I have a Mercurial server using mercurial-server. I edited access.conf in hgadmin repo as follows:
deny repo=a/b
read user=x/**
read user=y/**
write repo=a/b user=x/abc
write repo=a/b user=y/z
But user z still can't access this repo. Any ideas?
The documentation mentions:
user=globpattern: path to the user's key
So the path of z's key might be wrong, or the path of the repo is off.
When considering a request, mercurial-server steps through all the rules in /etc/mercurial-server/access.conf and then all the rules in access.conf in hgadmin, looking for a rule which matches on every condition.
The first match determines whether the request will be allowed; if there is no match in either file, the request will be denied.
Other possibility: Maybe a deny rule (applicable for user z) is found first.
The first matching rule applies. In this instance the deny rule is first, so it will match first; no user will be given access to repo a/b no matter what other rules follow this one.
Try placing the two write rules above the deny rule.
Note also that any rules in /etc/mercurial-server/access.conf will logically precede these rules.
There is one more especiality about mercurial server that you may need to know. That you can not duplicate keys several times in keys/ of hgadmin. Because on server side those keys are compiled into /var/lib/mercurial-server/.ssh/authorized_keys. So if you specify same key in different key files in keys/ then when hg do ssh it will use first occurence of the key in authorixed_keys and probbaly refer to first only repo and disable access to another repos which refer to another file (but with same key)
Related
I'm trying to implement a mercurial pre-push hook which checks the target repo path and adds the appropriate id by ssh-add. The not so nice solution would be checking the command line parameters and if the path isn't forced, then reading the default from the hgrc file but is there a cleaner way to just obtain the remote path?
I printed the kwargs passed into the hook method but there isn't any which seem to hold what I need. I also tried googling but the info available is next to nothing and this appears to be a bit like a black art really. So, any reference to a decent documentation and/or examples would be appreciated too.
Cheers,
Looking in hg help config, it seems like you can use the 'prechangegroup' hook and the HG_URL environment variable:
"prechangegroup"
Run before a changegroup is added via push, pull or unbundle. Exit
status 0 allows the changegroup to proceed. Non-zero status will cause
the push, pull or unbundle to fail. URL from which changes will come is
in "$HG_URL".
You should be able to use the 'pre-changegroup' and 'pre-push' hook (mind the dash). Which supplies the command line arguments as $HG_ARGS.
If the $HG_ARGS is a valid url you can use that url. If nothing is supplied use the ui object that is given as a keyword argument to the hook.
Use the following to retreive the default path from the configuration: ui.config('paths', 'default')
As you can also write other named urls/paths in the configuration file you should also be able to verify the $HG_ARGS if it doesn't contain a valid url a a keyword to the ui.config paths object
I want to reexecute some targets when the configuration changes.
Consider this example:
I have a configuration variable (that is either read from environment variables or a config.local file):
CONF:=...
Based on this variable CONF, I assemble a header file conf.hpp like this:
conf.hpp:
buildConfHeader $(CONF)
Now, of course, I want to rebuild this header if the configuration variable changes, because otherwise the header would not reflect the new configuration. But how can I track this with make? The configuration variable is not tied to a file, as it may be read from environment variables.
Is there any way to achieve this?
I have figured it out. Hopefully this will help anyone having the same problem:
I build a file name from the configuration itself, so if we have
CONF:=a b c d e
then I create a configuration identifier by replacing the spaces with underscores, i.e.,
null:=
space:= $(null) #
CONFID:= $(subst $(space),_,$(strip $(CONF))).conf
which will result in CONFID=a_b_c_d_e.conf
Now, I use this $(CONFID) as dependency for the conf.hpp target. In addition, I add a rule for $(CONFID) to delete old .conf files and create a new one:
$(CONFID):
rm -f *.conf #remove old .conf files, -f so no error when no .conf files are found
touch $(CONFID) #create a new file with the right name
conf.hpp: $(CONFID)
buildConfHeader $(CONF)
Now everything works fine. The file with name $(CONFID) tracks the configuration used to build the current conf.hpp. If the configuration changes, then $(CONFID) will point to a non-existant .conf file. Thus, the first rule will be executed, the old conf will be deleted and a new one will be created. The header will be updated. Exactly what I want :)
There is no way for make to know what to rebuild if the configuration changed via a macro or environment variable.
