Setting up gitosis on OS X

What is gitosis?

gitosis is a wrapper around git that makes it easier share repositories, especially as it relates to managing access rights.

Why Should I Care?

The benefit that made me check it out is that I don't have to create an account on my dev machine for every single developer to whom I'd like to give access to some of my git repos.


  • You installed git and python from MacPorts.
  • You have enabled "Remote Login" in the "Sharing" Preferences pane.
  • You have a public key (typically generated via ssh-keygen); see the man pages for more details.


Preliminary Steps
  1. Create a git user
  2. Add git to the list of users who can ssh in
  3. Configure git's .bashrc (NOT .bash_profile) so port-installed apps are on the PATH. Mine looks like
    export PATH=/opt/local/bin:/opt/local/sbin:/opt/local/Library/Frameworks/Python.framework/Versions/Current/bin/:$PATH
    export MANPATH=/opt/local/share/man:$MANPATH

Installing gitosis
  1. cd /tmp
  2. mkdir src
  3. cd src
  4. git clone git://eagain.net/gitosis.git
  5. cd gitosis
  6. python setup.py install
  7. sudo chmod 755 /Users/git/repositories/gitosis-admin.git/hooks/post-update


Setting up Admin Access

Add yourself as an admin (member of the gitosis-admin group) by executing sudo -H -u git gitosis-init < ~/.ssh/id_dsa.pub. This will use your public key as input into gitosis-init and set you up as an admin.

Cloning the Admin Repo

Try git clone git@`$HOST`:gitosis-admin.git. It should work. If it doesn't, and complains about the other end unexpectedly hanging up, the $PATH for git is probably misconfigured. Make sure you configured .bashrc, because .bash_profile won't stick around.

Configuring a New Repo

You make configuration changes to gitosis by editing your local clone of gitosis-admin and FIXME kbd pushing them back. Let's add a new repo.

  1. Open up gitosis.conf in your editor of choice
  2. Add an entry like the one below
  3. Save
  4. git push
    [group fabfour]
    members = john paul george ringo
    writable = the_monkeys_are_hacks

Breaking It Down
    [group fabfour]

We're defining a new group, named fabfour.

    members = john paul george ringo

Adding john, paul, george, ringo as members of the fabfour group.

    writable = the_monkeys_are_hacks

Listing the_monkeys_are_hacks as the only writable repo for the fabfour group. In case you're saying "Wait, I don't have a the_monkeys_are_hacks repo!" don't worry, that's coming next. You have to do all of this before you try to push anything to gitosis.

Populating Your New Repo
  1. If the repo doesn't exist, create it
    1. mkdir the_monkeys_are_hacks
    2. cd the_monkeys_are_hacks
    3. git init
    4. Do Work Here and Commit It
  2. Add your new gitosis-managed repo as a remote; inside your repo, execute git remote add origin git@`$HOST`:the_monkeys_are_hacks.git

  3. Push to it; inside your repo, execute git push origin master:refs/heads/master

If the last step fails with an inscrutable error, there's a good chance you forgot to chmod the post-update hook.

Actually Letting John and the Gang Access the Repo

Before john, paul, george, or ringo can actually get into the server, you need to add their public keys under gitosis-admin/keydir. I'm going to wave my hands concerning how you get the public keys, but they need to be added to gitosis-admin/keydir and they need to be named using the convention username.pub, so we'd have:

  1. cd gitosis-admin
  2. cp /tmp/john.pub keydir/
  3. cp /tmp/paul.pub keydir/
  4. cp /tmp/george.pub keydir/
  5. cp /tmp/ringo.pub keydir/
  6. git add keydir/john.pub keydir/paul.pub keydir/george.pub keydir/ringo.pub
  7. git ci -m "Adding the keys for the Fab Four"
  8. git push

Want More?

  • Check out this extremely detailed (non-Mac-specific) guide.

Back to flipping out...

blog comments powered by Disqus