|
| 1 | +# Security |
| 2 | + |
| 3 | +## User credentials |
| 4 | + |
| 5 | +User credentials can be specified in the command line or using a user file. For a single user this can be done with parameters `--user` and `--password`: |
| 6 | + |
| 7 | +``` |
| 8 | +gitbase server --user root --password r00tp4ssword! -d /my/repositories/path |
| 9 | +``` |
| 10 | + |
| 11 | +If you want to have more than one user or do not have the password in plain text you can use a user file with this format: |
| 12 | + |
| 13 | +```json |
| 14 | +[ |
| 15 | + { |
| 16 | + "name": "root", |
| 17 | + "password": "*2470C0C06DEE42FD1618BB99005ADCA2EC9D1E19", |
| 18 | + "permissions": ["read", "write"] |
| 19 | + }, |
| 20 | + { |
| 21 | + "name": "user", |
| 22 | + "password": "plain_passw0rd!" |
| 23 | + } |
| 24 | +] |
| 25 | +``` |
| 26 | + |
| 27 | +You can either specify a plain text password or hashed. Hashed version uses the same format as MySQL 5.x passwords. You can generate the native password with this command, remember to prefix the hash with `*`: |
| 28 | + |
| 29 | +``` |
| 30 | +echo -n password | openssl sha1 -binary | openssl sha1 | tr '[:lower:]' '[:upper:]' |
| 31 | +``` |
| 32 | + |
| 33 | +There are two permissions you can set to users, `read` and `write`. `read` only allows executing queries. `write` is needed to create and delete indexes or lock tables. If no permissions are set for a user the default permission is `read`. |
| 34 | + |
| 35 | +Then you can specify which user file to use with parameter `--user-file`: |
| 36 | + |
| 37 | +``` |
| 38 | +gitbase server --user-file /path/to/user-file.json -d /my/repositories/path |
| 39 | +``` |
| 40 | + |
| 41 | +## Audit |
| 42 | + |
| 43 | +Gitbase offer audit traces on logs. Right now, we have three different kinds of traces; for `authentication`, `authorization` and `query` |
| 44 | + |
| 45 | +### Authentication |
| 46 | + |
| 47 | +Trace triggered when a user is trying to connect to gitbase. It contains the following information: |
| 48 | + |
| 49 | +- action: Always `authentication`. |
| 50 | +- system: Always `audit` |
| 51 | +- address: Address from the client that is trying to connect. |
| 52 | +- err: Human readable error if the authentication was not successful. |
| 53 | +- success: True or false depending on if the client authenticated correctly or not. |
| 54 | +- user: Username that is trying to connect |
| 55 | + |
| 56 | +Example: |
| 57 | + |
| 58 | +``` |
| 59 | +action=authentication address="127.0.0.1:41720" err="Access denied for user 'test' (errno 1045) (sqlstate 28000)" success=false system=audit user=test |
| 60 | +``` |
| 61 | + |
| 62 | +### Authorization |
| 63 | + |
| 64 | +Trace triggered checking when a user is authorized to execute a specific valid query with their permissions. It contains the following information: |
| 65 | + |
| 66 | +- action: Always `authorization`. |
| 67 | +- system: Always `audit` |
| 68 | +- address: Address from the client. |
| 69 | +- success: True or false depending on if the client has been authorized correctly or not. |
| 70 | +- user: Username that is trying to connect. |
| 71 | +- connection_id: Unique connection identifier from the request is being done. |
| 72 | +- permission: Permission needed to execute the query. |
| 73 | +- pid: Pid returns the process ID associated with this context. It will grow over the queries sent to gitbase. |
| 74 | +- query: Query that the client is trying to execute. |
| 75 | + |
| 76 | +Example: |
| 77 | + |
| 78 | +``` |
| 79 | +INFO[0007] audit trail action=authorization address="127.0.0.1:41610" connection_id=1 permission=read pid=1 query="select @@version_comment limit 1" success=true system=audit user=root |
| 80 | +``` |
| 81 | + |
| 82 | +### Query |
| 83 | + |
| 84 | +Trace triggered at the end of the executed query. It contains the following information: |
| 85 | + |
| 86 | +- action: Always `query`. |
| 87 | +- system: Always `audit` |
| 88 | +- address: Address from the client. |
| 89 | +- success: True or false depending on if the query was executed or not. |
| 90 | +- user: Username that is executing the query. |
| 91 | +- connection_id: Unique connection identifier from the request is being done. |
| 92 | +- pid: Pid returns the process ID associated with this context. It will grow over the queries sent to gitbase. |
| 93 | +- query: Query that the client is trying to execute. |
| 94 | +- err: If `success=false`. Human readable error describing the problem. |
| 95 | + |
| 96 | +Examples: |
| 97 | + |
| 98 | +``` |
| 99 | +INFO[0983] audit trail action=query address="127.0.0.1:42428" connection_id=2 duration=22.707457818s pid=6 query="select count(*) from commits" success=true system=audit user=root |
| 100 | +``` |
| 101 | + |
| 102 | +``` |
| 103 | +INFO[0910] audit trail action=query address="127.0.0.1:42428" connection_id=2 duration="77.822µs" err="syntax error at position 6 near 'wrong'" pid=5 query="wrong query" success=false system=audit user=root |
| 104 | +``` |
0 commit comments