From 15da3c0352c3cc25c019ac24732aa0ae2b8c8d01 Mon Sep 17 00:00:00 2001 From: jrayhawk Date: Mon, 19 Oct 2009 18:01:11 -0700 Subject: Fixing git repo URI --- architecture/needed_user_facing_infrastructure.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/architecture/needed_user_facing_infrastructure.mdwn b/architecture/needed_user_facing_infrastructure.mdwn index 084c1fb..5e4faf3 100644 --- a/architecture/needed_user_facing_infrastructure.mdwn +++ b/architecture/needed_user_facing_infrastructure.mdwn @@ -12,7 +12,7 @@ repo user management |DONE: /srv/rbin/addaccess, rmaccess TODO: lsaccess |TODO: authorized_keys modification |TODO: cmdlind frontend to cat > ~/.ssh/authorized_keys |TODO: CGI frontend, though i am not convinced anyone would care disable password auth if ssh key|TODO |Ha ha NEVER config tweaking |TODO: ssh piny /srv/rbin/chrepo |TODO: CGI frontend -commit access |DONE: git+ssh://piny/srv/whatever.git |DONE: Ikiwiki+mod-auth-sys-group/mod-auth-pam, though I am told there is a magic hook to allow public editing through git:// +commit access |DONE: git+ssh://piny/srv/git/whatever.git |DONE: Ikiwiki+mod-auth-sys-group/mod-auth-pam, though I am told there is a magic hook to allow public editing through git:// wysiwyg editing tool |Ha ha no |TODO """]] -- cgit v1.2.3 From 9b531adbcaa807a352d14b68b70ed125e285d056 Mon Sep 17 00:00:00 2001 From: jrayhawk Date: Mon, 19 Oct 2009 18:03:13 -0700 Subject: Cleanup of commands and URIs --- architecture/needed_user_facing_infrastructure.mdwn | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/architecture/needed_user_facing_infrastructure.mdwn b/architecture/needed_user_facing_infrastructure.mdwn index 5e4faf3..de62a32 100644 --- a/architecture/needed_user_facing_infrastructure.mdwn +++ b/architecture/needed_user_facing_infrastructure.mdwn @@ -8,11 +8,11 @@ anonymous account creation |DONE: ssh createuser@piny.be |TODO: CGI frontend password modification |DONE: /srv/rbin/passwd |TODO: Authen::PAM chauthtok CGI jblake: the pam interface was *really* not designed with http in mind though if you hard-code the interaction script it's not hard at all repo creation, deletion |DONE: /srv/rbin/newrepo, rmrepo, TODO: lsrepo |TODO: CGI frontend repo user management |DONE: /srv/rbin/addaccess, rmaccess TODO: lsaccess |TODO: CGI frontend -[[mailing list addition|mail]] |TODO: ssh piny /srv/rbin/addlist |TODO: CGI frontend +[[mailing list addition|mail]] |TODO: /srv/rbin/addlist |TODO: CGI frontend authorized_keys modification |TODO: cmdlind frontend to cat > ~/.ssh/authorized_keys |TODO: CGI frontend, though i am not convinced anyone would care disable password auth if ssh key|TODO |Ha ha NEVER -config tweaking |TODO: ssh piny /srv/rbin/chrepo |TODO: CGI frontend -commit access |DONE: git+ssh://piny/srv/git/whatever.git |DONE: Ikiwiki+mod-auth-sys-group/mod-auth-pam, though I am told there is a magic hook to allow public editing through git:// +config tweaking |TODO: /srv/rbin/chrepo |TODO: CGI frontend +commit access |DONE: git+ssh://piny.be/srv/git/whatever.git |DONE: Ikiwiki+mod-auth-sys-group/mod-auth-pam, though I am told there is a magic hook to allow public editing through git:// wysiwyg editing tool |Ha ha no |TODO """]] -- cgit v1.2.3 From a24383e2b312f697e1665c656e2208f6ba42ba15 Mon Sep 17 00:00:00 2001 From: Joe Rayhawk Date: Wed, 21 Oct 2009 17:49:10 -0700 Subject: Remove support for periods in reponames since they cause problems. --- usr/local/sbin/addaccess | 4 ++-- usr/local/sbin/newrepo | 4 ++-- usr/local/sbin/rmaccess | 4 ++-- usr/local/sbin/rmrepo | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/usr/local/sbin/addaccess b/usr/local/sbin/addaccess index 07cc893..8d5e8f1 100755 --- a/usr/local/sbin/addaccess +++ b/usr/local/sbin/addaccess @@ -8,10 +8,10 @@ my( $reponame, $uid, $gitowner); if ( ( ! scalar $ARGV[1] ) or ( scalar $ARGV[2] ) ) { # must have exactly two arguments print( "Usage: addaccess USER REPONAME\n" ); exit( 1 ); -} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9+.