bzr serve and access control?

[Josef Wolf]

On Tue, Feb 02, 2010 at 11:16:25PM +0800, Eugene Wee wrote:
> Hi,
> 
> On Tue, Feb 2, 2010 at 6:32 PM, Josef Wolf <jw at raven.inka.de> wrote:
> > 2. Create one account per repository and use authorized_keys to give
> >   permission to users. No way to give read-only access this way.
> >   In addition, it is not possible to give users possibility to create
> >   new repositories on the fly by themselves.
> >
> > 3. Use bzr_access (or a similar method). Here, every user needs multiple
> >   keys (one key for every repository he wants to access).
> >   As above, we can't give read-only access to specific users this way.
> 
> The documentation for bzr_access gave me the impression that you can
> give read-only access to specific users with the appropriate
> configuration, though I never actually used this myself. A quick test
> confirms the documentation,

The problem with bzr_access is that the /path/to/repository is directly
associated with the ssh key. So if you want to give the same user access
to a second repository, you have to ask him to create a second key. Ten keys
for ten repositories. Then it starts to get really painful for the user,
since they have to constantly add/remove their keys to ssh-agent or use
ssh's -i option (BTW: how would they specify the ssh identity with bzr?)

> Note that you can use bzr_access with the "one account per repository"
> method to avoid requiring that each user have a different key for each
> repository.

This method has the other drawback I wrote in my previous mail: users are
not able to create new repositories on the fly. You always have to create
the system account for the repository first.