mercurial-server: doc/manual.docbook@16056a9015f3 (annotated)

119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	1	<?xml version="1.0" encoding="utf-8"?>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	2	<article xmlns="http://docbook.org/ns/docbook" version="5.0" xml:lang="en"
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	3	xmlns:xlink="http://www.w3.org/1999/xlink">
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	4	<info>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	5	<title>Sharing Mercurial repositories with mercurial-server</title>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	6	<author><firstname>Paul</firstname><surname>Crowley</surname></author>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	7	<copyright><year>2009</year><holder>Paul Crowley, LShift Ltd</holder></copyright>
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	8	</info>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	9	<section>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	10	<title>About mercurial-server</title>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	11	<para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	12	Home page: <link xlink:href="http://www.lshift.net/mercurial-server.html"/>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	13	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	14	<para>
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	15	mercurial-server is software for Debian and Ubuntu systems which gives your
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	16	developers remote read/write access to <link
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	17	xlink:href="http://hg-scm.org/">Mercurial</link> repositories using SSH public
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	18	key authentication; it provides convenient and fine-grained key management
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	19	and access control.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	20	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	21	<para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	22	mercurial-server is the easiest and most secure way for several developers
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	23	to have read/write access to a central repository, but that's not the only
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	24	way for several people to work on the same project using Mercurial; you
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	25	should be familiar with the <link
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	26	xlink:href="http://mercurial.selenic.com/wiki/MultipleCommitters">other ways of
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	27	handling multiple commiters</link> before deciding to use this.
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	28	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	29	<para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	30	Though mercurial-server is currently targeted at Debian-based systems such
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	31	as Ubuntu, other users have reported success getting it running on other
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	32	Unix-based systems such as Red Hat. Running it on a non-Unix system such as
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	33	Windows is not supported. You will need root privileges to install it.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	34	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	35	<section>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	36	<title>Legalese</title>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	37	<para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	38	This program is free software; you can redistribute it and/or modify it
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	39	under the terms of the GNU General Public License as published by the Free
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	40	Software Foundation; either version 2 of the License, or (at your option)
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	41	any later version.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	42	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	43	<para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	44	This program is distributed in the hope that it will be useful, but
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	45	WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	46	or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	47	more details.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	48	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	49	<para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	50	You should have received a copy of the GNU General Public License along
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	51	with this program; if not, write to the Free Software Foundation, Inc., 51
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	52	Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	53	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	54	</section>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	55	</section>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	56	<section>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	57	<title>Step by step</title>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	58	<para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	59	mercurial-server authenticates users not using passwords but using <link
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	60	xlink:href="http://sial.org/howto/openssh/publickey-auth/">SSH public
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	61	keys</link>; everyone who wants access to a mercurial-server repository
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	62	will need such a key, so you'll need to familiarize yourself with them
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	63	before proceeding. In combination with <command>ssh-agent</command> (or
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	64	equivalents such as the Windows program <link
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	65	xlink:href="http://the.earth.li/~sgtatham/putty/0.60/htmldoc/Chapter9.html#pageant">Pageant</link>),
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	66	this means that users will not need to type in a password to access the
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	67	repository.
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	68	</para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	69	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	70	<title>Creating a repository host</title>
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	71	<para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	72	In what follows, we assume that you usually sit at a machine called
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	73	<systemitem class="systemname">my-workstation</systemitem> and you wish to
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	74	install mercurial-server on <systemitem
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	75	class="systemname">repository-host</systemitem>. First, you'll need to
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	76	create an SSH public key if you haven't already. You should consult your
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	77	system documentation on how to do this, but it should look something like
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	78	this.
