Re: [Monotone-devel] db kill_rev

monotone-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Monotone-devel] db kill_rev_locally

From:	Daniel Carrera
Subject:	Re: [Monotone-devel] db kill_rev_locally
Date:	Sun, 12 Oct 2008 14:00:22 +0200
User-agent:	Thunderbird 2.0.0.17 (Macintosh/20080914)

Ludovic Brenta wrote:

Which would require me to have SSH login ("daniel"). What am I missing?


You are correct but the address@hidden account may be
unprivileged (running a restricted shell) and shared with other
developers.  You might as well call it after the project the
developers work on, e.g. address@hidden  The monotone
server itself, and the database, belong to and run as a different
user, e.g. address@hidden

Thanks. I believe I understand the technique now. Make a dummy accountwhere all the devs login and give them a shell that does nothing. It'svery good, and it seems to work in every case in which my initialproposal works. It'd be nice if it was documented on the website somewhere.

I run a public monotone server on www.ada-france.org; see
http://www.ada-france.org/article131.html for explanations.  The
security model is simple: everyone has read access, and only a few
trusted developers have write access to the entire database (they can
create branches at will).  Because this is a netsync server running as
a "monotone" user that has /bin/false as its shell, only sysadmins
with root access to the machine can delete from this database.


Thanks. I'll read that article.

Daniel.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Monotone-devel] db kill_rev_locally, (continued)

Prev by Date: Re: [Monotone-devel] Re: Undo a commit
Next by Date: Re: [Monotone-devel] Re: nvm.stripped
Previous by thread: Re: [Monotone-devel] db kill_rev_locally
Next by thread: Re: [Monotone-devel] db kill_rev_locally
Index(es):
- Date
- Thread