more README fixes
authorPaul Crowley <paul@ciphergoth.org>
Fri, 18 Apr 2008 09:13:37 +0100
changeset 13 1206ed37090a
parent 12 834426fcbada
child 14 e7d5254cd0ca
more README fixes
README
--- a/README	Thu Apr 17 17:34:07 2008 +0100
+++ b/README	Fri Apr 18 09:13:37 2008 +0100
@@ -1,4 +1,4 @@
-hg-admin-tools version 0.1
+hg-admin-tools
 
 A set of tools for managing authorization and access control for
 ssh-based Mercurial repositories
@@ -50,7 +50,7 @@
 this repository re-runs "refresh-auth" on the most recent version
 after every push.
 
-INSTRUCTIONS FOR USE
+GETTING STARTED
 
 This is only one setup - it can be tweaked in many ways, and is as
 specific as it is only in the interests of brevity.
@@ -70,17 +70,19 @@
 Issue these commands to become the hg user and set up the repository.
 Use your own name in place of "myname".
 
+   ssh-add -L >> /tmp/my-ssh-public-key
    sudo -u hg -s
    cd ~hg
    mkdir -p admin repos/hgadmin/keys/admin
    cd admin
-   tar xvzf /tmp/hg-admin-tools.tar.gz
-   mv hg-admin-tools* hg-admin-tools
+   hg clone http://hg.opensource.lshift.net/hg-admin-tools
    cp hg-admin-tools/hg-ssh-wrapper ~
    cd ../repos/hgadmin
    hg init .
    echo "init admin/* *" > hg-ssh-access.conf
    cp /tmp/my-ssh-public-key keys/admin/myname
+   hg add
+   hg commit
    cp ~/admin/hg-admin-tools/hgadmin-hgrc .hg/hgrc
    ../../admin/hg-admin-tools/refresh-auth
    exit
@@ -96,7 +98,9 @@
 You can now add other users by putting their keys in an appropriate
 subdirectory of the "keys" directory, and control their access by
 editing hg-ssh-access.conf.  Changes will take effect as soon as you
-push them to the remote ssh server.
+push them to the remote repository.
+
+HG-SSH-ACCESS.CONF
 
 Each line of hg-ssh-access.conf has the following syntax:
 
@@ -108,5 +112,7 @@
 "repositorypattern" is a pattern matched againt the repository name -
 so "hgadmin" matches "*".  Only boring characters are allowed in
 patterns and key and repository names - see the source for details.
-Blank lines and lines that start with "#" are ignored.
-
+Blank lines and lines that start with "#" are ignored.  The first rule
+to match both the key and the repository applies: "deny" will deny all
+matching requests, "allow" allows read/write access to existing
+repositories, and "init" allows that and creation of new repositories.