savannah-hackers-public
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers-public] mercurial ssh access issues

From: Aleix Conchillo Flaqué
Subject: [Savannah-hackers-public] mercurial ssh access issues
Date: Tue, 15 Apr 2008 20:42:25 +0200 
Hi,
I have been trying the limited Mercurial pull/push access using the hg- ssh script and it works fine. The authorized_keys file must look like this: 

command="cd /srv/hg/project && hg-ssh . *" ssh-rsa .....
With "." we solve a single repo and with "*" we also solve multiple subrepos.
So, what's the problem? The problem is that now only mercurial commands are allowed. With the options available, the hg-ssh script seems the cleanest way to solve the ssh access, so I think it would be great to use it.
How? I've been thinking on creating a general ssh script, let's say sv_ssh_access. So in the authorized_keys we would have: 

command="sv_ssh_access" ssh-rsa ....
The script would need to check for the command passed via ssh (SSH_ORIGINAL_COMMAND) and do whatever (e.g. call hg-ssh). It would also be useful to display "Out of service" messages or anything else we could imagine. 

I have tried it with a simple python script that calls hg-ssh:

-----------

#!/usr/bin/env python

import os

os.chdir("/var/srv/hg/sources/test_project")
os.system("hg-ssh . *")

-----------

Now, the script could be just (which also works fine):

-----------
!/bin/sh

exec $SSH_ORIGINAL_COMMAND
-----------

It's just an idea.

Aleix
reply via email to
[Prev in Thread] Current Thread [Next in Thread]