Version Control

         svn+ssh://odyssey@core/u/odyssey/svn/odyssey/

    • The JavaScript and CSS files, as well as relevant XHier control files, are kept outside the repository as of June 2007.

  • Permission to read and write the repository is arranged by adding your public key to /u/odyssey/.ssh/authorized_keys with an extra prefix limiting the available shells to svnserve and mapping your public key with the author name USER that will be recorded in your commits.
         command="svnserve -t --tunnel-user=USER" ssh-dss AAAA...

  • In case one needs shell access to the odyssey home directory, another key pair should be created for the above Subversion access. Replace the user's default public key in the above authorized_keys line with the new Subversion-only public key. The user's default public key should be added as another line without the command prefix. (A custom home sub-directory may be arranged with the prefix command="exec ~odyssey/pub/bin/login -r $USER -e SSH_ORIGINAL_COMMAND"). The following line should be added to the user's shell startup file, provided that ~/.ssh/svn_id_dsa{,.pub} is the new Subversion-only key pair. The line should be activated by either executing it or logging in.
         export SVN_SSH="ssh -i ${HOME}/.ssh/svn_id_dsa"

  • To check out the code into a working directory, run
         svn co svn+ssh://odyssey@core/u/odyssey/svn/odyssey/

         /u/odyssey/svn/ogsas/conf/authz:
            [groups]
            dev = odyssey,ijmorlan

         /u/odyssey/.ssh/authorized_keys:
            command="svnserve -t --tunnel-user=USER" ssh-dss AAAA...= USER@HOST

  • Web access to the graduate admission data in the ogsas repository is performed on behalf of user odyssey and is additionally limited by the ViewVC configuration file in /u/odyssey/lib/viewvc/viewvc.conf. (This became possible after making a custom change to the authorization code in ViewVC).
         /u/odyssey/lib/viewvc/viewvc.conf
            [root-ogsas/authz-forbidden]
            forbidden = *
            superusers = USER1, USER2, ...
 
            [root-odyssey/authz-forbidden]
            forbidden = !*

-- IsaacMorland

-- IlguizLatypov - 24 Aug 2007

Topic revision: r7 - 2015-11-02 - BillInce
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback