It appears that gitolite works much like mercurial-server.
What I would expect (I haven't set up fossil yet, because I need this
functionality) is that the authorized_keys file for the fossilcm user
would have:
command="/home/fossilcm/bin/fossil gate admin" ssh-rsa ...
command="/home/fossilcm/bin/fossil gate someuser" ssh-rsa ...
command="/home/fossilcm/bin/fossil gate amb" ssh-rsa ...
command="/home/fossilcm/bin/fossil gate otheruser" ssh-rsa ...
where the name after gate defines the fossil user that this
represents, and the ... are the public keys from the particular users.
Then fossil would do whatever the remote command is with LOGIN set to
user, e.g., amb, so that whatever permissions amb has to the
particular xxx.fossil file would apply. All the fossils would reside
in a directory, e.g. ~/fossils and the remote user would say something
like:
fossil clone ssh://fossilcm@fossilhost/one.fossil one.fossil
and it would only validate against the public key that that user has.
This way the remote user can't access any files other than the fossils
in that directory.
In the simplest version of this, the administrator of the fossilcm
account would have to manually add user amb's public key to fossilcm's
authorized_keys file and add the command= to the front of it (but I
outline below a very simple way to allow this to be done remotely
after the first one is set up by the admin).
mercurial-server automates this via a commit/push hook on a special
repository so that keys get automatically added to the authorized_keys
file. Their setup is more complicated than necessary, given existing
fossil controls. I would simply set it up as follows:
~fossilcm/bin:
fossil - the executable
~fossilcm/.ssh:
authorized_keys - auto generated by changes to the admin fossil
~fossilcm/fossils:
fossil-admin.fossil - the special repository
one.fossil - user accesible fossils
two.fossil
three.fossil
the fossil-admin repository would simply contain the ssh pub files for
the users allowed to access any of the controlled fossils:
admin.pub
someuser.pub
amb.pub
otheruser.pub
and all the permission would be handled by the normal fossil commands
against the set of users defined in the fossil-admin fossil - in this
case: admin, someuser, amb, otheruser. (Presumably only admin is
allowed to commit to fossil-admin.)
You could make the fossil-admin.fossil more complex to make the
permissions controlled by the ssh key as well, but if I understand
fossil, that's already well handled by existing mechanisms.
Sorry, that's long, but I think complete and simple. If not clear,
please ask for clarification. This is functionality that I *REALLY*
want, but I don't know enough about fossil and the code base to make
it happen.
Thanks ../Dave
_______________________________________________
fossil-users mailing list
fossil-users@lists.fossil-scm.org
http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
