[Cryptech Tech] Some problems with the repo access

Joachim Strömbergson joachim at secworks.se
Thu Feb 6 09:04:51 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

Rob Austein wrote:
> Translation of the rules:
> 
> - Any authorized user can create a new repository
> 
> - Whichever user created the repository has full rights (read,
> write, and other operations like delete)
> 
> - The creator has the ability to give write access to any other 
> authorized user ("WRITERS"), using the "perms" command, eg:
> 
> $ ssh git at cryptech.is perms myrepo + WRITERS randy at psg.com
> 
> - The creator also has the ability to grant read access to any other 
> authorized user ("READERS"), but as it's currently set up there's no 
> point in doing this since I hard configured it to grant read access 
> to anybody in core (@all, at the moment).
> 
> The gitolite documention claims that the normal way of creating a 
> repository like this is just to clone it.  Yes, you clone a 
> repository that doesn't exist to create it.

Ok. I'll try to clone a new repo and have Linus try to clone and push
into it.


> That one is deliberate, and is because of the feature that this
> group asked me to add: you cannot push commits to these repositories
> unless they are signed by an authorized PGP key.  The current
> authorized PGP keys are:
> 
> pub   4096R/23291265 2010-05-07 uid                  Linus Nordberg
> <linus at nordberg.se> uid                  Linus Nordberg
> <linus at nordu.net> uid                  Linus Nordberg
> <linus at torproject.org> uid                  [jpeg image of size
> 2906] sub   4096R/153E576C 2013-04-23 [expires: 2014-04-23]
> 
> pub   4096R/2422EC8D 2014-02-02 [expires: 2019-02-01] uid
> Joachim Strombergson <joachim at strombergson.com> uid
> Joachim Strombergson <joachim at secworks.se> sub   4096R/9D8F0EEB
> 2014-02-02 [expires: 2019-02-01]

Yes, I expected it to be related to my shiny new key. If Linus can push
we know that we have a working flow.


> Sigh.

No worries. we'll fix this in due time. Nobody is blocked by this at the
moment (I think).

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJS81AzAAoJEF3cfFQkIuyNeM8QAIfmnzC5DvjP4xqDSuFI2Q+4
SiAlTZcsngYtAKTvFNrx06nB7clfQoVsR63c08EKLEbbeNGiB3Jn3yc9/nWLDywj
8bnFimvrlozbwnyxYxnhI+nFO9qqhw3NPuTZohCbvpLeuoJaCx4kLdXM7lcp60yV
DbFSmOokdFJvzxiX94KoSiknl4ClCRC0dQ8FYtBgyKQTkBUmGTWlpIs5Vk5Oryke
NnLbSFWWYQeL1DmDR5iflx3nZDcrV82Le8ragGhF4mbk2z0E1ULZqELyPZsC/LDw
ck/etEv8gdar0ia8JKJxRHHA9MIbfebavBr2TDBoKTJUhxB+gYpshZ/mknU2GimN
tTB6gbwt95pftpb3R5JggEBaKm/l0ONvbxAfaCC6OF/8gjjZWP6Owfoj0/sdJGgQ
vnw1jnH4JTAm3Jl9UFLavCNM5EgvzxVCNzzISFfgPAvTuw1LpHMpraYdM6URvEU7
E/IXXRMFLAszk72UJnkNUScfuO8no+v1lQQDJhi8FNgQnvGOOIT2cATd4L5ucdI1
Rgl1yj72YrgALe9UrE/kHHCdLOnHkgRrgII8MgbAEzCe1Cz4JPD6uUqxyhKV751U
3aNXHDR5WltXSQG+Y4G8FCJx6qSjvR226+hnT62RQxe2o5RTLEaXWfHk24WRpno4
vTZz+Gki5puK3hfXLc2q
=mQON
-----END PGP SIGNATURE-----

More information about the Tech mailing list