Using bzr in a centralized, controlled fashion

Maritza Mendez martitzam at gmail.com
Sun Oct 25 23:55:41 GMT 2009 

I struggled with the same (or at least very similar) set of questions.
 I even set up ssh and the bzr smarterserver as services on Windows
before I realized that I could accomplish everything I needed with NT
share permissions.  (Note that if your users authenticate via a Domain
Server setting up ssh is more work than most FAQs say.). If you can
provide access to remote users via shares...or possibly a VPN...things
are very simple to set up and easier to administer.  My IT guy is also
much happier now.  YMMV.

~M

On 10/25/09, Michael B. Trausch <mbt at zest.trausch.us> wrote:
> I have a client that wants to use bzr in the following manner:
>
>  * There is a dedicated storage area on the server for storing shared
>    repositories (/srv/bzr) and projects/branches are stored using the
>    convention /srv/bzr/$PROJECT_NAME/$BRANCH_NAME.
>
>  * This dedicated storage area should be read/write to a bzr smart
>    server, and users should have no direct access (read or write) to
>    the repositories.
>
>  * The repositories contain private software, and should only be
>    accessible by people based on their credentials.
>
> My thought was to use bzr+ssh.  However, I'm not sure how that would
> work for multiple users.  If you have users "a" and "b" on the system,
> and they both can write to /srv/bzr/privateProject/trunk (or anything
> else, for that matter) in terms of policy, how does that map into the
> way bzr works?  AIUI, the smart server runs with the UID and privileges
> of the calling user, so the resulting new files and the like would be
> owned by that user.  What I'd like is the ability for bzr to run as its
> own user, say even just "bzr", and it be the only thing that has access
> to these things.
>
> I suppose what I'm looking for is really a smart server with
> authentication and authorization capability, but I don't think that is
> available yet, is it?
>
> 	--- Mike
>
> --
> Blog:  http://mike.trausch.us/blog/
> Misc. Software:  http://mike.trausch.us/software/
>
> “The greater danger for most of us lies not in setting our aim too
> high and falling short; but in setting our aim too low, and achieving
> our mark.” —Michelangelo
>
>

More information about the bazaar mailing list