2 13b2bc37 2022-10-23 stsp .\" Copyright (c) 2022 Stefan Sperling
4 13b2bc37 2022-10-23 stsp .\" Permission to use, copy, modify, and distribute this software for any
5 13b2bc37 2022-10-23 stsp .\" purpose with or without fee is hereby granted, provided that the above
6 13b2bc37 2022-10-23 stsp .\" copyright notice and this permission notice appear in all copies.
8 13b2bc37 2022-10-23 stsp .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 13b2bc37 2022-10-23 stsp .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 13b2bc37 2022-10-23 stsp .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 13b2bc37 2022-10-23 stsp .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 13b2bc37 2022-10-23 stsp .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 13b2bc37 2022-10-23 stsp .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 13b2bc37 2022-10-23 stsp .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 13b2bc37 2022-10-23 stsp .Dd $Mdocdate$
21 13b2bc37 2022-10-23 stsp .Nd Game of Trees Shell
22 13b2bc37 2022-10-23 stsp .Sh SYNOPSIS
23 13b2bc37 2022-10-23 stsp .Nm Fl c Sq Cm git-receive-pack Ar repository-path
24 13b2bc37 2022-10-23 stsp .Nm Fl c Sq Cm git-upload-pack Ar repository-path
25 13b2bc37 2022-10-23 stsp .Sh DESCRIPTION
27 13b2bc37 2022-10-23 stsp is the network-facing interface to
28 13b2bc37 2022-10-23 stsp .Xr gotd 8 .
29 13b2bc37 2022-10-23 stsp It implements the server-side part of the Git network protocol used by
35 13b2bc37 2022-10-23 stsp is not an interactive shell.
37 13b2bc37 2022-10-23 stsp is intended to be configured as the login shell of Git repository
38 13b2bc37 2022-10-23 stsp user accounts on servers running
39 13b2bc37 2022-10-23 stsp .Xr gotd 8 .
40 bc854c7b 2022-10-23 stsp If users require a different login shell,
42 8b60b240 2022-10-24 mark can be installed in the command search path under the names
43 bc854c7b 2022-10-23 stsp .Cm git-receive-pack
45 bc854c7b 2022-10-23 stsp .Cm git-upload-pack .
47 13b2bc37 2022-10-23 stsp The users can then interact with
49 13b2bc37 2022-10-23 stsp over the network.
50 13b2bc37 2022-10-23 stsp When users invoke commands such as
51 13b2bc37 2022-10-23 stsp .Cm got send
53 13b2bc37 2022-10-23 stsp .Cm got fetch
54 13b2bc37 2022-10-23 stsp on client machines,
56 13b2bc37 2022-10-23 stsp will connect to the server with
59 13b2bc37 2022-10-23 stsp will facilitate communication between
61 13b2bc37 2022-10-23 stsp running on the server machine and the
65 13b2bc37 2022-10-23 stsp program running on the client machine.
67 13b2bc37 2022-10-23 stsp Users running
69 13b2bc37 2022-10-23 stsp should not have access to Git repositories by means other than
70 13b2bc37 2022-10-23 stsp accessing the unix socket of
75 13b2bc37 2022-10-23 stsp It is recommended to restrict
77 13b2bc37 2022-10-23 stsp features available to users of
80 40c2b7bf 2022-10-24 stsp .Sx EXAMPLES
81 40c2b7bf 2022-10-24 stsp section for details.
82 13b2bc37 2022-10-23 stsp .Sh ENVIRONMENT
83 13b2bc37 2022-10-23 stsp .Bl -tag -width GOTD_UNIX_SOCKET
84 13b2bc37 2022-10-23 stsp .It Ev GOTD_UNIX_SOCKET
85 13b2bc37 2022-10-23 stsp Set the path to the unix socket which
87 13b2bc37 2022-10-23 stsp is listening on.
88 13b2bc37 2022-10-23 stsp If not specified, the default path
89 13b2bc37 2022-10-23 stsp .Pa /var/run/gotd.sock
90 13b2bc37 2022-10-23 stsp will be used.
92 13b2bc37 2022-10-23 stsp .Sh EXAMPLES
93 13b2bc37 2022-10-23 stsp .Xr sshd_config 5
94 6f854dde 2023-01-04 stsp directives such as the following are recommended to protect the server
95 6f854dde 2023-01-04 stsp machine and any systems reachable from it, especially if anonymous users
96 6f854dde 2023-01-04 stsp are allowed to connect:
97 13b2bc37 2022-10-23 stsp .Bd -literal -offset indent
98 c167432e 2023-01-29 stsp Match User developer
99 d815102a 2022-10-29 stsp DisableForwarding yes
100 13b2bc37 2022-10-23 stsp PermitTTY no
103 6f854dde 2023-01-04 stsp It can be convenient to add all relevant users to a common group, such as
104 6f854dde 2023-01-04 stsp .Dq developers ,
105 6f854dde 2023-01-04 stsp and then use this group as the Match criteria:
106 6f854dde 2023-01-04 stsp .Bd -literal -offset indent
107 6f854dde 2023-01-04 stsp Match Group developers
108 6f854dde 2023-01-04 stsp DisableForwarding yes
109 6f854dde 2023-01-04 stsp PermitTTY no
112 c167432e 2023-01-29 stsp Anonymous users can be given public read-only access by using a
113 c167432e 2023-01-29 stsp .Xr gotd.conf 5
114 c167432e 2023-01-29 stsp access rule such as the following:
115 c167432e 2023-01-29 stsp .Bd -literal -offset indent
116 c167432e 2023-01-29 stsp repository "public" {
117 c167432e 2023-01-29 stsp path "/var/git/public.git"
118 c167432e 2023-01-29 stsp permit ro anonymous
122 c167432e 2023-01-29 stsp The anonymous user account should have a publicly known password, or can be
123 c167432e 2023-01-29 stsp set up with an empty password in which case the user's
125 c167432e 2023-01-29 stsp entry would look similar to this example:
126 c167432e 2023-01-29 stsp .Bd -literal
127 c167432e 2023-01-29 stsp anonymous::1002:1002::0:0:Anonymous:/home/anonymous:/usr/local/bin/gotsh
130 c167432e 2023-01-29 stsp Use of an empty password must be explicitly allowed in
131 c167432e 2023-01-29 stsp .Xr sshd_config 5 :
132 c167432e 2023-01-29 stsp .Bd -literal -offset indent
133 c167432e 2023-01-29 stsp Match User anonymous
134 c167432e 2023-01-29 stsp PasswordAuthentication yes
135 c167432e 2023-01-29 stsp PermitEmptyPasswords yes
136 c167432e 2023-01-29 stsp DisableForwarding yes
137 c167432e 2023-01-29 stsp PermitTTY no
139 13b2bc37 2022-10-23 stsp .Sh SEE ALSO
140 13b2bc37 2022-10-23 stsp .Xr got 1 ,
141 13b2bc37 2022-10-23 stsp .Xr ssh 1 ,
142 13b2bc37 2022-10-23 stsp .Xr gotd.conf 5 ,
143 13b2bc37 2022-10-23 stsp .Xr sshd_config 5 ,
145 13b2bc37 2022-10-23 stsp .Sh AUTHORS
146 13b2bc37 2022-10-23 stsp .An Stefan Sperling Aq Mt stsp@openbsd.org