On 16.09.2012 00:29, Pierre Schmitz wrote: > * maybe review our group setup
One group per repo or what do you mean? > * package files and svn files cannot be accessed by these accounts. Use > some sudo and dedicated user magic here so that only dbscripts can write > packages and the svn repo can only be access via an svn client. I've looked into that and all I found was that you "should" use ssh forced commands together with separate keys. AFAIK it is not possible to tell svn to run a different command than "svnserve -t" when connected via ssh. It might be possible to use a simple forced commands wrapper that passes just traps svnserve and executes it with sudo. I haven't checked if that works with interactive shells. > We can ave a more advanced setup later. Good idea. -- Florian Pritz
signature.asc
Description: OpenPGP digital signature
