> Date: Tue, 05 Jun 2007 18:38:05 -0500 > From: [EMAIL PROTECTED] > The use case I'm trying to work on is Mercurial best practices > for setting up a multi-user repository. My assumptions are: > - I only want to support push via ssh (not http) because > of more secure authentication and optional compression > - I want control of exactly what kind of shell privileges > each user has > - Setting up ssh for password-less operation is understood [1] > - In reviewing the man page for "hg push" [2] it is clear > that a shell account is required for ssh pull/push to work.
Unless you're willing to rely on .htpasswd-like authentication [1]. (Which I'm not.) > ... > > Are there alternative best practices for multiuser > commit access via ssh? Yep. I've set up some (Sun-internal) hg trees that support multiuser pushes using the hg-ssh script [2]. Far simpler than hacking rbash, especially since everyone winds up running under the same user id on the server. - Mark [1] http://www.selenic.com/mercurial/wiki/index.cgi/HgWebDirStepByStep#head-746ca383e3a62df34279ec2fca888113497da022 [2] http://www.selenic.com/mercurial/wiki/index.cgi/SharedSSH
