Stefano Zacchiroli debian.org> writes:
> Related to this, there is also the risk that a user will ssh on alioth
> and rm the repository (accidentally or not). Do we have any kind of
> protection against that? (e.g. backups we can access to without
> bothering the alioth admins, or a way to give g
]] Thomas Goirand
> I wasn't discussing what can be done for backing up a Git repository,
> I was asking what is *currently installed* in production as a backup
> for Alioth.
da-backup. Look at /etc/da-backup/* for the configuration.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky a
On Mon, Mar 04, 2013 at 12:45:14AM +0800, Paul Wise wrote:
> On Sun, Mar 3, 2013 at 11:21 PM, Thomas Goirand wrote:
> > So yes, I would think having a safe, backup of Alioth is important.
> > Now, what worries me is that I didn't read any of the Alioth admins
> > explaining what is currently in pro
On Sun, Mar 3, 2013 at 11:21 PM, Thomas Goirand wrote:
> So yes, I would think having a safe, backup of Alioth is important.
> Now, what worries me is that I didn't read any of the Alioth admins
> explaining what is currently in production. I've searched, and the
> only info I found was hosted pro
On 03/01/2013 02:20 AM, Daniel Pocock wrote:
>
> DD access is also an `all or nothing' scenario, and it is tightly
> controlled in other ways.
>
> What I was anticipating is how we can provide more access for upstreams
> and other non-DDs using the guest account mechanism or potentially some
> kind
On 03/03/2013 12:51 AM, Wouter Verhelst wrote:
> On Thu, Feb 28, 2013 at 11:07:22AM +0100, Stefano Zacchiroli wrote:
>> On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
>>> Has anybody had experience controlling access to git repositories, for
>>> example, to give users access but pre
On Thu, Feb 28, 2013 at 11:07:22AM +0100, Stefano Zacchiroli wrote:
> On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
> > Has anybody had experience controlling access to git repositories, for
> > example, to give users access but prevent some of the following
> > dangerous operation
On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
>
>
> There was recently some discussion in pkg-javascript about how to give
> more people access to the VCS (e.g. keeping the git repositories
> logically organised under the pkg-javascript tree, but making write
> access available t
Hello,
On Fri, 01 Mar 2013 18:48:51 +0800
Thomas Goirand wrote:
> On 02/28/2013 08:33 PM, Andrew Shadura wrote:
> > we'd have both hg and git in one unified interface.
> That is a very nice feature. I saw few sites having that, for example
> bitbucket, unfortunatley, bitbucket doesn't allow git
On 03/01/2013 09:34 PM, Cyril Brulebois wrote:
> Thomas Goirand (01/03/2013):
>> I wasn't discussing what can be done for backing up a Git repository,
>> I was asking what is *currently installed* in production as a backup
>> for Alioth.
> Why are you asking debian-devel@ instead of asking the act
Thomas Goirand (01/03/2013):
> I wasn't discussing what can be done for backing up a Git repository,
> I was asking what is *currently installed* in production as a backup
> for Alioth.
Why are you asking debian-devel@ instead of asking the actual admins?
(http://wiki.debian.org/Alioth#Maintenan
On 03/01/2013 07:21 PM, Dmitrijs Ledkovs wrote:
> On 1 March 2013 10:54, Thomas Goirand wrote:
>> On 02/28/2013 06:07 PM, Stefano Zacchiroli wrote:
>>> On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
Has anybody had experience controlling access to git repositories, for
ex
On 1 March 2013 10:54, Thomas Goirand wrote:
> On 02/28/2013 06:07 PM, Stefano Zacchiroli wrote:
>> On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
>>> Has anybody had experience controlling access to git repositories, for
>>> example, to give users access but prevent some of the fo
On 02/28/2013 06:07 PM, Stefano Zacchiroli wrote:
> On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
>> Has anybody had experience controlling access to git repositories, for
>> example, to give users access but prevent some of the following
>> dangerous operations?
> Related to this,
On 02/28/2013 08:33 PM, Andrew Shadura wrote:
> we'd have both hg and git in one unified interface.
