Blame - Documentation/cmd-suexec.txt - gerrit

blob: f6ee753cc604adbb00519a13809ce70ee197cc47 [file] [log] [blame]

Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	1	= suexec
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	2
Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	3	== NAME
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	4	suexec - Execute a command as any registered user account
				5
Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	6	== SYNOPSIS
Yuxuan 'fishy' Wang	d85b687	2013-11-15 11:47:46 -0800	[diff] [blame]	7	--
Shawn O. Pearce	4776924	2011-06-14 16:40:48 -0700	[diff] [blame]	8	'ssh' -p <port>
				9	-i SITE_PATH/etc/ssh_host_rsa_key
				10	'"Gerrit Code Review@localhost"'
				11	'suexec'
				12	--as <EMAIL>
				13	[--from HOST:PORT]
				14	[--]
				15	[COMMAND]
Yuxuan 'fishy' Wang	d85b687	2013-11-15 11:47:46 -0800	[diff] [blame]	16	--
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	17
Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	18	== DESCRIPTION
Shawn Pearce	08ae577	2013-06-11 13:47:21 -0700	[diff] [blame]	19	The suexec command permits executing any other command as any other
Shawn O. Pearce	4776924	2011-06-14 16:40:48 -0700	[diff] [blame]	20	registered user account.
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	21
Shawn Pearce	08ae577	2013-06-11 13:47:21 -0700	[diff] [blame]	22	suexec can only be invoked by the magic user `Gerrit Code Review`,
				23	or any user granted granted the link:access-control.html#capability_runAs[Run As]
				24	capability. The run as capability is permitted to be used only if
				25	link:config-gerrit.html[auth.enableRunAs] is true.
				26
Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	27	== OPTIONS
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	28
Shawn O. Pearce	4776924	2011-06-14 16:40:48 -0700	[diff] [blame]	29	--as::
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	30	Email address of the user you want to impersonate.
Shawn O. Pearce	4776924	2011-06-14 16:40:48 -0700	[diff] [blame]	31
				32	--from::
				33	Hostname and port of the machine you want to impersonate
				34	the command coming from.
				35
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	36	COMMAND::
				37	Gerrit command you want to run.
				38
Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	39	== ACCESS
Shawn O. Pearce	4776924	2011-06-14 16:40:48 -0700	[diff] [blame]	40	Caller must be the magic user Gerrit Code Review using the SSH
Shawn Pearce	08ae577	2013-06-11 13:47:21 -0700	[diff] [blame]	41	daemon's host key, or a key on this daemon's peer host key ring,
				42	or a user granted the Run As capability.
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	43
Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	44	== SCRIPTING
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	45	This command is intended to be used in scripts.
				46
Yuxuan 'fishy' Wang	61698b1	2013-12-20 12:55:51 -0800	[diff] [blame]	47	== EXAMPLES
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	48
				49	Approve the change with commit c0ff33 as "Verified +1" as user bob@example.com
				50	=====
Shawn O. Pearce	4776924	2011-06-14 16:40:48 -0700	[diff] [blame]	51	$ sudo -u gerrit ssh -p 29418 \
				52	-i site_path/etc/ssh_host_rsa_key \
				53	"Gerrit Code Review@localhost" \
				54	suexec \
				55	--as bob@example.com \
				56	-- \
				57	gerrit approve --verified +1 c0ff33
Nasser Grainawi	21f8fb4	2010-04-14 16:55:18 -0600	[diff] [blame]	58	=====
				59
				60	GERRIT
				61	------
				62	Part of link:index.html[Gerrit Code Review]
Yuxuan 'fishy' Wang	99cb68d	2013-10-31 17:26:00 -0700	[diff] [blame]	63
				64	SEARCHBOX
				65	---------