=== KombuchaKip1 is now known as KombuchaKip
[01:02] <peitschie> mornin everyone :)
=== kgoetz is now known as Kamping_Kaiser
=== Meths_ is now known as Meths
[14:47] <_spm_Draget> I have setup sftp on my server. Since configuring all rights is possible but prone to errors, I have the sftp-only user chrooted to directory X which is currently his homedirectory. Now, the bzr repository has to be under X for him to access. Symlinks do not work. But if others want to use it, they need to be able to access X too. Basically meaning I need the same chroot folder for all people using the repo.
[14:48] <_spm_Draget> Or I have just one dedicated user that is for accessing that one bzr repositories and all teammembers share the same user/password.
[14:48] <_spm_Draget> CAn anyone think of a more elegant solution?
[15:35] <fullermd> If symlinks broke a chroot, it would kinda defeat the purpose   8-}
[15:47] <_spm_Draget> Yeah, I know :P
[15:48] <_spm_Draget> But I have configured webdav and sftp... sftp giving me a headache to make a flexibe authentification system on a shared repository as I explained above and webdav only working as an addition plugin that is not available some large distributions =(
[15:53] <fullermd> Well, if you need multiple people to access something, they all need access to it.  That means they need to not chroot somewhere that doesn't contain it.  Not really a shortcut to that...
[16:12] <_spm_Draget> fullermd: I thought about it... but using a shared chroot would break the concept of home-folder... I would have to chroot them to /srv or /srv/bzr… ofcourse all other /srv services have the appropiate userrights but I am still not completly happy with this. Hmm… ssh allows public key infrastructure. I never tried it, but maybe I can generate key for all users and if I want to disallow access I can block single keys, instead of
[16:12] <_spm_Draget> having to change the password.
[16:30] <vila> _spm_Draget: yup, that's the way to go
[16:30] <vila> _spm_Draget: and disallow password for the login
[19:53] <gthorslund> vila: thx for fix in 661490. I somehow thought it was the >= instead of <= first, but got confused trying to understand how versions was supposed to be compared.
[20:23] <vila> gthorslund: np, obviously this haven't been tested for a long time :-/ So, kudos for raising the issue !
[20:29] <gthorslund> vila: I actually tried it since I wanted to test 539937. revno 75 said it fixed some issue like that.
[20:30] <vila> gthorslund: yeah, I wondered about that too, but I don't use the plugin myself, so I just fixed the obvious
[20:30] <vila> gthorslund: so any light you can shed on the subject will certainly be appreciated
[20:37] <fullermd> Phew.  Finally got my website rework done and live.  It only took a year.
[20:37]  * fullermd scratches off one more thing that used to be in CVS...
[20:41] <vila> fullermd: that still leave this ftp server...
[20:41]  * fullermd notes that he does NOT run ftpd   :p
[20:42] <vila> they all say that
[20:42] <fullermd> Oh, not true.  Some of them say "Why yes, I am running ft...   AAUGH!  Why are you stabbing me??  *sputter*  *bleed*"
[20:49] <vila> Haaaaaa, 10 not 11 and the Ubuntu font becomes so more enjoyable....
[20:51] <vila> fullermd: yeah, there is still a lot of  education to be done to fully switch to ssh... Generating and handling keys is still seen as arcane...
[20:52] <fullermd> Let 'em use passwords.  That's fine.
[20:52] <fullermd> Heck, let 'em use TFTP, come to that.  I just want to kill FTP, burn the body, eat the ashes, crap them into a shallow grave, and dance on it.  Is that so much to ask?
[20:52] <vila> certainly not :)
[20:53]  * vila takes some distance just in case :)
[20:55] <fullermd> 'till then, I'll just sit around watching my web log to see what I broke in redoing everything.  Great excitement...
[20:56] <vila> hehe