9

I am installing gitolite3 on a server, with ssh and http pulling/pushing/alltherest. During the process, a user and group gitolite3 is created.

When I run:

$ ssh gitolite3@server info

I get the correct gitolite3 message with RW repo information.

Trouble is, I want the usual user git instead of the cumbersome gitolite3, without breaking it all apart. Some other thread mentioned creating the user git with the same uid ang gid, but this does not give the same results as above.

When I login (using the conventional graphical login screen), there is my usual administrator user, and somehow the gitolite3 username (but Im not sure if this is the gitolite3 or the git user alias that i created).

How do I create the git user/replace the gitolite3 user so that ssh git@server info works with gitolite3? And what determines exactly when a user can login using the login screen, and how do turn that off?

Florian Mertens
  • 403
  • 4
  • 9
  • In response to distribution, desktop and environment: My OS is Centos 6.4, no radical changes were made to the default desktop environment. – Florian Mertens Aug 03 '13 at 23:38
  • What problems do you have when creating another user with the same uid and gid, more precisely? That seems to work fine for me. – pst Dec 13 '17 at 12:54

5 Answers5

6

If you don't already have a git user and basically want to rename the default gitolite3 user it may be fairly easy. Try running the following command as a privileged user.

usermod -l git gitolite3

This should rename the gitolite3 user to git. Which should allow the ssh commands to work as you wanted.

ssh git@hostname info
Lanzaa
  • 61
  • 1
  • 2
1

Add another user with the same uid, gid and homedirectory.

You wrote that you had seen that suggested, "but this does not give the same results as above". I don't know what problems you have encountered. Maybe you missed setting the same home directory. Otherwise I don't know, because this is how I do, and it works fine.

I use an rpm which creates and uses a user gitolite3. I don't want to mess with the rpm, but still not use that long username in commands, so I have duplicated the line about gitolite3 in /etc/hosts, and use git as username in the extra line.

pst
  • 131
  • 4
0

The other answer that mentions to create another user with same UID and GID is correct, however it does not provide the command. Here you go:

useradd --home-dir /var/lib/gitolite3 --gid gitolite3 --no-create-home --shell /bin/bash --uid $(id -u gitolite3) --no-user-group --non-unique git

This will give you the benefits of using the distro package manager and also the possibility to use 'git' as SSH user, with no downsides.

Deim0s
  • 142
  • 6
0

Your problem is you don't want to type the name, not the name as such. Then don't:

Put 

ssg () {

    ssh gitolite3@server $@
}

or 

alias ssg="ssh gitolite3@server $@"

into your .bashrc, source it again and after that you can just say ssg info. Of course, you can use whatever you want and doesn't collide with a command you need instead of ssg.

There are two reasons to do it this way: First, it's even shorter than ssh git@server info and second, I dont' like to change these kind of default names as you can't be sure there isn't any hardcoded dependency on this name in the system, unless it's documented there isn't or how to change the default.

Where the valid users for GUI login are configured is dependent on your distribution, desktop environment and display manager.

Sven
  • 97,248
  • 13
  • 177
  • 225
  • See about distro above. The thing is, I want to use this server for a relatively small, commercial environment, but still too big enough to assume that 1) every client may not be using linux, and 2) not all users will (want to) remember that the git user is actually called gitolite3. So I am too keen on employing best practice, ie. having a 'git' user. Also, I totally agree that hardcoded dependencies on users are worrying me as well, so a somehow well working 'user alias' seemed the most appropriate solution.. – Florian Mertens Aug 03 '13 at 23:42
  • You can put `Host servername` with `User gitolite3` in .ssh/config. Unlike the alias, it would apply for most ssh-enabled tools like scp, rsync, etc. You just type `ssh server` and it uses the name from the config. Not that it helps with this question, just a better solution than shell aliases or functions. – Steven K Aug 04 '13 at 01:47
0

If this is a new environment I would just create the new git user like normal and then run through the gitolite setup for that user (and forget the gitolite3 user).

If you really want to keep the current gitolite configuration/repositories/etc. you can probably just copy all the relevant files to that user once you are done (and make sure the ownership information is updated) and it might Just Work (check the gitolite docs on moving the repos to a new machine in case it lists any extra gotchas about this process).

Etan Reisner
  • 1,353
  • 6
  • 14
  • Do you know whether this has been done before? Trouble also is, I don't know HOW the user gitolite3 was created, or with what parameters. It seems simple or some googling away, but I never know – Florian Mertens Aug 04 '13 at 07:10
  • Has what been done before? Running gitolite under a user other than `gitolite3`? Yes. Absolutely. gitolite doesn't care in the slightest. I assume your `gitolite3` user was created by a (slightly odd) gitolite package. There is nothing special about the user that gitolite runs under. It requires no special user or system configuration. The gitolite website has a very simple and very straightforward set of steps for setting up gitolite on a brand new system/user. See [here](http://gitolite.com/gitolite/qi.html) or section 1.4 [here](http://gitolite.com/gitolite/install.html). – Etan Reisner Aug 04 '13 at 19:51
  • Turns out your answer is the best answer, although other factors are also influencing the creation of this user. For example, if you want to make gitolite3 accessible per httpd, the uid must be more than 500 for the official script to work, as well as the git gid. If you want a user and group other than the ugly default gitolite3 one, you create a new user and group with: '# groupadd -g650 git # useradd -o -d/Server/Projects -u650 -g650 -s/bin/sh -M git', login as that user and run the gitolite setup as such. Notice that git shell stops working along these lines. – Florian Mertens Aug 11 '13 at 16:01
  • What official script? Why does uid matter for it? What about git shell (did you mean git shell or gitolite shell?) stops working with this change? – Etan Reisner Aug 12 '13 at 14:26
  • The 'official' script I am talking about is the [supported script by Thomas Hager on the Gitolite website](http://gitolite.com/gitolite/ssh-and-http.html). Not sure what the difference is when you say git shell or gitolite shell, I presume gitolite shell. I raised a [different question about this here](http://superuser.com/questions/630135/gitolite3-ssh-info-failing). – Florian Mertens Aug 12 '13 at 15:31
  • I see nothing in that script which indicates that it should care about what uid/gid the user in question has. Why do you think it does? – Etan Reisner Aug 12 '13 at 17:50
  • You are correct, nothing in that script says this. However, when the apache suexec command takes place, the suexec takes a number of security checks, two of them involve checking if the user is not a system user by checking if the uid is higher than 500, the other checking that the gid of the group is higher than 100 or 500, depending on the OS. This is outside the scope of this question though. – Florian Mertens Aug 12 '13 at 18:34
  • I'll take your word for that. Your point then was that you shouldn't create the git user as a system user (in case you might have thought you should do that) since that won't work? – Etan Reisner Aug 12 '13 at 19:29