--- a/doc/PLAN	Fri Mar 06 13:30:37 2009 +0000
+++ b/doc/PLAN	Fri Mar 06 13:41:30 2009 +0000
@@ -10,10 +10,10 @@
 - give that module a hook, and call the hook instead of the exe
 - abolish refresh-auth shell script and rename do-refresh-auth to refresh-auth
 - replace env vars with Python globals
+- change refresh-auth to refer to hg-ssh directly, abolish hg-ssh-wrapper
 
 Todo:
 
-- change refresh-auth to refer to hg-ssh directly, abolish hg-ssh-wrapper
 - add comment check and -f flag to refresh-auth
 - change install script to a Python script, abolishing hginit
 

--- a/install	Fri Mar 06 13:30:37 2009 +0000
+++ b/install	Fri Mar 06 13:41:30 2009 +0000
@@ -21,8 +21,6 @@
 install -o root -g root -t /usr/local/lib/mercurial-server/init -m 644 \
     src/init/hgadmin-hgrc
 install -o root -g root -d /etc/mercurial-server
-install -o root -g root -t /etc/mercurial-server \
-    src/init/conf/hg-ssh-wrapper 
 install -o root -g root -t /etc/mercurial-server -m 644 \
     src/init/conf/remote-hgrc \
     src/init/conf/access.conf

--- a/src/hg-ssh	Fri Mar 06 13:30:37 2009 +0000
+++ b/src/hg-ssh	Fri Mar 06 13:41:30 2009 +0000
@@ -70,6 +70,7 @@
     fail("hg-ssh must have exactly one argument (%s)" 
         % sys.argv)
 
+paths.setExePath()
 ruleset.rules.set(user = sys.argv[1])
 
 # Use a different hgrc for remote pulls - this way you can set

--- a/src/init/conf/hg-ssh-wrapper	Fri Mar 06 13:30:37 2009 +0000
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,10 +0,0 @@
-#!/bin/sh
-# Copyright 2008-2009 LShift Ltd
-
-# This file should live in /etc/mercurial-server.  It expects
-# to be specified as the target of the "command" section in the prefix
-# of a key in the authorized_keys file, and be passed a name associated
-# with an ssh key as its only argument.
-
-set -e
-exec /usr/local/lib/mercurial-server/hg-ssh $1

--- a/src/mercurialserver/paths.py	Fri Mar 06 13:30:37 2009 +0000
+++ b/src/mercurialserver/paths.py	Fri Mar 06 13:41:30 2009 +0000
@@ -2,5 +2,15 @@
 
 # Crude but it will do
 
+import sys
+import os.path
+
+def setExePath():
+    global _exePath
+    _exePath = os.path.dirname(os.path.abspath(sys.argv[0]))
+
+def getExePath():
+    return _exePath
+
 def getEtcPath():
     return "/etc/mercurial-server"

--- a/src/mercurialserver/refreshauth.py	Fri Mar 06 13:30:37 2009 +0000
+++ b/src/mercurialserver/refreshauth.py	Fri Mar 06 13:41:30 2009 +0000
@@ -19,7 +19,7 @@
         print >>sys.stderr, "Must be run as the 'hg' user"
 
     akeyfile = pentry.pw_dir + "/.ssh/authorized_keys"
-    wrappercommand = paths.getEtcPath() + "/hg-ssh-wrapper"
+    wrappercommand = paths.getExePath() + "/hg-ssh"
     keydirs = [paths.getEtcPath() + "/keys", pentry.pw_dir + "/repos/hgadmin/keys"]
     prefix='no-pty,no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command='
 

--- a/src/refresh-auth	Fri Mar 06 13:30:37 2009 +0000
+++ b/src/refresh-auth	Fri Mar 06 13:41:30 2009 +0000
@@ -7,10 +7,12 @@
 # WARNING
 
 import sys
-from mercurialserver import refreshauth
+from mercurialserver import refreshauth, paths
 
 if len(sys.argv) != 1:
     sys.stderr.write("refresh-auth: must be called with no arguments (%s)\n" % sys.argv)
     sys.exit(-1)
 
+paths.setExePath()
+
 refreshauth.refreshAuth()