Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using su/sudo when accessing remote Git repositories over SSH

Tags:

git

linux

ssh

Suppose that there is a remote Git repository R on a Linux server. R is owned by a user U for which a remote login via SSH is not allowed at all (e.g. root). Neither password-based nor key-based authentication is available for that user. What is allowed, however, is logging on as a different user and then using su or sudo to issue commands as U.

Is it possible to combine these two methods so that Git will use su or sudo on the remote server in order to access the repository?

Alternatively, is there another method to access R without changing its access permissions or enabling SSH logins for U?

P.S.: I don't mind having to type passwords manually e.g. at an su prompt, as long as Git handles the rest.

EDIT:

It seems from the comments that I need to clarify my reason for wanting to do something like this. The files tracked by R are system files that are in use by the server in question - R is not a bare repository. That means that the repository cannot really be moved, not without a lot of trickery.

Getting Git to use sudo would allow R to be accessed using the same security model that protects these files, rather than through a separate avenue that would have to be configured and synchronized separately.

like image 240
thkala Avatar asked Apr 21 '14 09:04

thkala


People also ask

How do I remote connect to a git repository?

To add a new remote, use the git remote add command on the terminal, in the directory your repository is stored at. The git remote add command takes two arguments: A unique remote name, for example, “my_awesome_new_remote_repo” A remote URL, which you can find on the Source sub-tab of your Git repo.


1 Answers

Oh, you can do

git config remote.origin.uploadpack "sudo -u U git-upload-pack"

to get git fetch to use sudo for the remote called origin.

You'd need to ensure sudo is set up to allow this user to execute this command with no password, as I see no way to prompt for password.

Source:

I found myself wanting to do a somewhat similar thing, and found this nugget thoroughly buried in man git-config

I should point out that this does only half the job as I needed only git fetch to work. I imagine you could do a similar thing with remote.origin.receivepack in order to get git push to work but I have not tried that.

like image 165
eli Avatar answered Sep 27 '22 18:09

eli