If the server is only hosting repositories, there is no reason for users to be
allowed 'interactive' access.
+== allowed_interactive and sudo ==
+
+For users that use repo_shell as a login shell and that also need to run
+commands via sudo as other users, those other users must also be listed in the
+allowed_interactive user list. Otherwise, sudo functionality is effectively
+disabled for such users.
+
= Create owner and paths
In accordance with the settings in /etc/repo_shell.conf:
- adduser --system --group <owner> --home /var/lib/svn \
- --shell /usr/local/bin/repo_shell <owner>
- sudo install -d -o <owner> -g <owner> -m 0755 <svn_root>
- sudo install -d -o <owner> -g <owner> -m 0755 <git_root>
+ sudo adduser --system --group <owner> --home /var/lib/svn \
+ --shell /bin/false <owner>
+ sudo install -d -o <owner> -g <owner> -m 0750 <svn_root>/..
+ sudo install -d -o <owner> -g <owner> -m 0750 <svn_root>
+ sudo install -d -o <owner> -g <owner> -m 0750 <git_root>
= Configure subversion repository ACLs
sudo -u repo gitcreate mirrors/tinyos/tinyos-main.git
+If a subdirectory path being requested doesn't already exist, the script will
+ask the operator if it is OK to create it. To automatically create non-existent
+subdirectory paths, add the -y option:
+
+ sudo -u repo gitcreate -y mirrors/tinyos/tinyos-main.git
+
= Configuring user accounts
Each user to access repositories via client side tools need an account on the
projects / repo_shell.git / blobdiff