diff options
| -rw-r--r-- | Documentation/git-shell.txt | 20 | ||||
| -rw-r--r-- | shell.c | 13 |
2 files changed, 33 insertions, 0 deletions
diff --git a/Documentation/git-shell.txt b/Documentation/git-shell.txt index 544b21aaa6..c35051ba58 100644 --- a/Documentation/git-shell.txt +++ b/Documentation/git-shell.txt @@ -59,6 +59,26 @@ users to list repositories they have access to, create, delete, or rename repositories, or change repository descriptions and permissions. +If a `no-interactive-login` command exists, then it is run and the +interactive shell is aborted. + +EXAMPLE +------- + +To disable interactive logins, displaying a greeting instead: ++ +---------------- +$ chsh -s /usr/bin/git-shell +$ mkdir $HOME/git-shell-commands +$ cat >$HOME/git-shell-commands/no-interactive-login <<\EOF +#!/bin/sh +printf '%s\n' "Hi $USER! You've successfully authenticated, but I do not" +printf '%s\n' "provide interactive shell access." +exit 128 +EOF +$ chmod +x $HOME/git-shell-commands/no-interactive-login +---------------- + SEE ALSO -------- ssh(1), @@ -6,6 +6,7 @@ #define COMMAND_DIR "git-shell-commands" #define HELP_COMMAND COMMAND_DIR "/help" +#define NOLOGIN_COMMAND COMMAND_DIR "/no-interactive-login" static int do_generic_cmd(const char *me, char *arg) { @@ -65,6 +66,18 @@ static void run_shell(void) { int done = 0; static const char *help_argv[] = { HELP_COMMAND, NULL }; + + if (!access(NOLOGIN_COMMAND, F_OK)) { + /* Interactive login disabled. */ + const char *argv[] = { NOLOGIN_COMMAND, NULL }; + int status; + + status = run_command_v_opt(argv, 0); + if (status < 0) + exit(127); + exit(status); + } + /* Print help if enabled */ run_command_v_opt(help_argv, RUN_SILENT_EXEC_FAILURE); |