The aspect of access control that first comes to mind, for any Git administrator, is the ability to prevent people from accessing repositories. We'll start with some simple examples before describing the syntax. Here's a very simple set of rules for a repository called foo
:
repo foo R = alice RW = bob RW+ = carol
These rules establish what operations Alice, Bob, Carol, and any other Gitolite users are allowed to execute against this repository. As you might guess from the simple R permission given to Alice (or, to put it another way, the lack of a W
in her permission string), she is only allowed to read the repository, which means she can use the git clone
, git fetch
, and git ls-remote
commands, but cannot use git push
in any form.
Bob and Carol are both allowed to push changes to the repository. As before, you probably guessed this from the W
character in each of their permission lines. What may not be immediately obvious is the significance of...