aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2014-07-29 17:08:50 +0300
committerSergey Poznyakoff <gray@gnu.org.ua>2014-07-29 18:16:23 +0300
commitd745c522f462e01aa576c6f93b94cbad6c631f73 (patch)
tree854738e411b0f993ecaea3d5d3fb05280a621642
parentba7a48a2b88b33c6c49511fd4422d255264fac98 (diff)
downloadgitaclhook-d745c522f462e01aa576c6f93b94cbad6c631f73.tar.gz
gitaclhook-d745c522f462e01aa576c6f93b94cbad6c631f73.tar.bz2
Change namespace for the configuration variables: hooks.acl.*
-rwxr-xr-xgitaclhook30
-rw-r--r--lib/GitACL.pm14
-rw-r--r--lib/GitACL/File.pm2
-rw-r--r--lib/GitACL/LDAP.pm2
4 files changed, 24 insertions, 24 deletions
diff --git a/gitaclhook b/gitaclhook
index f9b5974..b88adf3 100755
--- a/gitaclhook
+++ b/gitaclhook
@@ -47,14 +47,14 @@ server cannot be reached, the update is denied.
Two storage engines are supported: B<File>, which reads access control
lists from a disk file, and B<LDAP>, which obtains them from LDAP.
-The engine to use is defined by the B<hooks.acltype> configuration keyword.
+The engine to use is defined by the B<hooks.acl.type> configuration keyword.
The default is B<File>.
=head1 ACL FILE
The ACL file is used when the B<File> storage engine is requested. The
-path to the file must be given via the B<hooks.aclfile> configuration
-keyword. If B<hooks.aclfile> is not defined, update is allowed
+path to the file must be given via the B<hooks.acl.file> configuration
+keyword. If B<hooks.acl.file> is not defined, update is allowed
unconditionally.
The ACL file has the usual line-oriented syntax. Comments are introduced
@@ -143,7 +143,7 @@ contains the opcode of the requested operation and I<REF> matches the affected
ref. Missing I<REF> and/or I<OP> are treated as a match.
If no rule applies, the operation is denied. This can be changed by setting
-B<hooks.acldefault = allow> in Git configuration file.
+B<hooks.acl.default = allow> in Git configuration file.
For example, assume you have the following ACL file:
@@ -168,7 +168,7 @@ The LDAP storage engine is requested by the following configuration statement:
acltype = LDAP
The URI of the LDAP server to use and other data necessary to access it
-are read from the file name given in the B<hooks.aclldapconf> variable,
+are read from the file name given in the B<hooks.acl.ldapconf> variable,
or from B</etc/ldap.conf>, if it is not defined. LDAP access control
entries are similar to the plaintext file ACLs. Each entry has the
following attrubutes:
@@ -221,38 +221,38 @@ If no matching entry is found, the update is allowed.
=over 4
-=item B<hooks.acltype> STRING
+=item B<hooks.acl.type> STRING
Type of the storage engine. Valid values are B<File> (default) and B<LDAP>.
-=item B<hooks.aclfile> STRING
+=item B<hooks.acl.file> STRING
For the B<File> storage engine, name of the ACL file.
-=item B<hooks.aclldapconf> STRING
+=item B<hooks.acl.ldapconf> STRING
For the B<LDAP> storage engine, the name of the configuration file to use
instead of B</etc/ldap.conf>.
-=item B<hooks.acllog> STRING
+=item B<hooks.acl.log> STRING
Send log info to this file.
-=item B<hooks.acldebug> NUMBER
+=item B<hooks.acl.debug> NUMBER
Enable debugging. The bigger the number, the more debugging info will
be displayed.
-=item B<hooks.aclquiet> BOOL
+=item B<hooks.acl.quiet> BOOL
Suppress diagnostics on stderr.
-=item B<hooks.acldefault> B<allow>|B<deny>
+=item B<hooks.acl.default> B<allow>|B<deny>
Sets the default rule, i.e. the one that will be executed if no other
rule matched the request. Unless defined, B<deny> is assumed.
-=item B<hooks.httpd-user> STRING
+=item B<hooks.acl.httpd-user> STRING
Name of the user httpd runs as. Define it if the repository can be
accessed via HTTP(S). If B<gitaclhook> is run as this user, it will
@@ -285,7 +285,7 @@ The program uses following environment variables:
=item B<GIT_UPDATE_DEBUG>
-When set to 1, enables debugging mode. The B<hooks.acldebug>
+When set to 1, enables debugging mode. The B<hooks.acl.debug>
configuration variable overrides this setting.
