Mercurial Mercurial > hg > mercurial-server / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
doc/how-it-works
branchdebian
changeset 172 5dd3698fad54
parent 118 107906bfe2c6
parent 171 7b69d1d86254
child 174 f141a4b9d5a9 
--- a/doc/how-it-works	Tue Oct 13 18:32:26 2009 +0100
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,24 +0,0 @@
-HOW IT WORKS
-
-When a developer attempts to connect to a repository via ssh, the SSH
-daemon searches for a match for that user's key in
-~hg/.ssh/authorized_keys. If the developer is authorised to connect to the
-repository they will have an entry in this file. The entry includes a
-"command" prefix which specifies that the restricted shell
-"/usr/local/share/mercurial-server/hg-ssh" should be used; this shell is
-passed an argument identifying the developer. The shell parses the command
-the developer is trying to execute, and consults a rules file to see if
-that developer is allowed to perform that action on that repository.
-
-The file ~hg/.ssh/authorized_keys is generated by "refresh-auth", which
-recurses through two directories of files containing SSH keys and generates
-an entry in authorized_keys for each one, using the name of the key file as
-the identifier for the developer. These keys will live in the "keys"
-subdirectory "/etc/mercurial-server" and the "keys" subdirectory of a
-repository called "hgadmin". A hook in this repository re-runs
-"refresh-auth" on the most recent version after every push.
-
-When users try to commit new changesets, a hook is run which consults the
-rules file to decide whether to allow the changeset into the repository.
-This can depend not only on the user and the repository, but also the
-branch and files in the changeset.
mercurial-server