Hi, I have followed the instructions of http://wiki.darcs.net/DarcsWiki/HintsAndTips#head-b0e65fffb81623b4862802160f3e1437713d8b59 in order to use scponly to restrict ssh access for a darcs project, but I am not able to push patches. I'm using darcs 2.2.1 on a Ubuntu 9.04 machine. scponly is version 4.6-1.4ubuntu1.
After a little searching, I found that scponly is not compatible with darcs . It does have flags to be build to be compatible with SVN for instance (http://www.sublimation.org/scponly/wiki/index.php/Features), but darcs compatibility has been rejected by the developers of scponly ( https://lists.ccs.neu.edu/pipermail/scponly/2007-July/001804.html ) . I am surprised that one can not simply tell scponly "please also this program to be run" in a configuration file, but well, there are certainly good reasons for that. I should precise my intentions: I want an easy (but not necessary unbreakable) way to restrict permissions of users solely created to commit into a darcs repository on a Linux box. I'm conscious of the "not unbreakable" aspect because, as the manpage of rssh says about CVS: "If you are using rssh to allow CVS access, it should be noted that it is not possible to prevent a user who is very familiar with CVS from bypassing rssh and getting a shell, unless the user does not have write access in the repository. Obviously, the user must have write access to the repository in order to update it, which allows them to upload arbitrary programs into the repository. CVS provides several mechanisms for executing such arbitrary programs... " Then, the manpage suggests using chroot jails, but it starts seeming a little too tedious for my lazy person :-) So, two questions: * is the abovementioned paragraph on http://wiki.darcs.net/DarcsWiki/HintsAndTips really outdated or wrong ? * what are you using to restrict user freedom ? scponly, rssh ? a chroot jail ? nothing ? [after more searching] * I found this page : http://wiki.darcs.net/DarcsWiki/RepoViaSSH which provides a patch for rssh to use darcs. * I also found a darcs shell posted on this list a few months ago : http://lists.osuosl.org/pipermail/darcs-users/2008-April/011825.html I do not know how to use it. * and finally there is : http://www.equational.org/darcs-server/ Which leads to a third question: Shoud we give some love to the page http://wiki.darcs.net/DarcsWiki/RepoViaSSH to reflect these resources ? guillaume _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
