src/init/conf/hg-ssh-wrapper
changeset 34 4b5ca59fe3b7
parent 31 d54720d47ca2
child 36 b3237aabd0fe
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/init/conf/hg-ssh-wrapper	Mon Jun 16 17:17:29 2008 +0100
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+# This file should live in /etc/hg-admin-tools.  It expects
+# to be specified as the target of the "command" section in the prefix
+# of a key in the authorized_keys file, and be passed a name associated
+# with an ssh key as its only argument.  It does some setting up before
+# calling hg-ssh, which does the real work of deciding whether to allow
+# the users action based on the type of the action, the key name, and
+# the contents of the specified rules file.
+
+# If your repository is laid out differently you may need to modify
+# this file.
+
+set -e
+
+# Use a different hgrc for remote pulls - this way you can set
+# up access.py for everything at once without affecting local operations
+
+HGRCPATH=/etc/hg-admin-tools/remote-hgrc
+export HGRCPATH
+
+# Set up this environment variable - useful for hg hooks to check.
+REMOTE_USER=$1
+export REMOTE_USER
+
+cd repos
+HG_ACCESS_RULES_FILE=$(pwd)/hgadmin/hg-ssh-access.conf
+export HG_ACCESS_RULES_FILE
+exec /usr/local/lib/hg-admin-tools/hg-ssh
+