git 多用户管理gitosis搭建

远程git服务器上

1，获取到安装包

[root@135 ~]#cd /home/git

[root@135 git]# git clone https://github.com/res0nat0r/gitosis

2,，python进行安装

[root@135 git]#cd /home/git/gitosis

[root@135 gitosis]# python gitosis/setup.py install

注意：

$ ll /usr/local/python27/bin/gitosis-* 

-rwxr-xr-x 1 git git 385 3月  15 10:24 /usr/local/python27/bin/gitosis-init

-rwxr-xr-x 1 git git 393 3月  15 10:24 /usr/local/python27/bin/gitosis-run-hook

-rwxr-xr-x 1 git git 387 3月  15 10:24 /usr/local/python27/bin/gitosis-serve

 

$ ll /usr/bin/gitosis-*

lrwxrwxrwx 1 root root 36 3月  15 11:12 /usr/bin/gitosis-init -> /usr/local/python27/bin/gitosis-init

lrwxrwxrwx 1 root root 40 3月  15 11:36 /usr/bin/gitosis-run-hook -> /usr/local/python27/bin/gitosis-run-hook

lrwxrwxrwx 1 root root 37 3月  15 11:12 /usr/bin/gitosis-serve -> /usr/local/python27/bin/gitosis-serve

3，authorized_keys移除

[root@135 ~]# mv /home/git/.ssh/authorized_keys /home/git/.ssh/authorized_keys.bak

4，恢复/etc/passwd

[root@135 ~]# vim /etc/passwd

git:x:1002:1002:,,,:/home/git:/bin/bash

5，

[root@135 ~]# chown -R git:git /home/git

[root@135 ~]# sudo -H -u git  gitosis-init < id_rsa.pub(本地设备的公钥传至A服务器)

会看到生成了/home/git/repositories/和/home/git/.ssh/authorized_keys

6，

由gitosis管理的仓库放在：repositories/目录下面

在repositories/目录下面初始化一个空的仓库

修改下A设备的文件权限

[root@135 ~]# mkdir -p /home/git/.ssh

[root@135 ~]# chown -R git:git /home/git/.ssh

[root@135 ~]# chmod 700 /home/git/.ssh

[root@136 ~]# chmod 600 /home/git/.ssh/authorized_keys

 

本地计算机上

1，试一下用初始化 Gitosis 公钥的拥有者身份 SSH 进服务器

[root@136 ~]# ssh git@192.168.213.135

PTY allocation request failed on channel 0

ERROR:gitosis.serve.main:Need SSH_ORIGINAL_COMMAND in environment.

Connection to 192.168.213.135 closed.

2，克隆 Gitosis 的控制仓库到本地

[root@136 ~]# git clone git@192.168.213.135:gitosis-admin.git

Initialized empty Git repository in /home/git/gitosis-admin/.git/

remote: Counting objects: 5, done.

remote: Compressing objects: 100% (4/4), done.

remote: Total 5 (delta 0), reused 5 (delta 0)

Receiving objects: 100% (5/5), done.

3，修改 gitosis.conf配置文件并同步到服务端：其操作方式与普通的Git仓库一致

[root@136 ~]# vim /home/git/gitosis-admin/gitosis.conf

    [gitosis]

    [group gitosis-admin]

    members = root@qiutest

    writable = gitosis-admin

    [group mytt]

    writable = root@qiutest mytt mike#项目名称

    members = git #可操作的成员名，若多名成员，怎空格隔开

    [group mytt_ro]

    readonly = mytt

    members = john #John 可以克隆和获取更新,但 Gitosis 不会允许他向项目推送任何内容

[root@136 ~]

# git add .

# git config --global user.name "git"

# git commit -am "add member "

# git push origin master

Counting objects: 5, done.

Delta compression using up to 2 threads.

Compressing objects: 100% (3/3), done.

Writing objects: 100% (3/3), 293 bytes, done.

Total 3 (delta 1), reused 0 (delta 0)

remote: WARNING:gitosis.ssh:Unsafe SSH username in keyfile: '130.pub'

remote: WARNING:gitosis.ssh:Unsafe SSH username in keyfile: '135.pub'

To git@192.168.213.135:gitosis-admin.git

ca6bfb8..882b146  master -> master

查看服务器中/home/git/.gitosis.conf内容与本地 /home/git/gitosis-admin/gitosis.conf一致

 

4，多人协助开发同用一个版本库，则需要将他们每个人的公钥文件添加到keydir文件夹然后push到服务端

在B开发设备上，

创建多个用户

[root@136 gitosis-admin]# useradd mike -d /home/mike -m -s /bin/bash

su mike -》ssh-keygen -t rsa -》su root -》cp /home/mike/.ssh/id_rsa.pub /home/git/gitosis-admin/keydir/mike.pub;

[root@136 gitosis-admin]# useradd john -d /home/john -m -s /bin/bash

su john -》ssh-keygen -t rsa -》su root -》cp /home/john/.ssh/id_rsa.pub /home/git/gitosis-admin/keydir/john.pub;

同步服务器用户

[root@136 gitosis-admin]# vim /home/git/gitosis-admin/gitosis.conf

[gitosis]

[group gitosis-admin]

members = root@qiutest mike

writable = gitosis-admin

[group mytt]

writable = mytt

members =  root@qiutest mike john

[root@136 gitosis-admin]# git add .

[root@136 gitosis-admin]# git config --global user.name "git"

[root@136 gitosis-admin]# git commit -am "add member mike"

[root@136 gitosis-admin]# git push origin master

mike用户创建项目

[mike@136 ~]$mkdir -p ~/project/mytt

[mike@136 ~]$cd ~/project/mytt

[mike@136 mytt]$git init

[mike@136 mytt]$touch Readme

[mike@136 mytt]$git add Readme

[mike@136 mytt]$git config --global user.name "git"

[mike@136 mytt]$git commit -am "1st commit Readme by mike"

[mike@136 mytt]$git remote add origin git@192.168.213.135:mytt.git

[mike@136 mytt]$git push origin master

john用户，操作修改项目

[john@136 ~]$git clone git@192.168.213.135:mytt.git

[john@136 mytt]date > Readme  #修改文件

[john@136 mytt]git config --global user.name "john"

[john@136 mytt]git commit -am "modify Readme by john"

[john@136 mytt]git push

mike用户，再次同步项目

[mike@136 ~]$vim ~/project/mytt/.git/config

[core]

        repositoryformatversion = 0

        filemode = true

        bare = false

        logallrefupdates = true

[remote "origin"]

        url = git@192.168.213.135:mytt.git

        fetch = +refs/heads/*:refs/remotes/origin/*

[branch "master"]

        remote = origin

merge = refs/heads/master

[mike@136 mytt]$git pull

可以看到mike和john用户的readme文件已同步一致

常见问题

问题1：git操作需要输入密码

原因：公密未找到

问题2：ERROR:gitosis.serve.main:Repository read access denied

原因：gitosis.conf中的members与keydir中的用户名不一致，如root@130.pub拷贝时需为root\@130.pub;

问题3：每次git commit都提示需要指定名或用户邮箱

原因：未设置全局用户名和邮箱

方法：

[mike@136 mytt]$ git config --global --replace-all user.email "mike@126.com"

[mike@136 mytt]$ git config --global --replace-all user.name "mike"

[john@136 mytt]$ git config --global --replace-all user.email "john@126.com"

[john@136 mytt]$ git config --global --replace-all user.name "john"