ssh + svn - pam
Kenny Lussier
klussier at gmail.com
Fri Jul 8 18:20:04 EDT 2011
On Fri, Jul 8, 2011 at 7:38 AM, Cole Tuininga <colet at code-energy.com> wrote:
> On 7/7/11 5:04 PM, Kenny Lussier wrote:
>> What I need to do is make it so that certain users can check in and
>> out, but the server that the repositories resides on needs to be
>> locked down, and these users can't have accounts on it. I was
>> contemplating having local accounts with a shell of /dev/null, but I
>> wanted to ask the group what peoples thoughts on the best practices
>> are for this sort of scenario.
>
> This kinda goes against what you've specified (doing it over ssh), but
> is webdav an option for you? Going that route, I believe it can be set
> up without requiring user accounts...
I really don't know if webdav is an option. The whole story is that
the SVN repo is going to be the back end for a puppet setup. People
will check files into the svn repo, then puppet will check them out
and push them. We need people to be able to check files in, but we
don't want to give them to have local accounts. It's like a roach
motel for configurations.
There are several ways to give them local accounts and disallow
logins, I know, but I would rather have the box be an island, and of
course, encrypt the transport.
Thanks,
Kenny
More information about the gnhlug-discuss
mailing list