master TOC | chapter TOC | support | license
WARNING: This is not the latest gitolite; please see the README
Gitolite allows you to setup git hosting on a central server, with fine-grained access control and many (many!) more powerful features.
If you're comfortable with Unix and ssh, and you have a relatively sane setup, the following steps should work:
git. Login to this user.
now run these commands:
git clone git://github.com/sitaramc/gitolite gitolite/src/gl-system-install gl-setup -q ~/YourName.pub
You're done. If it didn't work, well that's what the install doc is for, especially the if you run into trouble section.
WARNING: do NOT add repos or users directly on the server! You MUST
manage the server by cloning the special 'gitolite-admin' repo on your
git clone git@server:gitolite-admin), making changes, and
pushing them. Here's how to add users and repos.
Gitolite comes with a lot of documentation. The master TOC (see link above) is the only comprehensive list of what is there, but here's an overview.
explaining gitolite to your users
install and setup
normal admin tasks done on the server
normal admin tasks done by changing gitolite.conf
advanced use (experts only; you can shoot yourself in the foot nicely!)
special installation scenarios:
Finally, tips has a lot of useful information.
Gitolite is an access control layer on top of git. Here's an "executive summary":
The most important feature I needed was per-branch permissions. This is pretty much mandatory in a corporate environment, and is almost the single reason I started thinking about writing gitolite.
It's not just "read-only" versus "read-write". Rewinding a branch (aka "non
fast forward push") is potentially dangerous, but sometimes needed. So is
deleting a branch (which is really just an extreme form of rewind). I needed
something in between allowing anyone to do it (the default) and disabling it
Due to the environment in which this was created and the need it fills, I consider this a "security" program, albeit a very modest one.
The first person to find a hole that allows a non-admin user to push a change to a repository that he is not allowed to, will get a modest reward of 5000 INR. The hole should not require enabling any of the options listed as having a security impact in the rc file, nor obvious things like setting the umask too loose, etc.