From db88b5a85791d309e58cdd3e1f0ce5ecf8f2ce9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Lassieur?= Date: Sun, 30 Apr 2017 16:56:18 +0200 Subject: [PATCH] gnu: gitolite: Avoid references to the store in authorized_keys. * gnu/packages/version-control.scm (gitolite)[arguments]: Substitute '$glshell' with 'gitolite-shell' in ssh-authkeys. --- gnu/packages/version-control.scm | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index e0770dc589..1cad0f2850 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -628,7 +628,13 @@ also walk each side of a merge and test those changes individually.") ;; invokes Perl. (substitute* (find-files "." ".*") ((" perl -") - (string-append " " perl " -")))))) + (string-append " " perl " -"))) + + ;; Avoid references to the store in authorized_keys. + ;; This works because gitolite-shell is in the PATH. + (substitute* "src/triggers/post-compile/ssh-authkeys" + (("\\$glshell \\$user") + "gitolite-shell $user"))))) (replace 'install (lambda* (#:key outputs #:allow-other-keys) (let* ((output (assoc-ref outputs "out"))