bazaar.conf - decisions

Robert Collins robertc at robertcollins.net
Mon Oct 10 09:57:00 BST 2005


So, this week I plan to be hacking on GPG support, which will need a
local policy for saying 'please check signatures on signed branches' or
'please expect branch X to always be signed' etc.

So we talked about a config file a while back. heres a strawman for it:

~/.bazaar/bazaar.conf
====
[DEFAULT]
email=Robert Collins <robertc at robertcollins.net>
editor=vim
gpg_signing_command=gnome-gpg

# other sections may be put here in future.
====

~/.bazaar/branches.conf
====
# default behaviour is to check things that look signed
#
# force off signing on my local corporate stuff
[source/canonical/]
# the above is a relative URL to $HOME
# the trailing slash tells bzr it should apply this policy to everything
# under /source/canonical
check_signatures=never-check

[sftp://chinstrap/]
# but I should verify everything I am pulling locally
check_signatures=must-be-signed

[source/canonical/3rdparty/external/project]
# this is an exact spec - subtrees will not be affected,
# and .../project will override all parent policies
# This project does not use signatures
check_signatures=automatic
====

branches.conf and bazaar.conf may be written to by bzr, using atomicfile
for reliability. We need a local policy for gpg, because otherwise there
is a glaring hole in the system - a remote attacker can just strip
signatures. Other things, like a prefix for where to push to, if you
have a regular layout of your branches, can also go here in future.

Rob

-- 
GPG key available at: <http://www.robertcollins.net/keys.txt>.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/bazaar/attachments/20051010/6daad1d4/attachment.pgp 


More information about the bazaar mailing list