Added restricted Git access with git-shell-commands

2025-09-05 06:36:38 +02:00 · 2016-07-28 12:05:26 +02:00 · 2016-07-28 12:05:26 +02:00 · fcb212f741
commit fcb212f741
parent d889bc02f8
3 changed files with 18 additions and 1 deletions
--- a/7
+++ b/7
@ -22,6 +22,13 @@ RUN mkdir /git-server/keys \
  && echo git:12345 | chpasswd \
  && mkdir /home/git/.ssh

+# This is a login shell for SSH accounts to provide restricted Git access.
+# It permits execution only of server-side Git commands implementing the
+# pull/push functionality, plus custom commands present in a subdirectory
+# named git-shell-commands in the user’s home directory.
+# More info: https://git-scm.com/docs/git-shell
+COPY git-shell-commands /home/git/git-shell-commands
+
 # En sshd_config habilitamos acceso por key y deshabilitamos por password
 COPY sshd_config /etc/ssh/sshd_config
 COPY start.sh start.sh
--- a/README.md
+++ b/README.md
@ -9,7 +9,12 @@ How to run the container in port 2222 with two volumes, keys volume for public k

 How check that container works (you must to have a key):

-	$ ssh git@<ip-docker-server> -p 2222 -v
+	$ ssh git@<ip-docker-server> -p 2222
+	...
+	Welcome to jkarlos/git-server-docker!
+	You've successfully authenticated, but I do not
+	provide interactive shell access.
+	...

 How clone a repository:

--- a/git-shell-commands/no-interactive-login
+++ b/git-shell-commands/no-interactive-login
@ -0,0 +1,5 @@
+#!/bin/sh
+printf '%s\n' "Welcome to jkarlos/git-server-docker!"
+printf '%s\n' "You've successfully authenticated, but I do not"
+printf '%s\n' "provide interactive shell access."
+exit 128