter the direct return three times will be generated, the generated location in the current user's home directory under the. SSH Hidden directory inside

Ls/home/ricky/.ssh #ricky就是我使用的ubuntu系统的用户名

Id_rsa id_rsa.pub

Then copy the id_rsa.pub (public key) to the/tmp directory of the 250 machine. Using the SCP command

SCP /home/ricky/.ssh/id_rsa.pub [email protected]192.168.1.250:/tmp/ricky.pub #拷贝id_ Rsa.pub to 250 machine and rename it to Ricky.pub (if your name is Zhangsan for zhangsan.pub) This user name will be used when setting permissions.

C: SSH Key on 88 machine

After installing the Windows version of Git on Windows, you can build sshkey with Git bash, which is no longer described in the same way as Linux.

But in the end we're going to put 88 machine generated files in the/tmp directory of the 25 machine. (Be sure to remember to rename (such as Aaa.pub), the gitolite will be the public key file name as the user name, and the user name to set permissions,).

Note: The id_rsa.pub generated on the 88 machine is renamed to aaa.pub Copy to the 25 machine, which is the operator's machine. It doesn't need to be copied to 250 machines this time .

D: Use git user to get/install Gitolite Rights Control tool on 250 machine.

Get Gitolite:

Cd/home/git

wget https://github.com/sitaramc/gitolite.git #当前目录会生成一个gitolite目录, inside is the file that installs Gitolite need.

Install Gitolite:

mkdir bin #创建一个bin目录下一步用.

/home/git/gitolite/install-to/home/git/bin

Note: #必须全路径, some directories and files are generated in the bin directory.

/home/git/bin/gitolite setup-pk/tmp/ricky.pub

Note: # This command will include the contents of the Ricky.pub public key in the/home/git/.ssh/authorized_keys file.

#会在/home/git/repositories/directory to create two repository gitolite-admin.git and Testing.git.

# Of course there are many other operations ...!

The Gitolite rights Control tool has been installed to complete this.

E: Find a directory on the 25 machine (my/home/ricky/git/here) and then check out the contents of Gitolite-admin.git from the 250 machine. The command is as follows:

git clone [email protected]:gitolite-admin #会在但前目录下生成一个 gitolite-admin directory is actually a file and a directory.

Note: This will not allow you to enter the password because the Ricky on the 25 machine has been imported into the 250 machine, if the input password is a problem refer to http://blog.it985.com/12344.html.

Files: gitolite-admin/conf/gitolite.conf #这个就是控制用户权限的文件.

Directory: Gitolite-admin/keydir #这是存放用户sshkey的地发, there should already be a ricky.pub public key. (88 the machine's public key is also to be put here)

F: Modify the gitolite-admin/conf/gitolite.conf permission profile on the 25 machine and add the 88 machine's public key.

VI gitolite-admin/conf/gitolite.conf #给aaa用户配置权限

Repo Gitolite-admin

rw+ = Ricky #ricky是运维管理员对gitolite-admin have write permission.

Repo Testing

rw+ = @all

rw+ = AAA #给aaa用户添加权限.

cp/tmp/aaa.pub/home/ricky/git/Gitolite-admin/keydir #拷贝aaa的公钥aaa. Pub to Keydir directory

LS /home/ricky/git/gitolite-admin/keydir

ricky.pub AAA . Pub

g:git Restricts the user's permissions by Gitolite, in fact by restricting the user's permissions through a special repository (gitolite-admin). So modify the gitolite.conf file to add aaa.pub to Keydir after you need to commit the changes.

CD /home/ricky/git/gitolite-admin

git add conf/gitolite.conf

git add keydir/aaa.pub

Git commit-m "Add user AAA"

git push

To this 88 machine can be command git clone [email protected]:testing to get the Testing.git repository inside the thing, although inside is controlled.

Note: the command git clone [email protected]:testing is correct!!! is the 250-machine git account, 250 machine installed gitolite after the GIT account will not be able to use putty this Telnet tool login system.

More complex git use and Gitolite permissions configuration, you need to find out.





Git Installation and Permissions control (using Gitolite)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.