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	79	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	80	<screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	81	<computeroutput>user@my-workstation:~$ </computeroutput><userinput>ssh-keygen</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	82	<computeroutput>Generating public/private rsa key pair.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	83	Enter passphrase (empty for no passphrase):
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	84	Enter same passphrase again:
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	85	Your identification has been saved in /home/user/.ssh/id_rsa.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	86	Your public key has been saved in /home/user/.ssh/id_rsa.pub.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	87	The key fingerprint is:
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	88	8b:aa:0a:98:fe:e7:84:48:a3:fe:5f:31:4b:16:e6:0b user@my-workstation
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	89	user@my-workstation:~$ </computeroutput><userinput>ssh-add</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	90	<computeroutput>Enter passphrase for /home/user/.ssh/id_rsa:
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	91	Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	92	user@my-workstation:~$ </computeroutput></screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	93	<para>Now copy the files you're going to need over to your target system, and install mercurial-server</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	94	<screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	95	<computeroutput>user@my-workstation:~$ </computeroutput><userinput>ssh-copy-id repository-host</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	96	<computeroutput>user@repository-host's password:
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	97	Now try logging into the machine, with "ssh 'repository-host'", and check in:
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	98
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	99	.ssh/authorized_keys
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	100
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	101	to make sure we haven't added extra keys that you weren't expecting.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	102	user@my-workstation:~$ </computeroutput><userinput>scp mercurial-server_0.6.1_amd64.deb repository-host:</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	103	<computeroutput>mercurial-server_0.6.1_amd64.deb 100%
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	104	user@my-workstation:~$ </computeroutput><userinput>ssh -A repository-host</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	105	<computeroutput>user@repository-host:~$ </computeroutput><userinput>sudo dpkg -i ../mercurial-server_0.6.1_amd64.deb</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	106	<computeroutput>[sudo] password for user:
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	107	Selecting previously deselected package mercurial-server.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	108	(Reading database ... 144805 files and directories currently installed.)
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	109	Unpacking mercurial-server (from .../mercurial-server_0.6.1_amd64.deb) ...
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	110	Setting up mercurial-server (0.6.1) ...
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	111	user@repository-host:~$ </computeroutput></screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	112	<para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	113	mercurial-server is now installed on the repository host. Next, we need to give you permission to access its repositories.
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	114	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	115	<screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	116	<computeroutput>user@repository-host:~$ </computeroutput><userinput>ssh-add -L > my-key</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	117	<computeroutput>user@repository-host:~$ </computeroutput><userinput>sudo mkdir -p /etc/mercurial-server/keys/root/user</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	118	<computeroutput>user@repository-host:~$ </computeroutput><userinput>sudo cp my-key /etc/mercurial-server/keys/root/user/my-workstation</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	119	<computeroutput>user@repository-host:~$ </computeroutput><userinput>sudo -u hg /usr/share/mercurial-server/refresh-auth</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	120	<computeroutput>user@repository-host:~$ </computeroutput><userinput>exit</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	121	<computeroutput>Connection to shell closed.
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	122	user@my-workstation:~$ </computeroutput></screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	123	<para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	124	You can now create repositories on the remote machine and have complete
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	125	read-write access to all of them; you need never log on to <systemitem
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	126	class="systemname">repository-host</systemitem> again.
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	127	</para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	128	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	129	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	130	<title>Creating repositories</title>
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	131	<screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	132	<computeroutput>user@my-workstation:~$ </computeroutput><userinput>cd my-mercurial-project</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	133	<computeroutput>user@my-workstation:~/my-mercurial-project$ </computeroutput><userinput>hg clone . ssh://hg@repository-host/repository/name</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	134	<computeroutput>searching for changes
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	135	remote: adding changesets
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	136	remote: adding manifests
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	137	remote: adding file changes
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	138	remote: added 119 changesets with 284 changes to 61 files
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	139	user@my-workstation:~/my-mercurial-project$ </computeroutput><userinput>hg pull ssh://hg@repository-host/repository/name</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	140	<computeroutput>pulling from ssh://hg@repository-host/repository/name
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	141	searching for changes
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	142	no changes found
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	143	user@my-workstation:~/my-mercurial-project$ </computeroutput></screen>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	144	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	145	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	146	<title>Adding other users</title>
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	147	<para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	148	As things stand, no-one but you has any access to any repositories you
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	149	create on this system. In order to give anyone else access, you'll need a
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	150	copy of their SSH public key; we'll assume you have that key in
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	151	<filename>~/other-users-key.pub</filename>. You could give them access by
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	152	logging into <systemitem class="systemname">repository-host</systemitem>,
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	153	putting the key in the right place under <filename
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	154	class='directory'>/etc/mercurial-server/keys</filename>, and re-running
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	155	<userinput>sudo -u hg /usr/share/mercurial-server/refresh-auth</userinput>.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	156	However, there's a more convenient way.