=item B<GIT_DIR>
@@ -294,7 +294,7 @@ Path to the affected repository.
=back
-If updates are performed via HTTP or HTTPS and the B<hooks.httpd-user>
+If updates are performed via HTTP or HTTPS and the B<hooks.acl.httpd-user>
configuration variable is set, the following two variables are used
to determine the identity of the user:
diff --git a/lib/GitACL.pm b/lib/GitACL.pm
index 9cd381d..cde9624 100644
--- a/lib/GitACL.pm
+++ b/lib/GitACL.pm
@@ -73,7 +73,7 @@ sub allow($$) {
sub default_rule($) {
my $self = shift;
- my $def = GitACL::git_value('config', 'hooks.acldefault');
+ my $def = GitACL::git_value('config', 'hooks.acl.default');
my $msg = "default rule";
if (defined($def)) {
if ($def eq "allow") {
@@ -110,7 +110,7 @@ sub git_value(@) {
sub match_primary_group($$) {
my ($user_name,$group_name) = @_;
- my ($name,$passwd,$uid,$gid,$members) = getpwnam($user_name) or return 0;
+ my ($name,$passwd,$uid,$gid) = getpwnam($user_name) or return 0;
($name) = getgrgid($gid) or return 0;
return 1 if $name eq $group_name;
return 0;
@@ -190,14 +190,14 @@ sub new {
if (defined($args{debug})) {
$obj->{debug} = $args{debug};
} else {
- $obj->{debug} = git_value('config', '--bool', 'hooks.acldebug') ||
+ $obj->{debug} = git_value('config', '--bool', 'hooks.acl.debug') ||
$ENV{GIT_UPDATE_DEBUG} > 0;
}
if (defined($args{logfile})) {
$obj->{logfile} = $args{logfile};
} else {
- $obj->{logfile} = git_value('config', 'hooks.acllog');
+ $obj->{logfile} = git_value('config', 'hooks.acl.log');
}
if ($obj->{logfile} && $obj->{logfile} !~ /[>|]/) {
$obj->{logfile} = ">>$obj->{logfile}";
@@ -206,7 +206,7 @@ sub new {
if (defined($args{quiet})) {
$obj->{quiet} = $args{quiet};
} elsif (!$obj->{debug}) {
- $obj->{quiet} = git_value('config', 'hooks.aclquiet');
+ $obj->{quiet} = git_value('config', 'hooks.acl.quiet');
}
if (defined($args{user})) {
@@ -216,7 +216,7 @@ sub new {
$obj->{user_name} = $u;
}
$obj->deny("no such user") unless $obj->{user_name};
- my $httpdusr = git_value('config', 'hooks.httpd-user');
+ my $httpdusr = git_value('config', 'hooks.acl.httpd-user');
if (defined($httpdusr) and $obj->{user_name} eq $httpdusr) {
$obj->deny("need authenticated user") unless $ENV{AUTH_TYPE};
$obj->{user_name} = $ENV{REMOTE_USER};
@@ -261,7 +261,7 @@ sub check {
$self->info("$self->{user_name} requested $opstr{$self->{op}} ".
"on $self->{ref} in $self->{project_name}");
- my $type = git_value('config', 'hooks.acltype');
+ my $type = git_value('config', 'hooks.acl.type');
$type = "File" unless $type;
my $r = eval("use GitACL::$type; GitACL::$type->new(\$self);");
diff --git a/lib/GitACL/File.pm b/lib/GitACL/File.pm
index efabfd4..f72c16d 100644
--- a/lib/GitACL/File.pm
+++ b/lib/GitACL/File.pm
@@ -23,7 +23,7 @@ sub check_acl {
my $line = 0;
my @ret;
- my $filename = GitACL::git_value('config', 'hooks.aclfile');
+ my $filename = GitACL::git_value('config', 'hooks.acl.file');
$self->allow("no ACL configured for ".$self->{project_name})
unless defined($filename);
diff --git a/lib/GitACL/LDAP.pm b/lib/GitACL/LDAP.pm
index 22bfd8d..ac8fd06 100644
--- a/lib/GitACL/LDAP.pm
+++ b/lib/GitACL/LDAP.pm
@@ -21,7 +21,7 @@ use Net::LDAP;
sub parse_ldap_conf {
my $self = shift;
- my $filename = GitACL::git_value('config', 'hooks.aclldapconf') ||
+ my $filename = GitACL::git_value('config', 'hooks.acl.ldapconf') ||
"/etc/ldap.conf";
my $fd;

Return to:

Send suggestions and report system problems to the System administrator.