[darcs-users] scponly, rssh, darcs-server, jail

Trent W. Buck trentbuck at gmail.com
Sun Apr 5 01:12:32 UTC 2009 

Guillaume Hoffmann <guillaumh at gmail.com> writes:

> I should precise my intentions: I want an easy (but not necessary
> unbreakable) way to restrict permissions of users solely created to
> commit into a darcs repository on a Linux box.  [scponly does not work
> as advertised on the wiki, nor will it.]  Then, the manpage suggests
> using chroot jails, but it starts seeming a little too tedious for my
> lazy person :-)

Short of using chroots, this problem has been solved for rsync with the
rrsync[sic] script, distributed with rsync's source tarballs (under
tools/ IIRC).

What you then do is add

    command="rrsync <details>" <public key> <command>

to .authorized_keys as normal.  The rrsync script then allows the remote
rsync to run different commands (e.g. with or without -z), without
giving the user carte blanche to run any command they please.

For darcs, I think there are about four remote commands used overall,
the most common being transfer-mode.  You could write a similar wrapper
to rrsync, but for Darcs.  I think such a thing would be very welcome
into our contrib/ directory.

> * is the abovementioned paragraph on
> http://wiki.darcs.net/DarcsWiki/HintsAndTips really outdated or wrong
> ?

It wouldn't surprise me in the slightest.  Would you care to update it,
please?

> * what are you using to restrict user freedom ? scponly, rssh ? a
> chroot jail ? nothing ?

The Darcs project itself relies on patch submissions via "darcs send"
instead of "darcs push".

> * I also found a darcs shell posted on this list a few months ago :
> http://lists.osuosl.org/pipermail/darcs-users/2008-April/011825.html
> I do not know how to use it.

That sonds like the rrsync approach I described above.  Would someone
please adopt this script and add it (and documentation) to contrib/?  I
think it'd be very useful to have a canonical version rather than
various users' personal ad-hoc implementations.

> * and finally there is : http://www.equational.org/darcs-server/

Certainly pushing with HTTP PUT (or some other "smart server") is
another way to provide security, and this is what other VCSs tend to do.
AFAIK this functionality exists for Darcs, but is not yet mature.

> Shoud we give some love to the page
> http://wiki.darcs.net/DarcsWiki/RepoViaSSH to reflect these resources
> ?

Yes, please.  We are understaffed in the wikignome department, which is
why articles are out of date.

More information about the darcs-users mailing list