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	157	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	158	<screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	159	<computeroutput>user@my-workstation:~/my-mercurial-project$ </computeroutput><userinput>cd ..</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	160	<computeroutput>user@my-workstation:~$ </computeroutput><userinput>hg clone ssh://hg@repository-host/hgadmin</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	161	<computeroutput>destination directory: hgadmin
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	162	no changes found
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	163	updating working directory
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	164	0 files updated, 0 files merged, 0 files removed, 0 files unresolved
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	165	user@my-workstation:~$ </computeroutput><userinput>cd hgadmin</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	166	<computeroutput>user@my-workstation:~/hgadmin$ </computeroutput><userinput>mkdir -p keys/users/other-user</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	167	<computeroutput>user@my-workstation:~/hgadmin$ </computeroutput><userinput>cp ~/other-users-key.pub keys/users/other-user/their-workstation</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	168	<computeroutput>user@my-workstation:~/hgadmin$ </computeroutput><userinput>hg add</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	169	<computeroutput>adding keys/users/other-user/their-workstation
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	170	user@my-workstation:~/hgadmin$ </computeroutput><userinput>hg commit -m "Add other user"</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	171	<computeroutput>user@my-workstation:~/hgadmin$ </computeroutput><userinput>hg push</userinput>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	172	<computeroutput>pushing to ssh://hg@repository-host/hgadmin
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	173	searching for changes
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	174	remote: adding changesets
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	175	remote: adding manifests
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	176	remote: adding file changes
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	177	remote: added 1 changesets with 1 changes to 1 files
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	178	user@my-workstation:~/hgadmin$ </computeroutput></screen>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	179	<para>
120 16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	180	The new user can now read and write to your
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	181	<literal>ssh://hg@repository-host/repository/name</literal> repository.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	182	Most other changes to access control can be made simply by making and
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	183	pushing changes to <literal>hgadmin</literal>, and you can use Mercurial to
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	184	cooperate with other root users in the normal way.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	185	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	186	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	187	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	188	<title>Basic access control</title>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	189	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	190	Out of the box, mercurial-server supports two kinds of users: "root" users and normal users. If you followed the steps above, you are a "root" user because your key is under <filename class='directory'>keys/root</filename>, while the other user you gave access to is a normal user since their key is under <filename class='directory'>keys/users</filename>. Keys that are not in either of these directories will by default have no access to anything.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	191	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	192	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	193	Root users can edit <literal>hgadmin</literal>, create new repositories and read and write to existing ones. Normal users cannot access <literal>hgadmin</literal> or create new repositories, but they can read and write to any other repository. This is only the default configuration; for more advanced configuration read <xref linkend="accesscontrol"/>.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	194	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	195	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	196	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	197	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	198	<title>How mercurial-server works</title>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	199	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	200	All of the repositories controlled by mercurial-server are owned by a
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	201	single user, the <literal>hg</literal> user, which is why all URLs for
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	202	mercurial-server repositories start with <literal>ssh://hg@...</literal>.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	203	Each SSH key that has access to the repository has an entry in
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	204	<filename>~hg/.ssh/authorized_keys</filename>; this is how the SSH daemon
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	205	knows to give that key access. When the user connects over SSH, their
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	206	commands are run in a specially crafted restricted shell; this shell knows
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	207	which key was used to connect, determines what the user is trying to do,
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	208	and checks the access rules to decide whether to allow it.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	209	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	210	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	211	This restricted shell also ensures that certain Mercurial extensions are
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	212	loaded when the user acts on a repository; these extensions check the
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	213	access control rules for any changeset that the user tries to commit, and
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	214	log all pushes and pulls into a per-repository access log.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	215	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	216	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	217	<command>refresh-auth</command> recurses through the <filename
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	218	class='directory'>/etc/mercurial-server/keys</filename> and the <filename
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	219	class='directory'>keys</filename> directory in the
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	220	<literal>hgadmin</literal> repository, creating an entry in
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	221	<filename>~hg/.ssh/authorized_keys</filename> for each one. This is redone
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	222	automatically whenever a change is pushed to <literal>hgadmin</literal>.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	223	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	224	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	225	<section id="accesscontrol">
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	226	<title>Access control</title>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	227	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	228	mercurial-server offers much more fine-grained access control than this division into two classes of users. Let's suppose you wish to give Pat access to the <literal>widget</literal> repository, but no other. We first copy Pat's SSH public key into the <filename
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	229	class='directory'>keys/widget/pat</filename> directory in <literal>hgadmin</literal>. Now mercurial-server knows about Pat's key, but will give Pat no access to anything because the key is not under either <filename
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	230	class='directory'>keys/root</filename> or <filename
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	231	class='directory'>keys/users</filename>. To grant this key access, we must give mercurial-server a new access rule, so we create a file in <literal>hgadmin</literal> called <filename>access.conf</filename>, with the following contents:</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	232	<programlisting>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	233	write repo=widget user=widget/**
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	234	</programlisting>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	235	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	236	Pat will have read and write access as soon as we add, commit, and push these files.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	237	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	238	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	239	Each line of access.conf has the following syntax:
