bzr serve

Andrew Bennetts andrew at canonical.com
Fri Dec 7 08:06:36 GMT 2007


Andrew Cowie wrote:
> On Thu, 2007-12-06 at 14:23 -0600, John Arbash Meinel wrote:
> > I suppose my only problem with "--directory=/" is ...
> 
> The bigger problem is that bzr+ssh:// URLs are absolute paths from the
> *server* root. We of course run the bzr server, so we advertise URLs of
> the form:
> 
>         bzr://research.operationaldynamics.com/bzr/slashtime/mainline/
> 
> but have to get to write the following to push:
> 
>         bzr+ssh://centauri.lhr.operationaldynamics.com/export/web/com/operationaldynamics/research/bzr/slashtime/mainline/
> 
> This is, of course, inane, asymmetrical, bad security practise (for
> exposing underlying server side internals), lacking in elegance, and the
> sort of usability cruft that I for one would like to encourage the
> Bazaar hackers to try and eliminate before they feel confident to call
> bzr 1.0.

Hmm, this is sort of related to https://bugs.launchpad.net/bzr/+bug/109143, but
actually is a different feature request that I hadn't heard of before.

How do other VCS's deal with this?  Server-wide configuration files that the
"vcs-serve" process reads?

I did a quick skim of the SVN docs... it appears they suggest setting a
authorized_keys file for each user that runs "svnserve -r /path/to/virtual/root
..." for their key.  I guess that works, but that doesn't seem like an elegant
solution, or one that has low admin cost to me.

> (Some bright spark in #bzr suggested I could make a symlink called /bzr
> in the root directory of my host pointing at the base of the virtual
> host htdocs. I think I'll just let that stand on its own merits.)

That's exactly how one SVN deployment I know deals with this...

-Andrew.




More information about the bazaar mailing list