[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Regarding svn+ssh setup, virtual roots and other options

From: Oded Arbel <oded+lists.subversion_at_geek.co.il>
Date: 2006-03-09 11:27:31 CET

On Thursday, 9 בMarch 2006 02:34, Max Bowsher wrote:
> Oded Arbel wrote:
> > I was thinking of using the SSH2 subsystem mechanism instead of
> > relying on the client to call the command correctly. On the face of
> > it its very simple - I've setup a simple bash script to call
> > svnserve with the parameters I want to use (tunnel and virtual root
> > for example). Then I add a subsystem line to the sshd_config file
> > which calls that script for the svnserve subsystem. Then all I have
> > to do is make sure that clients use
> > ssh -s <user>@<host> svnserve
> > instead of
> > ssh <user>@<host> 'svnserve -t'
> >
> > Unfortunately there is no configuration to override the command
> > used over the tunnel (unless I go the way of the specially crafted
> > keys - which I didn't want to use in the first place), unlike the
> > tunnel setup which can be overriden.

> In an ideal world, yes, subsystems are a good fit for svn+ssh.
>
> In the real world, compatibility concerns pretty much rule them out:
>
> * We don't want to require SSH2
>
> * Even if we did, can we rely on every ssh client implementing the
> same command line syntax for them?

What I was actually thinking, was to let the user have some way of
configuring the exact command used by the client, without requiring
custom ssh keys (and depending on the OpenSSH client's handling of
those - much more limiting then relying on an SSH-2 server).

Currently, even if the the command prefix is configurable, the actual
command being run over the tunnel is hardcoded in both content and
location.

> As a practical matter, I think what we need to do is to design an
> /etc/subversion.conf config file.

or rather a $HOME/.subversionrc or something (so it's user specific and
doesn't require system privileges), and have it able to override the
entire tunnel command line.

-- 
Oded
::..
I can write better than anybody who can write faster, and I can write 
faster than anybody who can write better.
	-- A. J. Liebling
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Mar 13 02:55:35 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.