You can, however, use a target that simply updates the timestamp of conf.hpp, which will force it to always be rebuilt:
conf.hpp: confupdate
buildConfHeader $(CONF)
confupdate:
#touch conf.hpp
However, as I said, conf.hpp will always be built, meaning any targets that depend upon it will need rebuilt as well. A much more friendly solution is to generate the makefile itself. CMake or the GNU Autotools are good for this, except you sacrifice a lot of control over the makefile. You could also use a build script that creates the makefile, but I'd advise against this since there exist tools that will allow you to build one much more easily.
I'm trying to change Mercurial's template.
When I push some files to my repository, the log files list my PC's name, not user's name that is logged in.
I don't want the PC's name, I want logged user's name shows up.
How I do it?
#Praveen-K has the right answer and Lazy Badger and Lasse have the details you're missing. Here it is spelled out, but go pick Praveen's answer:
The user name you're seeing in/on your remote repository are completely unrelated to:
Any settings on your repository/server
The username you use to authenticate to your repository
Instead that string, called 'author' is burned into the changeset (commit) at commit time and is entirely crafted on your "PC". You could set it to anything you want and once you push that commit to the repository that's how it will display.
At your current skill level you're not going to successfully change that string in commits you've already made, but if you dive into a good explanation (not lookup commands) like the hg book you'll come away understanding things.
Make the entry in to your hgrc file. This file should be in your .hg/ directory (it may be in your repo or you can do in your home directory) and if it is not exist make the file with the name of hgrc in that folder.
[ui]
username = Your Name <your#mail>
When I create a new repository, I can ask TortoiseHG to give me a .hgignore file. Is there a way that I can customise what that file will look like, rather than having to go and get one manually from somewhere every time?
It's an old question, put still popped up as the first result on google, so here is an update:
In the TortoiseHg settings under the tab TortoiseHg users can specify the path of a Repo Skeleton. You can put your predefined .hgignore there, and it will be automatically copied during hg init.
See also:
#3569 Allow user-defined default .hgignore file when creating a new repository
TortoiseHG Docs
Like Tim already said in his comment, apparently it's not possible to do this.
Take a look at the following issue from TortoiseHG's bug tracker:
#966 Include some reasonable defaults in .hgignore on repo creation
Quotes from this link, both by Steve Borho (THG project lead):
This topic comes up on the Mercurial mailing list once a year or so and Matt always shoots it down. There is already support for user level ignore files; one could add these globs to a global file and be done with it.
and:
If a user has files or directories that they always want to ignore, they can add those to a global ignore file without having to introduce any new behaviors in THG.
So putting the things you always want ignored in a user-global ignore file seems to be the only option (even though it's not exactly what you're asking for):
Would like to create some defaults for my .hgignore files in TortoiseHG/Mercurial
(the question that I posted in my comment above)
Global hgignore usage
Can anyone tell me the .hgignore pattern to track one specific file in a directory and to ignore everything else?
I have a "media" directory which contains a "default.png", for obvious purposes, and the rest of the directory will hold user media. We want hg to ignore everything in the media directory excepting the default file.
Try:
syntax: regex
^media/.*
or (leave it in the default glob and do)
media/**
and then manually hg add media/default.png.
In mercurial (unlike in CVS) you can add files that match your ignore patterns and they work fine. So ignore broadly and hg add what you want tracked.
syntax: regex
^media/(?!default.png$)
almost the same as John Mee's but matches to the end of the line, instead of anything that starts with default.png.
if you wanted to allow any .c file but nothing else, you could use:
^media/(?!.+\.c$)
Summing it up as a BKM (Best Known Method)
Either hgignore everything, and then hg add back the few files you want to track.
Or use a pattern such as
syntax: regex
^path/(?!files-that-you-want-not-to-ignore$)
(I just wanted to see the full answer in one place.)
Never mind this seems to work...
syntax: regex
^media/(?!default.png)