apache repository setup

Andrew Thompson andrewkt at aktzero.com
Tue Aug 9 21:50:12 CDT 2005 

John Evans wrote:
> the verify worked fine also.  so, looks like "write" access is not working.
> so, if i chmod the entire .hg tree to 777... then i can now hg push if
> I am user "je", but get a permissions error when another user "guestuser"
> tries to push the next time.  looks like there are some files created
> .hg/undo
> .hg/undo.dirstate
> that have group and owner of "je", and only write permission for the 
> owner, je.
> so, that means another user (e.g. guestuser) can not push into this same 
> repository.
> now, if i login as guestuser, but then use an ssh login as "je" to do 
> the push,
> i.e. "hg push ssh://je@je_server1/~/je-repo", then i can push guestuser's
> local repository modifications into je-repo but as user je.  hmm, not 
> the best,
> but maybe ok for now.  I would rather have a record of users commits, 
> instead
> of just a single user name.
> 
> very much appreciate the help Andrew,
> so right now in summary I have to:
> 1) chmod 777 all the repository
> 2) have to push with only the original user ("je" in this case)
> 
> if you  have additional thoughts.. i'll give'em a try. i'm not sure
> where to go from here, but will look at maybe mercurial permissions
> on file creations.  i could put all the users into a single group, then
> if mercurial would give me group write permissions on any .hg files created
> then that might work...

Do a "which hg" to find out where hg is in your path. Rename that script 
to hg-real. Create a new script named hg in that folder, and chmod +x 
it. Your new hg script should contain:

#!/bin/sh
umask 002
sg dev_group_name /path/to/hg-real $*


umask always confuses me. This may not work at all. Perhaps someone else 
can jump in and bail me out. Basically you want to accomplish an updated 
umask, that'll leave g+rw in effect, and still have sg put you in the 
proper group.

You may still have to run some of Matt's suggested lines to sanitize the 
permissions before it all works as expected. Something like the 
following ought to fix it:

chown je:dev_group_name ~/je-repo -R

Please tell us about your final solution so the scenario can be 
documented for future users.

hth

-- 
Andrew Thompson
http://aktzero.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: andrewkt.vcf
Type: text/x-vcard
Size: 129 bytes
Desc: not available
Url : http://www.selenic.com/pipermail/mercurial/attachments/20050809/4b85ed1e/andrewkt.vcf

More information about the Mercurial mailing list