Version Control
svn+ssh://odyssey@core/u/odyssey/svn/odyssey/
-
- The JavaScript and CSS files, as well as relevant XHier control files, are kept outside the repository as of June 2007.
- Permission to read and write the repository is arranged by adding your public key to
/u/odyssey/.ssh/authorized_keys
with an extra prefix limiting the available shells to svnserve
and mapping your public key with the author name USER
that will be recorded in your commits.
command="svnserve -t --tunnel-user=USER" ssh-dss AAAA...
- In case one needs shell access to the
odyssey
home directory, another key pair should be created for the above Subversion access. Replace the user's default public key in the above authorized_keys
line with the new Subversion-only public key. The user's default public key should be added as another line without the command
prefix. (A custom home sub-directory may be arranged with the prefix command="exec ~odyssey/pub/bin/login -r $USER -e SSH_ORIGINAL_COMMAND"
). The following line should be added to the user's shell startup file, provided that ~/.ssh/svn_id_dsa{,.pub}
is the new Subversion-only key pair. The line should be activated by either executing it or logging in.
export SVN_SSH="ssh -i ${HOME}/.ssh/svn_id_dsa"
- To check out the code into a working directory, run
svn co svn+ssh://odyssey@core/u/odyssey/svn/odyssey/
/u/odyssey/svn/ogsas/conf/authz:
[groups]
dev = odyssey,ijmorlan
/u/odyssey/.ssh/authorized_keys:
command="svnserve -t --tunnel-user=USER" ssh-dss AAAA...= USER@HOST
- Web access to the graduate admission data in the
ogsas
repository is performed on behalf of user odyssey
and is additionally limited by the ViewVC configuration file in /u/odyssey/lib/viewvc/viewvc.conf. (This became possible after making a custom change to the authorization code in ViewVC).
/u/odyssey/lib/viewvc/viewvc.conf
[root-ogsas/authz-forbidden]
forbidden = *
superusers = USER1, USER2, ...
[root-odyssey/authz-forbidden]
forbidden = !*
--
IsaacMorland
--
IlguizLatypov - 24 Aug 2007