Re: Git Repository for WITH RECURSIVE and others - Mailing list pgsql-hackers
| From | David Fetter |
|---|---|
| Subject | Re: Git Repository for WITH RECURSIVE and others |
| Date | |
| Msg-id | 20080630142327.GD348@fetter.org Whole thread Raw |
| In response to | Re: Git Repository for WITH RECURSIVE and others (Magnus Hagander <magnus@hagander.net>) |
| Responses |
Re: Git Repository for WITH RECURSIVE and others
Re: Git Repository for WITH RECURSIVE and others |
| List | pgsql-hackers |
On Mon, Jun 30, 2008 at 01:50:26PM +0200, Magnus Hagander wrote: > David Fetter wrote: [gitosis] > > It *would* be good, if the author seemed even vaguely interested > > in packaging up so much as a tarball, but he is not. His attitude > > is (paraphrasing from conversations with him the past few days), > > "it's good enough as a git repository, and everybody who's using > > it is a git administrator, so they should know how to wrangle git > > repositories." While he may someday outgrow this, we really should > > not put him and his attitude in critical paths for our project. > > > > Let's go with git-shell, which is supported and packaged software > > on just about every platform, and stop waiting for Godot^Wgitosis. > > I'm not sure I agree that this is a big problem, but sure, we should > at least consider git-shell. Please explain your reasoning here. The project has taken nasty hits on its infrastructure already (pgfoundry) because the author of the software had a go-it-alone, I-know-best attitude that sooner than later forced us to fork. As a direct consequence, pgfoundry now needs a redo that will take a pgfoundry administrator many of work in their "ample spare time." Let's not cause more pinch points here. > Is there any product out there that makes it possible to admin a > git-shell based system without having all the admins being root on > the server? Because that's simply not an option if you want > anything remotely scalable. I don't know what you mean by "remotely scalable," but it's clearly not the same definition I have. A sudo wrapper which only allows creation, editing and deletion of accounts restricted to git-shell will scale just fine. > > Here's an even simpler implementation: git-ssh and public keys. Yes, > > it involves work by administrators, which I'd be delighted to do. > > Are you referring to git-shell, or is this a different product? If so, > reference to said product, please? Same. > I certainly don't mind having the work pushed off to an admin team. > But it has to be automated enough that there is no risk that > different people set it up differently. OK > And it must not require root. This is what sudo is built to do :) > Show me such a solution, and I'll be happy to consider it :-) 1. Create a (set of) program(s) which does exactly the following things: * Create an account with git-ssh as its shell. * Manipulate the contact information, ssh keys and groups of said account. * Delete the account. 2. Create a unix group and corresponding sudo role that accesses the above. 3. Create shell accounts as needed with the above group. Yes, that's a root-only task, but it's a short one. I believe that the above takes care of 90% or more of tasks. If it turns out that we need to automate more, we can add that (semi)automation to the capabilities above :) Cheers, David. -- David Fetter <david@fetter.org> http://fetter.org/ Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter Skype: davidfetter XMPP: david.fetter@gmail.com Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate
pgsql-hackers by date: