hg-ssh-wrapper
author Paul Crowley <paul@lshift.net>
Fri, 02 May 2008 18:03:42 +0100
changeset 30 98dbde5b13a1
parent 18 538d6b198f4a
child 31 d54720d47ca2
permissions -rwxr-xr-x
refresh-auth now takes ~/.ssh/authorized_keys as an argument, and it checks that it wrote it last time before rewriting it.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
     1
#!/bin/sh
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
     2
10
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
     3
# This file needs to be saved as ~/hg-ssh-wrapper for the user whose
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
     4
# ~/.ssh/authorized_keys file is rewritten by refresh-auth.  It expects
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
     5
# to be specified as the target of the "command" section in the prefix
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
     6
# of a key in the authorized_keys file, and be passed a name associated
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
     7
# with an ssh key as its only argument.  It does some setting up before
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
     8
# calling hg-ssh, which does the real work of deciding whether to allow
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
     9
# the users action based on the type of the action, the key name, and
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
    10
# the contents of the specified rules file.
4
dcd195f3e52c move config out of Python files; don't make hg-ssh-wrapper a dotfile;
Paul Crowley <paul@lshift.net>
parents: 0
diff changeset
    11
10
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
    12
# If your repository is laid out differently you may need to modify
524b4a45ef0a wrap overlong lines
Paul Crowley <paul@lshift.net>
parents: 8
diff changeset
    13
# this file.
4
dcd195f3e52c move config out of Python files; don't make hg-ssh-wrapper a dotfile;
Paul Crowley <paul@lshift.net>
parents: 0
diff changeset
    14
0
41ecb5a3172c separate out executables and data
Paul Crowley <paul@lshift.net>
parents:
diff changeset
    15
set -e
8
1efc50c61a26 improve hg-ssh-wrapper, suggest HGRCPATH trick
Paul Crowley <paul@lshift.net>
parents: 4
diff changeset
    16
1efc50c61a26 improve hg-ssh-wrapper, suggest HGRCPATH trick
Paul Crowley <paul@lshift.net>
parents: 4
diff changeset
    17
# Use a different hgrc for remote pulls - this way you can set
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    18
# up access.py for everything at once without affecting local operations
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    19
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    20
HGRCPATH=$(pwd)/remote-hgrc
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    21
export HGRCPATH
8
1efc50c61a26 improve hg-ssh-wrapper, suggest HGRCPATH trick
Paul Crowley <paul@lshift.net>
parents: 4
diff changeset
    22
4
dcd195f3e52c move config out of Python files; don't make hg-ssh-wrapper a dotfile;
Paul Crowley <paul@lshift.net>
parents: 0
diff changeset
    23
# Set up this environment variable - useful for hg hooks to check.
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    24
REMOTE_USER=$1
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    25
export REMOTE_USER
8
1efc50c61a26 improve hg-ssh-wrapper, suggest HGRCPATH trick
Paul Crowley <paul@lshift.net>
parents: 4
diff changeset
    26
1efc50c61a26 improve hg-ssh-wrapper, suggest HGRCPATH trick
Paul Crowley <paul@lshift.net>
parents: 4
diff changeset
    27
cd repos
18
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    28
HG_ACCESS_RULES_FILE=$(pwd)/hgadmin/hg-ssh-access.conf
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    29
export HG_ACCESS_RULES_FILE
538d6b198f4a Big change to support file conditions; format of hg-ssh-access.conf
Paul Crowley <paul@lshift.net>
parents: 10
diff changeset
    30
exec ../admin/hg-admin-tools/hg-ssh