mirror of
https://gitlab.archlinux.org/archlinux/aurweb.git
synced 2025-02-03 10:43:03 +01:00
Require TUs to explicitly request to overwrite a pkgbase
AUR_PRIVILEGED allows people with privileged AUR accounts to evade the block on non-fast-forward commits. While valid in this case, we should not do so by default, since in at least one case a TU did this without realizing there was an existing package. ( https://aur.archlinux.org/packages/rtmidi/ ) Switch to using allow_overwrite to check for destructive actions. Use .ssh/config "SendEnv" on the TU's side and and sshd_config "AcceptEnv" in the AUR server to specifically request overwrite access. TUs should use: `AUR_OVERWRITE=1 git push --force` Signed-off-by: Eli Schwartz <eschwartz@archlinux.org> Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
This commit is contained in:
Eli Schwartz
Lukas Fleischer
parent
243fb92273
commit
c5302d3a33
4 changed files with 11 additions and 1 deletions
1
INSTALL
1
INSTALL
|
|
@ -76,6 +76,7 @@ read the instructions below.
|
|||
PasswordAuthentication no
|
||||
AuthorizedKeysCommand /usr/local/bin/aurweb-git-auth "%t" "%k"
|
||||
AuthorizedKeysCommandUser aur
|
||||
AcceptEnv AUR_OVERWRITE
|
||||
|
||||
9) If you want to enable smart HTTP support with nginx and fcgiwrap, you can
|
||||
use the following directives:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue