mercurial-server: comparison README

equal deleted inserted replaced

-:fcb20d7593e6
+:f23736ad66bc
 are authenticated only using SSH keys; no other form of authentication is
 supported.
 To give a user access to the repository, place their key in an
 appropriately-named subdirectory of "/etc/mercurial-server/keys" and run
-"/etc/mercurial-server/refresh-auth". You can then control what access they
+"/usr/local/lib/mercurial-server/refresh-auth". You can then control what
-have to what repositories by editing the control file
+access they have to what repositories by editing the control file
-"/etc/mercurial-server/access.conf", which can match the names of these
+"/etc/mercurial-server/access.conf", which can match the names of these keys
-keys against a glob pattern.
+against a glob pattern.
 For convenient remote control of access, you can instead (if you have the
 privileges) make changes to a special repository called "hgadmin", which
 contains its own "access.conf" file and "keys" directory. Changes pushed to
 this repository take effect immediately. The two "access.conf" files are
 Place your SSH public key in the directory "/etc/mercurial-server/keys/root".
 I suggest creating yourself a directory and naming the key after your hostname
 (ie the file is called something like
 "/etc/mercurial-server/keys/root/yourname/yourhostname") so that you can
 easily manage users who have a different key on each host they use. Then run
-"/etc/mercurial-server/refresh-auth".
+"/usr/local/lib/mercurial-server/refresh-auth".
 The repository is now ready to use, and you are now the sole user able to
 change and create repositories on this repository host.
 CREATING REPOSITORIES
 mercurial-server). You can add other root users by putting their keys next to
 yours, or you can make less privileged users by putting their keys in the
 "keys/users" subdirectory - these users will be able to read and write to any
 repository (except one - see below) but will not be able to create new
 repositories. As always, when you change "/etc/mercurial-server/keys" you need
-to re-run "/etc/mercurial-server/refresh-auth".
+to re-run "/usr/local/lib/mercurial-server/refresh-auth".
 LOGGING
 Every push and pull is logged with the key used: see the file .hg/serve-log in
 each repository.
 When a developer attempts to connect to a repository via ssh, the SSH daemon
 searches for a match for that user's key in ~hg/.ssh/authorized_keys. If the
 developer is authorised to connect to the repository they will have an entry
 in this file. The entry includes a "command" prefix which specifies that the
-restricted shell should be used; this shell is passed an argument identifying
+restricted shell "/usr/local/lib/mercurial-server/hg-ssh" should be used; this
-the developer. The shell parses the command the developer is trying to
+shell is passed an argument identifying the developer. The shell parses the
-execute, and consults a rules file to see if that developer is allowed to
+command the developer is trying to execute, and consults a rules file to see
-perform that action on that repository. The bulk of the work of the restricted
+if that developer is allowed to perform that action on that repository.
-shell is done by the Python program "hg-ssh", but the shell script
-"hg-ssh-wrapper" sets up some configuration so that you can change it to suit
-your local installation.
 The file ~hg/.ssh/authorized_keys is generated by "refresh-auth", which
 recurses through two directories of files containing SSH keys and generates an
 entry in authorized_keys for each one, using the name of the key file as the
 identifier for the developer. These keys will live in the "keys" subdirectory

changeset 81	f23736ad66bc
parent 66	2f0ea1163b9e
child 82	7369ff737684