diff -r fc5b8fc1040e -r fd7ebe95d8e5 doc/manual.docbook --- a/doc/manual.docbook Wed Oct 14 15:25:56 2009 +0100 +++ b/doc/manual.docbook Wed Oct 14 15:28:33 2009 +0100 @@ -195,34 +195,6 @@ -
-How mercurial-server works - -All of the repositories controlled by mercurial-server are owned by a -single user, the hg user, which is why all URLs for -mercurial-server repositories start with ssh://hg@.... -Each SSH key that has access to the repository has an entry in -~hg/.ssh/authorized_keys; this is how the SSH daemon -knows to give that key access. When the user connects over SSH, their -commands are run in a specially crafted restricted shell; this shell knows -which key was used to connect, determines what the user is trying to do, -and checks the access rules to decide whether to allow it. - - -This restricted shell also ensures that certain Mercurial extensions are -loaded when the user acts on a repository; these extensions check the -access control rules for any changeset that the user tries to commit, and -log all pushes and pulls into a per-repository access log. - - -refresh-auth recurses through the /etc/mercurial-server/keys and the keys directory in the -hgadmin repository, creating an entry in -~hg/.ssh/authorized_keys for each one. This is redone -automatically whenever a change is pushed to hgadmin. - -
Access control @@ -422,6 +394,34 @@
+How mercurial-server works + +All of the repositories controlled by mercurial-server are owned by a +single user, the hg user, which is why all URLs for +mercurial-server repositories start with ssh://hg@.... +Each SSH key that has access to the repository has an entry in +~hg/.ssh/authorized_keys; this is how the SSH daemon +knows to give that key access. When the user connects over SSH, their +commands are run in a specially crafted restricted shell; this shell knows +which key was used to connect, determines what the user is trying to do, +and checks the access rules to decide whether to allow it. + + +This restricted shell also ensures that certain Mercurial extensions are +loaded when the user acts on a repository; these extensions check the +access control rules for any changeset that the user tries to commit, and +log all pushes and pulls into a per-repository access log. + + +refresh-auth recurses through the /etc/mercurial-server/keys and the keys directory in the +hgadmin repository, creating an entry in +~hg/.ssh/authorized_keys for each one. This is redone +automatically whenever a change is pushed to hgadmin. + +
+
Security mercurial-server relies entirely on sshd to grant access to remote users.