summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Cady <d@cryptonomic.net>2021-10-26 05:27:59 -0400
committerAndrew Cady <d@cryptonomic.net>2021-10-26 05:27:59 -0400
commitf048d954f6fce23f04d69b6703b58dc1cd0b879e (patch)
tree1db3beb5ea2c32aea32f631605235b33597784d4
parentbd461f529aa5dd0615a628cc158615c22caac0a1 (diff)
README
-rw-r--r--EndoForge/README.md45
1 files changed, 31 insertions, 14 deletions
diff --git a/EndoForge/README.md b/EndoForge/README.md
index 795441c..2e03084 100644
--- a/EndoForge/README.md
+++ b/EndoForge/README.md
@@ -35,9 +35,17 @@ see `tuntox.git`.)
35 35
36## WHAT IS A `Forge` 36## WHAT IS A `Forge`
37 37
38A `Forge` is a "place" where programmers share source code. (Anyone could share 38A `Forge` is a "place" where programmers share source code.[1]
39any content, in principle. The point is to track past changes.) The largest 39
40`Forge`, for example, is Microsoft's `GitHub`. 40Anyone could share any content, in principle.
41
42The point is the *revision control system* used track past changes. The `Forge`
43is the place that stores all the different past versions of the code in a format
44that allows all changes to be undone. Modifying databases of past history is how
45multiple programmers collaborate on the same work of source code.
46
47The largest `Forge` is Microsoft's `GitHub`; but in another sense, the largest
48`Forge` is `Wikipedia`. )
41 49
42Note that a `Forge` is different from a web site. A `Git`-based `Forge` must 50Note that a `Forge` is different from a web site. A `Git`-based `Forge` must
43accept contributions in the `Git-Over-SSH` protocol. That is the convenient and 51accept contributions in the `Git-Over-SSH` protocol. That is the convenient and
@@ -85,9 +93,11 @@ configuration so that this assumption is reversed. Access is opened to unknown
85users. 93users.
86 94
87Anonymous users are forced to run the command `~/.ssh/AnonymousAccessCommand` 95Anonymous users are forced to run the command `~/.ssh/AnonymousAccessCommand`
88upon login, instead of whatever command they select for themselves. The user can 96upon login, instead of whatever command they select for themselves. Each system
89choose or configure their `AnonymousAccessCommand` to provide sandboxing, or to 97user can choose or configure their own `AnonymousAccessCommand` file. The
90implement a user authentication scheme in some flexible way. 98command must force the anonymous user into some kind of sandbox, or implement a
99user authentication scheme in some way, or else the user account will become
100insecure.
91 101
92`EndoForge` installs a `~/.ssh/AnonymousAccessCommand` that allows anonymous 102`EndoForge` installs a `~/.ssh/AnonymousAccessCommand` that allows anonymous
93users to run the `Git` protocol commands (`git-receive-pack`, etc.) to access 103users to run the `Git` protocol commands (`git-receive-pack`, etc.) to access
@@ -99,17 +109,14 @@ INSTALLATION
99 109
100Run: 110Run:
101``` 111```
102 make install 112 sudo make install
103``` 113```
104 114
105This installs the `AnonymousAccessCommand` in the current user's home directory 115This installs `EndoForge` to the system, and installs `AnonymousAccessCommand`
106(under `$HOME/.ssh`). 116in the current user's home directory (under `$HOME/.ssh`). If you don't want
107 117to install that file, use `sudo make install NO_USER_COMMAND=y`.
108Then, if sudo access is available, it enables anonymous access by editing the
109system `OpenSSH` configuration. This allows any user to listen for `SSH`
110connections via the file `$HOME/.ssh/AnonymousAccessCommand`.
111 118
112Finally, the command to enable public access to the `Self-Forge` may be run: 119The command to enable public access to the `Self-Forge` may be run:
113 120
114Run: 121Run:
115``` 122```
@@ -128,6 +135,16 @@ To disable public access to the repository, run:
128 git config core.self-forge false 135 git config core.self-forge false
129``` 136```
130 137
138To uninstall: [run `make -n uninstall` to get this doc section]
139
140```
141 sudo rm -f /etc/ssh/sshd_config.d/anonymous-access.conf \
142 /usr/lib/ssh/AuthorizedKeysCommand \
143 /etc/ssh/AuthorizedKeysCommand
144 systemctl restart sshd
145```
146
147
131NON-ROOT INSTALLATION 148NON-ROOT INSTALLATION
132--------------------- 149---------------------
133 150