>> For those curious, ssh resets signals even on the client. >> So ignoring SIGINT doesn't do the trick. >> >> We have to disable them in the terminal (and then >> make sure we re-enable them upon exit). > > can't you block delivery of signals on the server (wrapping the hg > server side?)
You would think so, but we had no luck. We blocked signals in the on-hg.py script that is the one command run on the server side, and it did not prevent control-C from killing the client-side ssh process. > can you trust all client to be running the fixed cdm at the time this > goes live? (IMHO, no.) No more than we can trust all clients to be using cadmium in the first place. This is not a beautiful, elegant, complete, happy solution, and we know it. It's a minimum for going live. As mitigating factors, there will be a tools flag day tomorrow, and we'll control push access for the first couple of days. --Mark
