> David Fetter wrote:
> > On Tue, Jun 24, 2008 at 09:52:22AM +0200, Magnus Hagander wrote:
> >> David Fetter wrote:
> >>> Folks,
> >>>
> >>> With lots of help from Greg Sabino Mullane, I've set up a git
> >>> repository for the WITH RECURSIVE patches on
> >>> <http://git.postgresql.org/>.
> >>>
> >>> What other patches would people like to try maintaining this way
> >>> until commitfest?
> >>>
> >>> It looks like gitosis is a good way to grant write access to git
> >>> repositories, but it's not yet packaged for FreeBSD. Any ideas
> >>> about how to handle this?
> >> As you were answered the last time you asked about it, people are
> >> already working on this.
> >
> > Which people, and what are they doing? The silence here has been
> > deafening.
>
> Peter is in charge of the GIT repository, and I've offered to make
> the changes once we've agreed exactly on what should be done.
I think it's time for a few more people--yes, I'm volunteering for the
work--to get the needed access for this :)
> >> Unfortunately, the requirements have also been raised a bit (such
> >> as allowing a user to delegate access to another user)
> >
> > Who raised those requirements, and where did that discussion take
> > place?
>
> Peter did.
So, no public discussion anywhere, even though this is something that
the future development of Postgres is supposed to depend on. That's
just great.
> > I don't recall any decision to do any of this by star chamber and
> > secret cabal, and frankly, moving the goalposts on this is a great
> > way to have it never actually happen. Is that your intention?
>
> Not mine :-) My suggestion is to fix what we have now, and then add
> more stuff later.
Excellent!
> >> which means it will take longer.
> >>
> >> Now, if you can give us a step-by-step on how to set it up, that
> >> would certainly help ;-)
> >
> > Gitosis does not, as far as I can tell, have that delegation
> > capability, but I've come up with a way to do this:
> >
> > 1. Use git-shell. Yes, this does involve creating one shell account
> > for each project, but git-shell is, by design, very short on
> > exploitable capability.
> >
> > 2. Make the .ssh directory a git repository.
> >
> > 3. Edit .ssh/authorized_keys and push via git.
>
> I was looking into being able to do it using gitosis, with an
> interface on top of it's existing GIT repository for being able to
> delegate this.
I discussed this with gitosis's author, and he wants to keep gitosis
from becoming "a sourceforge reimplementation." He did, however,
commit to stamping it 1.0 and putting up a TODO list. I'd like to
package it up for FreeBSD and Fedora, those being two common
platforms.
> I think it can be done without modifying gitosis itself, by just
> writing some simple frontend script on top of it.
Would the front-end script just modify gitosis.conf? If so, it's got
to be pretty bullet-proof because it can step on access to all the git
repositories.
> What do you think of this idea?
It's complicated :(
Wouldn't it be easier to have a gitosis admin team with the needed
access?
Cheers,
David.
--
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter
Skype: davidfetter XMPP: david.fetter@gmail.com
Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
No comments:
Post a Comment