Bazaar SSH access control
Michael Schubert
mschub at elegosoft.com
Mon Nov 5 12:36:15 UTC 2012
On 10/31/2012 03:43 PM, John Arbash Meinel wrote:
> So chroot and ~/homedir support are both implemented using
> PathFilteringTransport, so I think something like this would work for you.
>
> However, I would mention that it might be easier to hook it at a
> different point than 'ssh-serve'.
>
> a) you might at least want to call it acl-serve, since it isn't
> actually serving ssh. The process is connecting via ssh to your
> machine, which is spawning 'bzr serve ...' (or whatever you configure
> in your authorized_keys file.)
The name for sure is arguable.
> b) 'bzr serve' already has support for --protocol, which might be an
> easier place to hook into. I won't guarantee that, but it might be
> something to look at.
When you say 'bzr serve', you mean calling cmd_serve.run() from the
plugin?
>From my understanding, there's only one protocol (bzr, the default)
which can be choosen for --protocol atm.
More information about the bazaar
mailing list