[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Monotone-devel] Google Summer of Code 2006
From: |
Chad Walstrom |
Subject: |
Re: [Monotone-devel] Google Summer of Code 2006 |
Date: |
Fri, 21 Apr 2006 09:54:17 -0500 |
Richard Li <address@hidden> wrote:
> Sourceforge offers CVS hosting; gna.org offers Arch, Subversion, and
> CVS hosting.
>
> So enabling one of these sites to offer Monotone hosting. I would
> imagine that the process of setting this up could drive some feature
> development in Monotone as well.
There's been a lot of talk lately on the address@hidden list
about this. Currently, Savannah offers CVS and GNU Arch, but
obviously people want to run their favorite SCM's to work on their
projects. Subversion has come up in the discussion (with some loud
approval), and I dropped the Monotone with usher suggestion into the
fray.
It was rejected on the issue of security, that if usher were allowed
to launch 'mtn serve' instances, they would be required to share the
same system user/group permissions. A single compromised usher
instance would then give unmitigated access to each of the services it
started. The alternative I proposed was to manage the 'mtn serve'
instances separately, then use usher to proxy.
Some of what needs to be done in order to pull this off is to have
management scripts for hosting monotone servers in place. I asked
Greydon if inetd-enabling monotone would work, but he indicated that
there would be database locking issues. I've added a feature-request
to daemonize monotone [1], which would certainly help with launching
and controlling 'mtn serve' instances.
There is the possibility of adding setuid/setgid calls to usher, but
that means usher would need to be run as root or have some sort of
capabilities package enabled in the kernel to assign these rights to
an unprivileged user. A little scary, if you ask me, since usher is
processing public requests.
There's the Postfix way of launching new services, a master server.
usher could make requests of the master server to launch a new 'mtn
serve' instance as a given user. i.e. The 'gnats' user to launch 'mtn
serve' on the GNATS project's gnats.mtn database.
IMHO, working with the Savannah team to serve Monotone would be quite
awesome. ;-) A good Google SoC project.
References
==========
1. https://savannah.nongnu.org/bugs/?func=detailitem&item_id=16177
--
Chad Walstrom <address@hidden> http://www.wookimus.net/
assert(expired(knowledge)); /* core dump */
- Re: [Monotone-devel] Google Summer of Code 2006, (continued)
- Message not available
- Message not available
- Re: [Monotone-devel] Google Summer of Code 2006, Ingo Maindorfer, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Richard Li, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Thomas Keller, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Richard Li, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006,
Chad Walstrom <=
- Re: [Monotone-devel] Google Summer of Code 2006, Richard Levitte - VMS Whacker, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Ethan Blanton, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Richard Levitte - VMS Whacker, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Ethan Blanton, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Richard Levitte - VMS Whacker, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Timothy Brownawell, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Timothy Brownawell, 2006/04/24
- Re: [Monotone-devel] Google Summer of Code 2006, Chad Walstrom, 2006/04/21
- Re: [Monotone-devel] Google Summer of Code 2006, Nathaniel Smith, 2006/04/22
- [Monotone-devel] Re: Google Summer of Code 2006, Bruce Stephens, 2006/04/21