Serving Mercurial Repositories
Jonathan Stott
jonathan.stott at gmail.com
Thu Dec 13 15:51:20 UTC 2007
Hi
I'm quite new to Fedora (and SELinux) but I've been using linux for
some time and one of the tools I use more or less daily is the
mercurial scm. I would like to share (read only) versions of some of
the repositories I work on to other members of my group. The
mercurial team provide a script to do this which (when configured via
a simple file) can read the configured repository directories
(scattered about my home directory) and from there generate the web
interface.
Currently this fails, because I have policies configured such that
lighttpd can only read from the public_html directory of home
directories and I would prefer not to have to change things so that it
can read all of my home directory. I would also prefer to avoid the
need to have 2 copies of the repository on the system, one in my home
directory and one somewhere else (say /var/hg ) that I can let
lighttpd read as it desires, since this brings about synchronisation
issues.
I thought a solution might be to write a policy for mercurial so that
all repos are created with a 'mercurial_repo_t' type or similar and
then allow the lighttpd_t context to read them (it can already search
home directories) but I am unsure of how to go about implementing such
a policy, or how it might be done better.
Any advice would be appreciated,
Jon
More information about the fedora-selinux-list
mailing list