[arch-dev-public] [RFC] Moving repos to nymeria
Florian Pritz
bluewind at xinu.at
Mon Sep 17 16:32:33 EDT 2012
On 16.09.2012 00:29, Pierre Schmitz wrote:
> * maybe review our group setup
One group per repo or what do you mean?
> * package files and svn files cannot be accessed by these accounts. Use
> some sudo and dedicated user magic here so that only dbscripts can write
> packages and the svn repo can only be access via an svn client.
I've looked into that and all I found was that you "should" use ssh
forced commands together with separate keys. AFAIK it is not possible to
tell svn to run a different command than "svnserve -t" when connected
via ssh.
It might be possible to use a simple forced commands wrapper that passes
just traps svnserve and executes it with sudo. I haven't checked if that
works with interactive shells.
> We can ave a more advanced setup later.
Good idea.
--
Florian Pritz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20120917/ba279825/attachment.asc>
More information about the arch-dev-public
mailing list