How can I allow a linux subversion user to only execute svnserve?
Posted
by sbleon
on Server Fault
See other posts from Server Fault
or by sbleon
Published on 2010-03-17T18:04:04Z
Indexed on
2010/03/17
18:11 UTC
Read the original article
Hit count: 353
I've got a user that I'd like to only be able to use subversion. We like to use svn+ssh:// URLs sometimes (for public keys and whatnot), so I need them to be able to connect over ssh and run only the svnserve command.
When using a svn+ssh URL, svn ssh'es in and passes the arguments "-c svnserve -t". I wrote a custom shell as follows to filter the commands that can be run. This works, but it's not passing the input to svnserve, so when I try to "svn up" I get "svn: Connection closed unexpectedly".
#!/bin/bash
if [ "$1" == "-c" ] && [ "$2" == "svnserve" ] && [ "$3" == "-t" ] && [ "$4" == ""] ; then
exec svnserve -t
else
echo "Access denied. User may only run svnserve."
fi
© Server Fault or respective owner