--- a/README Tue Apr 22 12:55:56 2008 +0100
+++ b/README Tue Apr 22 13:03:17 2008 +0100
@@ -132,6 +132,7 @@
user=<globpattern> - user's key
repo=<globpattern> - repo (as the user supplies it)
file=<globpattern> - file in the repo
+branch=<globpattern> - name of the branch
The first rule in the file which has all its conditions satisfied is
used to determine whether an action is allowed.
@@ -145,10 +146,11 @@
FILE CONDITIONS
-The rules file is used to make three decisions:
+The rules file is used to make four decisions:
- Whether to allow a repository to be created
- Whether to allow access to a repository
+- Whether to allow a changeset on a particular branch at all
- Whether to allow a changeset to change a particular file
When the first two of these decisions are being made, nothing is known
@@ -172,6 +174,18 @@
- For similar reasons, don't give "init" rules file conditions.
+LOCKING YOURSELF OUT
+
+If you find yourself "locked out" - that is, that you no longer have
+the permissions needed in hgadmin - you can break back in again if
+you're able to become the "hg" user on the repository host. Once you
+are that user, delete ~hg/.ssh/authorized_keys (to stop any user who
+might have access but shouldn't from using the repository while you
+fix things). Then go into ~hg/repos/hgadmin, do an "hg update", edit
+things to your satisfaction, and commit the change. Finally, run
+~/admin/hg-admin-tools/refresh-auth to regenerate
+~hg/.ssh/authorized_keys.
+
THANKS
Thanks for reading this far. If you use hg-admin-tools, please tell