-]+$/ ) ) { # Extra paranoid sanity checking +} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { # Extra paranoid sanity checking print( "Usage: addaccess USER REPONAME\n" ); print( " USER must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash.\n" ); - print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) and minus (-) signs, and periods (.).\n" ); + print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) signs, and minus (-) signs.\n" ); print( " REPONAME must be at least two characters long and must start with an alphanumeric character.\n" ); exit( 1 ); } else { diff --git a/usr/local/sbin/newrepo b/usr/local/sbin/newrepo index 8cee460..73cf68e 100755 --- a/usr/local/sbin/newrepo +++ b/usr/local/sbin/newrepo @@ -6,9 +6,9 @@ use warnings; my( $errorto ) = 'jrayhawk+piny.be@omgwallhack.org'; # Email address to send horrible errors to. my( $reponame, $email, @errors, $wikilisttempfile, $cgitrctempfile, $description ); -if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9+.-]+$/ ) ) { +if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { print( "Usage: newrepo REPONAME\n" ); - print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) and minus (-) signs, and periods (.).\n" ); + print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) signs, and minus (-) signs.\n" ); print( " REPONAME must be at least two characters long and must start with an alphanumeric character.\n" ); exit( 1 ); } else { diff --git a/usr/local/sbin/rmaccess b/usr/local/sbin/rmaccess index 2f7e06e..4d5d8d6 100755 --- a/usr/local/sbin/rmaccess +++ b/usr/local/sbin/rmaccess @@ -8,10 +8,10 @@ my( $reponame, $uid, $gitowner); if ( ( ! scalar $ARGV[1] ) or ( scalar $ARGV[2] ) ) { # must have exactly two arguments print( "Usage: rmaccess USER REPONAME\n" ); exit( 1 ); -} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9+.-]+$/ ) ) { # Extra paranoid sanity checking +} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { # Extra paranoid sanity checking print( "Usage: rmaccess USER REPONAME\n" ); print( " USER must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash.\n"); - print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) and minus (-) signs, and periods (.).\n" ); + print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) signs, and minus (-) signs.\n" ); print( " REPONAME must be at least two characters long and must start with an alphanumeric character.\n" ); exit( 1 ); } else { diff --git a/usr/local/sbin/rmrepo b/usr/local/sbin/rmrepo index 5c67339..ad84e1b 100755 --- a/usr/local/sbin/rmrepo +++ b/usr/local/sbin/rmrepo @@ -5,7 +5,7 @@ use warnings; my( $reponame, $uid, $gitowner, $wikilisttempfile, $cgitrctempfile); -if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9+.-]+$/ ) ) { +if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { print( "Usage: rmrepo REPONAME\n" ); exit( 1 ); } else { -- cgit v1.2.3 From fcf0b75c84e72eafd01a3cfe1a21ea1a3344bdd4 Mon Sep 17 00:00:00 2001 From: Joe Rayhawk Date: Wed, 21 Oct 2009 17:51:34 -0700 Subject: Removing pluses from allowed characters for reponame --- usr/local/sbin/addaccess | 4 ++-- usr/local/sbin/newrepo | 4 ++-- usr/local/sbin/rmaccess | 4 ++-- usr/local/sbin/rmrepo | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/usr/local/sbin/addaccess b/usr/local/sbin/addaccess index 8d5e8f1..b1b2916 100755 --- a/usr/local/sbin/addaccess +++ b/usr/local/sbin/addaccess @@ -8,10 +8,10 @@ my( $reponame, $uid, $gitowner); if ( ( ! scalar $ARGV[1] ) or ( scalar $ARGV[2] ) ) { # must have exactly two arguments print( "Usage: addaccess USER REPONAME\n" ); exit( 1 ); -} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { # Extra paranoid sanity checking +} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9-]+$/ ) ) { # Extra paranoid sanity checking print( "Usage: addaccess USER REPONAME\n" ); print( " USER must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash.