hg-ssh-wrapper
author Paul Crowley <paul@lshift.net>
Wed, 16 Apr 2008 12:43:21 +0100
changeset 4 dcd195f3e52c
parent 0 41ecb5a3172c
child 8 1efc50c61a26
permissions -rwxr-xr-x
move config out of Python files; don't make hg-ssh-wrapper a dotfile; update documentation.

#!/bin/sh

# This file needs to be saved as ~/hg-ssh-wrapper for the user whose ~/.ssh/authorized_keys file
# is rewritten by refresh-auth.  It expects to be specified as the target of the "command" section
# in the prefix of a key in the authorized_keys file, and be passed a name associated with an
# ssh key as its only argument.  It does some setting up before calling hg-ssh, which does the real
# work of deciding whether to allow the users action based on the type of the action, the key name,
# and the contents of the specified rules file.

# If your repository is laid out differently you may need to modify this file.

set -e
cd repos
# Set up this environment variable - useful for hg hooks to check.
HG_ACL_USER=$1
export HG_ACL_USER
../admin/hg-admin-tools/hg-ssh hgadmin/hg-ssh-access.conf "$@"