#!/usr/bin/python3 import sys import os def printerr(*l, **d): return print(*l, **d, file=sys.stderr) def fail(*l, **d): printerr(*l, **d); raise SystemExit(1) def lsexit_repositories(repositories_ro, repositories_rw): print('\n'.join(repositories_ro + repositories_rw or ['Empty list'])) raise SystemExit(0) try: user = sys.argv[1] except IndexError: fail('Bad adminsys, he forgot to set user associated with this key.') try: with open(user + '.listro', 'r', encoding='utf8') as f: repositories_ro = f.read().splitlines() except FileNotFoundError: repositories_ro = [] try: with open(user + '.listrw', 'r', encoding='utf8') as f: repositories_rw = f.read().splitlines() except FileNotFoundError: repositories_rw = [] try: ssh_original_command = os.environ['SSH_ORIGINAL_COMMAND'].split() command = ssh_original_command[0] repository = ssh_original_command[1].split('.git')[0].strip("'").strip('/') except IndexError: if command == 'ls': lsexit_repositories(repositories_ro, repositories_rw) fail('Invalid repository name or git usage') except KeyError: fail('Bad boy, git only access authorized.') repositories_ro = repositories_ro + repositories_rw if command == 'git-upload-pack' and repository in repositories_ro: os.execv('/usr/bin/git-upload-pack', ['/usr/bin/git-upload-pack', '--strict', '--timeout=600', repository]) elif command == 'git-receive-pack' and repository in repositories_rw: os.execv('/usr/bin/git-receive-pack', ['/usr/bin/git-receive-pack', repository]) elif command == 'ls': lsexit_repositories(repositories_ro, []) else: fail(f'Bad command {command} or access denied')