git_chroot

Create chroot for git-daemon(1)
Log | Files | Refs | README | LICENSE
commit 4ab7504c8824a507e9a7df3bf00d2e1d70e70714
parent 7667d1a8cb4b2fff22b92ecb69bd66a914782d14
Author: Kyle Milz <krwmilz@gmail.com>
Date:   Wed, 17 Nov 2021 23:43:44 +0000

add README

Diffstat:

AREADME | 63+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


1 file changed, 63 insertions(+), 0 deletions(-)

diff --git a/README b/README
@@ -0,0 +1,63 @@
+This script tries to mitigate risk when hosting code repositories
+with git-daemon(1). By default git-daemon(1) has access to the
+entire file system, and has no command line options to chroot(8)
+itself.
+
+-----------------------------------------------------------------------
+- CONTENTS ------------------------------------------------------------
+
+1. Releases
+2. Introduction
+3. Implementation
+
+
+-----------------------------------------------------------------------
+- 1. RELEASES ---------------------------------------------------------
+
+Latest release: 70 on November 14, 2021
+Install: # sh chroot_gitdaemon_70.sh
+
+
+-----------------------------------------------------------------------
+- 2. INTRODUCTION -----------------------------------------------------
+
+There are a few protocols to serve git(1) repositories:
+- dumb http
+- git
+- others
+
+The dumb http protocol is easy to set up, but the performance is
+not great:
+
+$ time git clone http://www.0x30.net/git/citrun
+Cloning into 'citrun'...
+Fetching objects: 10233, done.
+    2m03.64s real     0m02.89s user     0m03.77s system
+
+Now the git protocol over git-daemon(1):
+
+$ time git clone git://www.0x30.net/citrun
+Cloning into 'citrun'...
+remote: Enumerating objects: 10233, done.
+remote: Counting objects: 100% (10233/10233), done.
+remote: Compressing objects: 100% (5236/5236), done.
+remote: Total 10233 (delta 6802), reused 7596 (delta 4866), pack-reused 0
+Receiving objects: 100% (10233/10233), 2.19 MiB | 615.00 KiB/s, done.
+Resolving deltas: 100% (6802/6802), done.
+    0m08.89s real     0m01.09s user     0m00.18s system
+</pre>
+
+The performance of the native git(1) protocol is about 10x of http,
+but git-daemon(1) cannot be trusted by default with filesystem wide
+access permissions.  Other people suggested a workaround was possible
+https://marc.info/?l=openbsd-ports&m=146460119010262&w=2 .
+
+
+-----------------------------------------------------------------------
+- 3. IMPLEMENTATION ---------------------------------------------------
+
+This script implementation creates a chroot(8) environment for
+git-daemon(1) to run inside. It tries to be shell agnostic but was
+only tested with ksh(1). It creates all of the necessary files and
+directories, copies git-daemon and its dependencies into the root,
+and then modifies the stock rc.d(8) script to start it correctly.