Jesse Keating jkeating at redhat.com
Sat Jul 7 23:37:01 UTC 2007

On Saturday 07 July 2007 10:53:49 seth vidal wrote:
> yes, it includes those. I don't think we should be running cgis of any
> sort. They eat ram and expose us to more risk, don't they?

There is some exposure yes.  Something we have to evaluate.  Being able to 
have people easily host/share source control is a nice thing to have.  Just 
ask some people at Red Hat how "fun" it has been to deal with 
people.redhat.com and it's ancient OS with no on the box tools.

> > > 4. essentially this box will be for rsync/scp/sftp of files to a place
> > > where everyone can get to. Is there any other package that should be on
> > > here?
> >
> > git would be nice, with the git server setup so that people can easily
> > sync up a git repo to there or push via ssh to there and other people can
> > get to it with git://
> >
> > Hg is harder and maybe not possible.
> Isn't the above what rsync is for? 

For getting content onto the system that's one rather inefficient way for 
scms.  Since git/hg can both work over ssh, it's /far/ more efficient and 
easy to just push via ssh to a directory in your webspace.  For other users 
to then get access to the files, rsync does not work.  You'll want http 
access, and really preferably git:// access for the git stuff.

> I guess I'm inclined to not have any 
> scm - this is just a big box which serves files, statically, and does
> not open us up to that many attack vectors.

More and more the stuff I find myself chucking at public web space is not 
patches, but clones of distributed scm repos with my changes applied so that 
the upstream can just pull from my repo instead of doing a patch dance.  If 
we're going to provide a service, lets try to make it as useful as possible.  
Note that none of the above should require the ability to actually log into 
the box, just access it remotely.

Jesse Keating
Release Engineer: Fedora
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-infrastructure-list/attachments/20070707/32865ff6/attachment.sig>

More information about the Fedora-infrastructure-list mailing list