summaryrefslogtreecommitdiffstats
path: root/Documentation/git-daemon.txt
diff options
context:
space:
mode:
authorJunio C Hamano <gitster@pobox.com>2012-08-14 20:37:51 +0200
committerJunio C Hamano <gitster@pobox.com>2012-08-15 20:01:55 +0200
commit93741e4a915fc33a00e6facff88cd27565d10f82 (patch)
tree68d631a63ed08b4332df9511c6a11915bb83b468 /Documentation/git-daemon.txt
parentMerge branch 'cb/git-daemon-tests' (diff)
downloadgit-93741e4a915fc33a00e6facff88cd27565d10f82.tar.xz
git-93741e4a915fc33a00e6facff88cd27565d10f82.zip
daemon: --access-hook option
The --access-hook option to "git daemon" specifies an external command to be run every time a client connects, with - service name (e.g. "upload-pack", etc.), - path to the repository, - hostname (%H), - canonical hostname (%CH), - ip address (%IP), - tcp port (%P) as its command line arguments. The external command can decide to decline the service by exiting with a non-zero status (or to allow it by exiting with a zero status). It can also look at the $REMOTE_ADDR and $REMOTE_PORT environment variables to learn about the requestor when making this decision. The external command can optionally write a single line to its standard output to be sent to the requestor as an error message when it declines the service. Acked-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'Documentation/git-daemon.txt')
-rw-r--r--Documentation/git-daemon.txt16
1 files changed, 16 insertions, 0 deletions
diff --git a/Documentation/git-daemon.txt b/Documentation/git-daemon.txt
index 31b28fc29f..c3ba4d7976 100644
--- a/Documentation/git-daemon.txt
+++ b/Documentation/git-daemon.txt
@@ -16,6 +16,7 @@ SYNOPSIS
[--reuseaddr] [--detach] [--pid-file=<file>]
[--enable=<service>] [--disable=<service>]
[--allow-override=<service>] [--forbid-override=<service>]
+ [--access-hook=<path>]
[--inetd | [--listen=<host_or_ipaddr>] [--port=<n>] [--user=<user> [--group=<group>]]
[<directory>...]
@@ -171,6 +172,21 @@ the facility of inet daemon to achieve the same before spawning
errors are not enabled, all errors report "access denied" to the
client. The default is --no-informative-errors.
+--access-hook=<path>::
+ Every time a client connects, first run an external command
+ specified by the <path> with service name (e.g. "upload-pack"),
+ path to the repository, hostname (%H), canonical hostname
+ (%CH), ip address (%IP), and tcp port (%P) as its command line
+ arguments. The external command can decide to decline the
+ service by exiting with a non-zero status (or to allow it by
+ exiting with a zero status). It can also look at the $REMOTE_ADDR
+ and $REMOTE_PORT environment variables to learn about the
+ requestor when making this decision.
++
+The external command can optionally write a single line to its
+standard output to be sent to the requestor as an error message when
+it declines the service.
+
<directory>::
A directory to add to the whitelist of allowed directories. Unless
--strict-paths is specified this will also include subdirectories