Q: Access Control Options
Vincent Ladeuil
v.ladeuil+lp at free.fr
Thu Sep 30 11:24:40 BST 2010
>>>>> Alexander Belchenko <bialix at ukr.net> writes:
<snip/>
>> I'm assuming that's humor which I am unable to translate. :)
> That's a sad humor. I'm even not sure it was funny.
We love you anyway :)
> I don't have your experience about SVN auth solutions, and
> therefore I don't understand why built-in ACL support in the
> bzr:// protocol would hurt. I would like to understand all issues
> here. But as my naive expectation such thing like built-in ACL
> and simple users management will be so easy to use for people so
> everybody would love to use only the fastest bzr:// protocol
> because it would be so easy to set it up.
The basic reason is DRY. ACLs and user management are better handled in
other software (like ssh for exmaple) so it has never been a priority
for us.
Yet,
https://bugs.edge.launchpad.net/bzr/+bug/84660
https://bugs.edge.launchpad.net/bzr/+bug/476480
https://bugs.edge.launchpad.net/bzr/+bug/126911
are the related I could find.
> For example, there is still no bzr+ssh:// support on Savannah,
> only sftp. Why? Maybe because bzr+ssh:// is a bit harder to
> setup?
Nope, the context and the constraints are totally different there.
> My personal interest in easy and built-in ACLs is to allow even
> the smallest company to setup bzr:// server on any spare
> computer. In such small companies there is no certified sysadmins
> at all, and people maintain their infrastructure themselves. I'm
> dreaming about: just install, configure (possible via qt-based
> wizard ;) and go!
Then it seems everybody agree that we should implement a paramiko-based
shh server that can run with no install hassles (*not* on port 22 so
that it doesn't have to be a full ssh server only one targeted at
bzr+ssh and possibly several of them (one by project)).
Vincent
More information about the bazaar
mailing list