[darcs-users] postfix and .forward, darcs-createrepo bug, darcs as a wiki for source

David Roundy droundy at abridgegame.org
Mon Jan 26 13:41:11 UTC 2004


On Tue, Jan 20, 2004 at 03:42:05AM +0100, Shae Matijs Erisson wrote:
> I'm using darcs 0.9.15-1 and postfix on debian/unstable
> 
> darcs-createrepo is giving me an error, it boils down to darcs apply not having
> a -o argument, but darcs-createrepo still calls it that way.

This has been fixed, thanks for the report.

> Also, Ian Lynagh had the great idea to turn off gpg checking and add --no-test
> so that darcs can be a wikiwiki for source code.
> 
> I would like to know if --no-test all I need for a safe anonymous push, is
> there anything else I should worry about?

Well, there are no other issues that I know of for certain.  However, I
suspect that a clever user might be able to convince darcs to create files
outside the repository tree, so you probably should also chmod a-w .forward
and any other files that are owned by your wikiwiki user.  Otherwise a
clever user might be able to change the .forward to not have --no-test.
Even better would be to make .forward root-owned, but I seem to recall that
at least exim refuses to use a .forward file that is not owned by the
user.  And unfortunately making the file read-only probably won't stop
darcs from modifying it, since darcs usually creates a new file and deletes
the old one (in order to make the write atomic).  So perhaps making the
home directory read-only as well?

The best (safest, not easiest) solution for --no-test access would be to
run darcs in a chroot environment.  To do this, you'd want to move the repo
directory one level deeper so it'd be in
/var/lib/darcs/repos/wikiwiki/chroot/repo, and then in chroot you'd put
a usr/lib and usr/bin with darcs and whatever shared libraries it needs--a
hard link should be fine, but if you want to be double extra paranoid you
could use copies, just make sure they're owned by root, not wikiwiki.

Obviously the thing that worries me is that although I've thought about
whether this would be safe, it's very hard to know the answer.  If you do
try setting up a chroot environment (which is what I'd be most comfortable
with), I'd be very interested in hearing how it works out (and if it's not
too hard, perhaps adding it as an option to darcs-createrepo).

> Anyway, here's the postfix and wiki .forward for my repo:
> 
> "|(umask 022;darcs apply --reply shae at ScannedInAvian.org --repodir /var/lib/darcs/repos/wikiwiki/repo --no-resolve-conflicts --no-test)"

Thanks for figuring this out! I've made these changes, and will get it
uploaded to the main darcs repo some time today.
-- 
David Roundy
http://civet.berkeley.edu/droundy/




More information about the darcs-users mailing list