Re: [fossil-users] is fossil repo web configuration possible from command-line?

2016-01-22 Thread Dewey Hylton
In the end I think the sql method is the safest and best bet for my use case. This was really quick to cobble together, and of course doesn't have any protection (eg. from sql-injection or whatever), but as I'm just focusing on rolling out new repositories via script I think I'm off to a decent

Re: [fossil-users] Restrict password authenticated operations to SSH?

2016-01-22 Thread Stephan Beal
On Fri, Jan 22, 2016 at 7:05 AM, Andy Bradford wrote: > ... With an SSH key, you can use the ForceCommand to cause SSH to run > something other than ``fossil test-http'' > > For example, you could do: > ... That belongs in a cookbook/howto, if it's not already.

Re: [fossil-users] Restrict password authenticated operations to SSH?

2016-01-22 Thread Stephan Beal
On Fri, Jan 22, 2016 at 4:56 AM, Warren Young wrote: > H, I hadn’t even considered how privileges were enforced in the SSH > case. I guess it’s just logging in and modifying a local Fossil DB on the > server, right? > Right. Any time fossil runs against a local file, the

Re: [fossil-users] slightly hacked Blitz skin

2016-01-22 Thread Jan Danielsson
On 21/01/16 19:17, Stephan Beal wrote: > i recently started using the Blitz skin on all my repos, but > fixed-/max-width pages annoy me to no end, so it go hacked every so > slightly to remove the max width. For anyone interested, here it is: > >

Re: [fossil-users] Restrict password authenticated operations to SSH?

2016-01-22 Thread Warren Young
On Jan 21, 2016, at 11:05 PM, Andy Bradford wrote: > > Here is a sample of what might go into fossilwrapper: I’ve studied this, and ended up with a bunch of questions about why you wrote it as you did: > ForceCommand /home/fossil/bin/fossilwrapper wyml [snip] >

Re: [fossil-users] Restrict password authenticated operations to SSH?

2016-01-22 Thread Richard Hipp
On 1/21/16, Warren Young wrote: > > TLS isn’t sounding so bad after all. Stunnel4 (https://www.stunnel.org/index.html) works well for me. -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list

Re: [fossil-users] Restrict password authenticated operations to SSH?

2016-01-22 Thread Warren Young
On Jan 21, 2016, at 11:05 PM, Andy Bradford wrote: > > Technically, using SSH keys isn't strictly necessary. You can > use ForceCommand on a per SSH user basis This is what I meant when I said that I don’t see that SSH keys have anything to do with it.

Re: [fossil-users] is fossil repo web configuration possible from command-line?

2016-01-22 Thread Barry Arthur
This is useful. Thanks. On 23 January 2016 at 03:34, Dewey Hylton wrote: > In the end I think the sql method is the safest and best bet for my use > case. This was really quick to cobble together, and of course doesn't have > any protection (eg. from sql-injection or