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	240	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	241	<programlisting>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	242	<replaceable>rule</replaceable> <replaceable>condition</replaceable> <replaceable>condition...</replaceable>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	243	</programlisting>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	244	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	245	Blank lines and lines that start with <literal>#</literal> are ignored. Rule is one of
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	246	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	247	<itemizedlist>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	248	<listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	249	<literal>init</literal>: allow reads, writes, and the creation of new repositories
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	250	</listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	251	<listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	252	<literal>write</literal>: allow reads and writes
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	253	</listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	254	<listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	255	<literal>read</literal>: allow only read operations
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	256	</listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	257	<listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	258	<literal>deny</literal>: deny all requests
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	259	</listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	260	</itemizedlist>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	261	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	262	When considering a request, mercurial-server steps through all the rules in <filename>/etc/mercurial-server/access.conf</filename> and then all the rules in <filename>access.conf</filename> in <literal>hgadmin</literal> looking for a rule which matches on every condition. If it does not find such a rule, it denies the request; otherwise it checks whether the rule grants sufficient privilege to allow it.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	263	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	264	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	265	By default, <filename>/etc/mercurial-server/access.conf</filename> has the following rules:
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	266	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	267	<programlisting>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	268	init user=root/**
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	269	deny repo=hgadmin
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	270	write user=users/**
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	271	</programlisting>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	272	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	273	These rules ensure that root users can do any operation on any repository, that no other users can access the <literal>hgadmin</literal> repository, and that those with keys in <filename class='directory'>keys/users</filename> can read or write to any repository but not create repositories.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	274	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	275	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	276	A condition is a globpattern matched against a relative path. The two most
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	277	important conditions are
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	278	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	279	<itemizedlist>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	280	<listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	281	<code><literal>user=</literal><replaceable>globpattern</replaceable></code>: path to the user's key
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	282	</listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	283	<listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	284	<code><literal>repo=</literal><replaceable>globpattern</replaceable></code>: path to the repository
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	285	</listitem>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	286	</itemizedlist>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	287	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	288	"" only matches one directory level, where "*" matches as many as you
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	289	want. More precisely, "*" matches zero or more characters not including "/"
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	290	while "**" matches zero or more characters including "/".
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	291	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	292	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	293	<title>File conditions</title>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	294	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	295	Here be dragons...
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	296	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	297	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	298	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	299	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	300	<title>Security</title>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	301	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	302	mercurial-server relies entirely on sshd to grant access to remote users.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	303	As a result, it runs no daemons, installs no setuid programs, and no part
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	304	of it runs as root except the install process: all programs run as the user
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	305	hg. And any attack on mercurial-server can only be started if the Bad Guys
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	306	already have a public key in <filename>~hg/.ssh/authorized_keys</filename>,
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	307	otherwise sshd will bar the way.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	308	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	309	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	310	No matter what command the user tries to run on the remote system via SSH,
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	311	mercurial-server is run. It parses the command line the user asked for, and
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	312	interprets and runs the corresponding hg operation itself if access is
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	313	allowed, so users can only read and add to history within repositories;
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	314	they cannot run any other hg command. In addition, every push and pull is
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	315	logged with a datestamp, changeset ID and the key that performed the
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	316	operation.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	317	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	318	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	319	However, while the first paragraph holds no matter what bugs
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	320	mercurial-server contains, the second depends on the relevant code being
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	321	correct; though the entire codebase is short, mercurial-server is a fairly
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	322	new program and may harbour bugs. Backups are essential!
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	323	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	324	</section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	325	<section>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	326	<title>Thanks</title>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	327	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	328	Thanks for reading this far. If you use mercurial-server, please tell me about
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	329	it.
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	330	</para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	331	<para>
16056a9015f3 Huge update to docbook docs Paul Crowley <paul@lshift.net> parents: 119 diff changeset	332	Paul Crowley, <email>paul@lshift.net</email>, 2009
119 40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	333	</para>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	334	</section>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	335	</article>
40a287c95661 Start work on a docbook manual Paul Crowley <paul@lshift.net> parents: diff changeset	336

author	Paul Crowley <paul@lshift.net>
	Wed, 14 Oct 2009 14:29:39 +0100
changeset 120	16056a9015f3
parent 119	40a287c95661
child 121	62185dc7d0c9
permissions	-rw-r--r--