On Saturday 10 December 2005 11:45 am, Mikhael Goikhman wrote: > On 09 Dec 2005 17:52:35 -0500, Michael J. Flickinger wrote: > > After some long sftp-server hacking, we have a secure way to offer Arch > > hosting with some bells and whistles as well > > Sounds promissing, although I am not sure hacking sshd is the best thing. > > I would really appreciate having a real shell account instead, a-la > SourceForge. With access to the web pages too. We needed to setup an > external arch-to-cvs gateway just to edit the web pages, this is painful. > Due to an extremely paranoid security model at Savannah, we won't be offering shell accounts.
What exactly do you mean by web pages, I find this slightly ambiguous? Are you referring to project's webpages at Savannah or the web pages for the Arch archives? > If the intention is to make it impossible for a user to remove the arch > project history, then daily backups may be a good solution. Once again, revolving around the super paranoid security model, sftp-server.c was hacked to change ownership of patches/bases, once committed, to root and make them undeleteable/changeable to project members. Basically, once something is committed to an archive, it's committed. This does present one minor problem however, the uncacherev command will not work. > > Anyway, I tried to use the instructions, and here are the results: > > % tla register-archive > sftp://[EMAIL PROTECTED]/archives/administration Registering archive: > [EMAIL PROTECTED] > > % tla categories [EMAIL PROTECTED] > arch-subsystem > arch-webpage > > % tla abrowse [EMAIL PROTECTED]/arch-subsystem > [EMAIL PROTECTED] > arch-subsystem > sftp status: Permission denied > > Is this intentional, or just something missing in the sshd hack? :) > Also, the archives are created without 'make-archive --listing' option. > Neither, this is due to the fact arch-subsystem is not publically readable, as it's a private archive. > tla register-archive -f http://arch.sv.gnu.org/archives/administration/ > webdav error: 404 Not Found > > If the intention is to allow anonymous access to the archives, you may > add =meta-info/http-blows to existing archives and run 'archive-fixup'. > > I hope this message is helpful. > > Regards, > Mikhael. -- Michael J. Flickinger _______________________________________________ Gnu-arch-users mailing list Gnu-arch-users@gnu.org http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/