\n" ); - print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) signs, and minus (-) signs.\n" ); + print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), and minus (-) signs.\n" ); print( " REPONAME must be at least two characters long and must start with an alphanumeric character.\n" ); exit( 1 ); } else { diff --git a/usr/local/sbin/newrepo b/usr/local/sbin/newrepo index 73cf68e..15bbde6 100755 --- a/usr/local/sbin/newrepo +++ b/usr/local/sbin/newrepo @@ -6,9 +6,9 @@ use warnings; my( $errorto ) = 'jrayhawk+piny.be@omgwallhack.org'; # Email address to send horrible errors to. my( $reponame, $email, @errors, $wikilisttempfile, $cgitrctempfile, $description ); -if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { +if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9-]+$/ ) ) { print( "Usage: newrepo REPONAME\n" ); - print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) signs, and minus (-) signs.\n" ); + print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), and minus (-) signs.\n" ); print( " REPONAME must be at least two characters long and must start with an alphanumeric character.\n" ); exit( 1 ); } else { diff --git a/usr/local/sbin/rmaccess b/usr/local/sbin/rmaccess index 4d5d8d6..06b4f07 100755 --- a/usr/local/sbin/rmaccess +++ b/usr/local/sbin/rmaccess @@ -8,10 +8,10 @@ my( $reponame, $uid, $gitowner); if ( ( ! scalar $ARGV[1] ) or ( scalar $ARGV[2] ) ) { # must have exactly two arguments print( "Usage: rmaccess USER REPONAME\n" ); exit( 1 ); -} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { # Extra paranoid sanity checking +} elsif ( ( $ARGV[0] !~ /^[a-zA-Z0-9_.][a-zA-Z0-9_.-]+$/ ) or ( $ARGV[1] !~ /^[a-z0-9][a-z0-9-]+$/ ) ) { # Extra paranoid sanity checking print( "Usage: rmaccess USER REPONAME\n" ); print( " USER must consist only of letters, digits, underscores, periods, and dashes, and not start with a dash.\n"); - print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), plus (+) signs, and minus (-) signs.\n" ); + print( " REPONAME must consist only of lower case letters (a-z), digits (0-9), and minus (-) signs.\n" ); print( " REPONAME must be at least two characters long and must start with an alphanumeric character.\n" ); exit( 1 ); } else { diff --git a/usr/local/sbin/rmrepo b/usr/local/sbin/rmrepo index ad84e1b..864830f 100755 --- a/usr/local/sbin/rmrepo +++ b/usr/local/sbin/rmrepo @@ -5,7 +5,7 @@ use warnings; my( $reponame, $uid, $gitowner, $wikilisttempfile, $cgitrctempfile); -if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9+-]+$/ ) ) { +if ( ( ! scalar $ARGV[0] ) or ( scalar $ARGV[1] ) or ( $ARGV[0] !~ /^[a-z0-9][a-z0-9-]+$/ ) ) { print( "Usage: rmrepo REPONAME\n" ); exit( 1 ); } else { -- cgit v1.2.3 From 5361765cf9ba71e8c7a2d676922c2ce0d750050f Mon Sep 17 00:00:00 2001 From: jrayhawk Date: Wed, 17 Mar 2010 19:40:08 -0700 Subject: Data model documentation: removing plus from available reponame characters --- architecture/data.mdwn | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/architecture/data.mdwn b/architecture/data.mdwn index ce951e0..7d6cc97 100644 --- a/architecture/data.mdwn +++ b/architecture/data.mdwn @@ -8,7 +8,7 @@ username #usually $ENV{SUDO_USER} # !~ /^git-|^ikiwiki-/ and =~ /^[a-zA-Z0-9 uid #/etc/passwd # None email #/etc/passwd GECOS #Email::Valid::Loose->new("-fqdn" => 1, "-fudge" => 0, "-local_rules" => 0, "-mxcheck" => 1, "-tldcheck" => 0 ); repoaccess #/etc/group git-$reponame entry # None -reponame #/srv/git/$reponame.git # =~ /^[a-z0-9][a-z0-9+.-]+$/ +reponame #/srv/git/$reponame.git # =~ /^[a-z0-9][a-z0-9.-]+$/ repodescription #/srv/git/$reponame.git/description # =~ /^[\x{0020}-\x{FDCF}\x{FDF0}-\x{FFFD}]{1,80}$/ repoowner #stat /srv/git/$reponame.git uid; might be better as first non-ikiwiki user in /etc/group git-$reponame entry # None repoglobalwritable #stat /srv/git/$reponame.git all write bit # None -- cgit v1.2.3