Recommendations For Access Control
Scott Stephens
stephens.js at gmail.com
Mon May 10 01:02:45 BST 2010
Hi all,
I'm looking for some advice on how to configure access control to a
central bazaar repository located on a Ubuntu server. Users have
shell accounts on the machine, and use it for things other than
accessing the repository.
I'd like to accomplish the following:
- Allow users remote access to the repositories on the machine.
- Have authentication/access control be linked to the user's shell account
- Give certain users commit privileges on the repositories, and deny
this to other users.
- Allow users with commit privileges to commit to the repository, but
otherwise deny write access to the repository data (mainly I don't
want users with only commit privileges to be able to destroy or
corrupt the repository by deleting the files or overwriting them with
garbage data using a non-bzr program).
Using bzr+ssh with linux file permissions to control access seems like
a fit except that I would have to allow committers full write access
to the bzr data, which I would rather not do. Using the various
limited ssh solutions seems like a fit except that it doesn't allow
users to use their shell accounts on the machine normally.
I would appreciate any suggestions anyone might have.
Thanks,
Scott
More information about the bazaar
mailing list