bzr serve
Balint Aradi
balint.aradi at bccms.uni-bremen.de
Fri Dec 7 11:37:20 GMT 2007
> I did a quick skim of the SVN docs... it appears they suggest setting a
> authorized_keys file for each user that runs "svnserve -r /path/to/virtual/root
> ..." for their key. I guess that works, but that doesn't seem like an elegant
> solution, or one that has low admin cost to me.
This is exactly I'm doing at the moment. I find this solution
satisfactory, as you have only one account for all external developers,
and you can even hide the internal directory structure from them using
the "-r" option.
Administrative cost is practically zero, as I have script, which
creates the .authorized_keys file by traversing through the directory
containing the developers public keys. So adding a new developer means
only to put his key into the appropriate directory using his username as
filename. The finegrained access control for the users can then be set
in the authzfile, read by svnserve.
I wanted to do something similar for bzr (as I'd like to switch at
some point), by extracting the directory name from the --directory
option (as passed to ssh), looking up access permissions in an INI file,
and then start a "bzr server --inet --directory=..." with or without
"--allow-writes" depending on the users permission for the given
directory. However, since bzr always passes "--directory=/", there is no
(easy) way to tell, which repository the user wants to access. :-(
A possible "workaround" would be to set up separate accounts for
separate directories, but this is something I'd like to avoid. Any other
solutions?
Bálint
--
Dr. Bálint Aradi
Bremen Center for Computational Materials Science, University of Bremen,
TAB A/3.10, Am Fallturm 1, 28359 Bremen, Germany, Tel.: +49 421 2187421
http://www.bccms.uni-bremen.de/en/employees/b_aradi/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20071207/a07e06e9/attachment.pgp
More information about the bazaar
mailing list