1

we want to use git and one very important thing would be that if someone is committing something we need to know who exactly was it. Since we are accessing git via https we need to put the htpasswd login information in the git commit logs. Is this possible?

Regards

Phillip

Phillip Schulte
  • 33
  • 3

2 Answers2

0

With a wrapper like gitosis or gitolite, you can control if the user has correctly set his/her username/email, and only allow those commits.

See "Git/gitosis: How to check validity of user name and email?".

That approach is obviously for a "central" Git repo server, since it would be the one with access to the htpasswd file.
All user Git clients can still set their username how they see fit, but their commits will be rejected when pushed to that particular server.

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Thanks for replying but all these tools use ssh for authorizing, we need to do it via https. I dont know if I am reading it right but our use case is that we want to use git with our customers and therefor ssh public keys etc is no option because its too complicated for the customers. So what we have right now is an apache, webdav, ssl, and htpasswd for user authentication. Regards Phillip – Phillip Schulte Dec 13 '10 at 13:23
  • @Phillip: I don't know of a solution without using ssh, but I suspect it might be possible with a simple pre-receive hook, as mentioned in http://stackoverflow.com/questions/4427316/prevent-git-push-against-remote-repository-when-username-of-pusher-is-not-configu/4427383#4427383 – VonC Dec 13 '10 at 13:45
0

Gitolite will work just fine (certainly for centralised repo push/pull; the custom commands might be a little trickier) using Git http-backend. See https://github.com/sitaramc/gitolite/blob/pu/doc/http-backend.mkd for the documentation on how to do it.

urschrei
  • 25,123
  • 12
  • 43
  • 84