Recommendations For Access Control

[John Arbash Meinel]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Strauss wrote:
> On 2010-05-10 00:02, Scott Stephens wrote:
>> Hi all,
>>
>> I'm looking for some advice on how to configure access control to a
>> central bazaar repository located on a Ubuntu server.  Users have
>> shell accounts on the machine, and use it for things other than
>> accessing the repository.
>>
>> I'd like to accomplish the following:
>> - Allow users remote access to the repositories on the machine.
>> - Have authentication/access control be linked to the user's shell account
>> - Give certain users commit privileges on the repositories, and deny
>> this to other users.
>> - Allow users with commit privileges to commit to the repository, but
>> otherwise deny write access to the repository data (mainly I don't
>> want users with only commit privileges to be able to destroy or
>> corrupt the repository by deleting the files or overwriting them with
>> garbage data using a non-bzr program).
>>
>> Using bzr+ssh with linux file permissions to control access seems like
>> a fit except that I would have to allow committers full write access
>> to the bzr data, which I would rather not do.  Using the various
>> limited ssh solutions seems like a fit except that it doesn't allow
>> users to use their shell accounts on the machine normally.
> 
> The Wikimedia Foundation uses a fake shell (I think called "silly
> shell") that SSH starts which only allows Subversion commands. You could
> do the same for Bazaar.
> 

You may want to look at "contrib/bzr_access" which describes ways to
give bzr-only shell access.

http://bazaar.launchpad.net/~bzr-pqm/bzr/bzr.dev/annotate/head%3A/contrib/bzr_access

John
=:->

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkvnqlcACgkQJdeBCYSNAAPD+QCgoiprqijyY7keqgR8pnKHnfyL
hvUAnRPx+6dQ2biQx46GXiJpkz25ZS6x
=zPE+
-----END PGP SIGNATURE-----