That is a very nice feature. I saw few sites having that, for example
bitbucket, unfortunatley, bitbucket doesn't allow git anonymous
checkout over http (it's only available with hg, if I understood
On Donnerstag, 28. Februar 2013, Holger Levsen wrote:
> signed commits, so you can identify unwanted bits and clean up in the very
> care case that's actually needed?
^^ rare case
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
On Thu, 28 Feb 2013, Holger Levsen wrote:
> signed commits, so you can identify unwanted bits and clean up in the very
> care case that's actually needed?
Indeed. Secure git workflows are possible, although it is a relatively new
development. Signed commits and pull requests are a very big part
Hi,
signed commits, so you can identify unwanted bits and clean up in the very
care case that's actually needed?
cheer,s
Holger
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: htt
On Thu, Feb 28, 2013 at 04:01:34PM +0600, Andrey Rahmatullin wrote:
> On Thu, Feb 28, 2013 at 10:45:35AM +0100, Tollef Fog Heen wrote:
> > > Has anybody had experience controlling access to git repositories, for
> > > example, to give users access but prevent some of the following
> > > dangerous o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 28/02/13 20:20, Jonas Smedegaard wrote:
> Quoting Daniel Pocock (2013-02-28 19:20:09)
>> On 28/02/13 13:15, Simon McVittie wrote:
>>> On 28/02/13 09:39, Daniel Pocock wrote:
Has anybody had experience controlling access to git
repositori
Quoting Daniel Pocock (2013-02-28 19:20:09)
> On 28/02/13 13:15, Simon McVittie wrote:
> > On 28/02/13 09:39, Daniel Pocock wrote:
> >> Has anybody had experience controlling access to git repositories,
> >> for example, to give users access but prevent some of the following
> >> dangerous operat
On 28/02/13 13:15, Simon McVittie wrote:
> On 28/02/13 09:39, Daniel Pocock wrote:
>> Has anybody had experience controlling access to git repositories, for
>> example, to give users access but prevent some of the following
>> dangerous operations?
>
> If you look at it from the appropriate angle
On Thu, 28 Feb 2013 12:51:33 +0100, Arno Töll wrote:
> On 28.02.2013 11:07, Stefano Zacchiroli wrote:
> > On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
> >> Has anybody had experience controlling access to git repositories, for
> >> example, to give users access but prevent some o
Hello.
On 28 February 2013 12:51, Arno Töll wrote:
> Having that said the risk is real and it may be time to reconsider some
> choices including the use of Alioth itself for those who do not believe
> in openness. Chances are #700630 is going to rescue us all on that.
> Maybe we could set-up our
On 28/02/13 09:39, Daniel Pocock wrote:
> Has anybody had experience controlling access to git repositories, for
> example, to give users access but prevent some of the following
> dangerous operations?
Do you consider this to be a strong security measure against malicious
changes, or a weak safet
Hi,
On 28.02.2013 11:07, Stefano Zacchiroli wrote:
> On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
>> Has anybody had experience controlling access to git repositories, for
>> example, to give users access but prevent some of the following
>> dangerous operations?
>
> Related to
On Thu, Feb 28, 2013 at 10:39:26AM +0100, Daniel Pocock wrote:
> Has anybody had experience controlling access to git repositories, for
> example, to give users access but prevent some of the following
> dangerous operations?
Related to this, there is also the risk that a user will ssh on alioth
a
On Thu, Feb 28, 2013 at 10:45:35AM +0100, Tollef Fog Heen wrote:
> > Has anybody had experience controlling access to git repositories, for
> > example, to give users access but prevent some of the following
> > dangerous operations?
> >
> > - prevent users pushing with the `--force' option
> > (fr
On 28 February 2013 09:39, Daniel Pocock wrote:
>
>
> There was recently some discussion in pkg-javascript about how to give
> more people access to the VCS (e.g. keeping the git repositories
> logically organised under the pkg-javascript tree, but making write
> access available to all DDs + alio
]] Daniel Pocock
> Has anybody had experience controlling access to git repositories, for
> example, to give users access but prevent some of the following
> dangerous operations?
>
> - prevent users pushing with the `--force' option
> (from the man page for git-push: "This can cause the remote r
30 matches
Mail list logo
