Re: gitosis question: identifying/logging remote user

[Sitaram Chamarty <sitaramc@gmail.com>]

On Tue, Jun 2, 2009 at 12:01 PM, Robin H. Johnson <robbat2@gentoo.org> wrote:
> On Tue, Jun 02, 2009 at 09:32:40AM +0530, Sitaram Chamarty wrote:
>> I want to be able to log the information that the post-receive hook
>> receives, but I *also* want, along with that, the name of the pubkey
>> that was used in this particular "push".
> I've got a partial patch that I never finished for using this with the
> gitosis-gentoo fork that powers git.overlays.gentoo.org. It needs
> re-implementation from scratch, but here's the design notes:
> 1. Use the username to open the file in keydir again.

This is the directory that contains all the *.pub files, so ok...

> 2. At the top, look for RFC822 headers with a leading "# " as padding:
>   Examples from my own patch:
>   # Full-Name: "Robin H. Johnson (robbat2)" <robbat2@gentoo.org>
>   # cia-vc-username: robbat2

Hmmm... is this a significantly different gitosis?  The files in my
keydir mostly contain just one line (some have two, for people who
work from different machines), looking like this:

ssh-rsa [long series of base64 type characters]== some.one@company.com

>   The headers are followed by a blank line then further text is free-form
>   and not parsed. Continuation lines are NOT supported.
> 3. The header field names are transformed to enviornoment variable names
>   as follows:
>   - y/[[:lower:]]/[[:upper:]]/g
>   - s/-/_/g
> 4. Export the environment variables, named per above, with the full
>   content of the rest of the line.
>
> (We need to export the CIA.vc data, and also send off a commit mail).

Nope, I'm completely lost.  Perhaps I failed miserably in explaining
what I want... !

----------

I'm thinking along the lines of a simple change to this:

    TEMPLATE=('command="gitosis-serve %(user)s",no-port-forwarding,'
              +'no-X11-forwarding,no-agent-forwarding,no-pty %(key)s')

(in function generateAuthorizedKeys of gitosis/ssh.py) to generate an
additional ssh directive in the authorized_keys file:

    environment="REMOTEUSER=%(user)s"

I haven't tested it yet, but I'm expecting that this will pass on the
name of the user (like "sitaram" in my case) as an env var so that I
can do whatever I want with it in the hooks.

Thanks,

Sitaram