[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] Re: savannah shell access?
|
From: |
Sylvain Beucler |
|
Subject: |
Re: [Savannah-hackers-public] Re: savannah shell access? |
|
Date: |
Sat, 6 Jan 2007 15:11:19 +0100 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On Sat, Jan 06, 2007 at 02:01:59PM +0100, Jim Meyering wrote:
> Sylvain Beucler <address@hidden> wrote:
> ...
> >> In order to set up a git->cvs mirror, I need to maintain a
> >> cvs-checked-out copy of the coreutils module (eventually gnulib, too).
> >> It must be accessible by the git update hook, to be used whenever
> >> someone does a "git-push" to sv.gnu.org.
> >>
> >> For now, I'm using /var/tmp/git-to-cvs, but it's trivial to change.
> >
> > I think that depends how your hooks depend on it:
> >
> > - if they recreate it as needed, /var/tmp sound good. Maybe /tmp is
> > better because it's in ramfs
> >
> > - if they can't recreate it, maybe we need to place it somewhere that
> > is backed-up (/var/lib/git/sthing),
>
> It's easy to recreate. Just check out from cvs.
>
> The hook could theoretically check out a copy of the cvs module for each
> git push, apply and commit the pushed change sets, and then remove it
> when done. However, I've preferred to maintain a clean, checked-out
> directory in a known location and use that. Far less overhead.
>
> > - or maybe we need to recreate/repopulate the directories at boot time
> > (like the cvs locks dirs)
I agree the working copy should not be created and deleted each time
for efficiency.
>From a security pov, there's a place where people need to put their
files so that other projects/hooks cannot alter them. So I think the
working directories (at least the top-level directory) need to be
pre-created.
FHS doesn't garantee that files in /var/tmp so following this view
this means pre-created dirs need to be placed in /var/lib.
Thus /var/lib/git/cvs-to-git/ and /var/lib/git/cvs-to-git/projectname
would need to be created at project creation time.
Maybe this security is too tight and cumbersome. If there's no risk
when a project messes another project's working copy or pre-creates it
with different permissions, then we can use something like /var/lock
(1777) and let the hook create git-to-cvs/ and git-to-cvs/project on
the fly when missing. In which case /var/tmp would be a good location.
That's the 2 solutions I see. Do you think there's a risk with the
first one? Since this can be a reusable setup, assume users may have
local access.
--
Sylvain
- Re: [Savannah-hackers-public] Re: savannah shell access?, Sylvain Beucler, 2007/01/01
- Re: [Savannah-hackers-public] Re: savannah shell access?, Sylvain Beucler, 2007/01/04
- Re: [Savannah-hackers-public] Re: savannah shell access?, Jim Meyering, 2007/01/05
- Re: [Savannah-hackers-public] Re: savannah shell access?, Sylvain Beucler, 2007/01/05
- Re: [Savannah-hackers-public] Re: savannah shell access?, Jim Meyering, 2007/01/06
- Re: [Savannah-hackers-public] Re: savannah shell access?, Sylvain Beucler, 2007/01/06
- Re: [Savannah-hackers-public] Re: savannah shell access?, Jim Meyering, 2007/01/06
- Re: [Savannah-hackers-public] Re: savannah shell access?,
Sylvain Beucler <=
- Re: [Savannah-hackers-public] Re: savannah shell access?, Sylvain Beucler, 2007/01/06
- [Savannah-hackers-public] git-to-cvs for coreutils, Jim Meyering, 2007/01/06
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Sylvain Beucler, 2007/01/07
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Jim Meyering, 2007/01/08
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Sylvain Beucler, 2007/01/08
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Jim Meyering, 2007/01/08
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Sylvain Beucler, 2007/01/08
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Sylvain Beucler, 2007/01/11
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Jim Meyering, 2007/01/11
- Re: [Savannah-hackers-public] git-to-cvs for coreutils, Sylvain Beucler, 2007/01/11