diff options
-rw-r--r-- | EndoForge/README.md | 45 |
1 files changed, 31 insertions, 14 deletions
diff --git a/EndoForge/README.md b/EndoForge/README.md index 795441c..2e03084 100644 --- a/EndoForge/README.md +++ b/EndoForge/README.md | |||
@@ -35,9 +35,17 @@ see `tuntox.git`.) | |||
35 | 35 | ||
36 | ## WHAT IS A `Forge` | 36 | ## WHAT IS A `Forge` |
37 | 37 | ||
38 | A `Forge` is a "place" where programmers share source code. (Anyone could share | 38 | A `Forge` is a "place" where programmers share source code.[1] |
39 | any content, in principle. The point is to track past changes.) The largest | 39 | |
40 | `Forge`, for example, is Microsoft's `GitHub`. | 40 | Anyone could share any content, in principle. |
41 | |||
42 | The point is the *revision control system* used track past changes. The `Forge` | ||
43 | is the place that stores all the different past versions of the code in a format | ||
44 | that allows all changes to be undone. Modifying databases of past history is how | ||
45 | multiple programmers collaborate on the same work of source code. | ||
46 | |||
47 | The largest `Forge` is Microsoft's `GitHub`; but in another sense, the largest | ||
48 | `Forge` is `Wikipedia`. ) | ||
41 | 49 | ||
42 | Note that a `Forge` is different from a web site. A `Git`-based `Forge` must | 50 | Note that a `Forge` is different from a web site. A `Git`-based `Forge` must |
43 | accept contributions in the `Git-Over-SSH` protocol. That is the convenient and | 51 | accept contributions in the `Git-Over-SSH` protocol. That is the convenient and |
@@ -85,9 +93,11 @@ configuration so that this assumption is reversed. Access is opened to unknown | |||
85 | users. | 93 | users. |
86 | 94 | ||
87 | Anonymous users are forced to run the command `~/.ssh/AnonymousAccessCommand` | 95 | Anonymous users are forced to run the command `~/.ssh/AnonymousAccessCommand` |
88 | upon login, instead of whatever command they select for themselves. The user can | 96 | upon login, instead of whatever command they select for themselves. Each system |
89 | choose or configure their `AnonymousAccessCommand` to provide sandboxing, or to | 97 | user can choose or configure their own `AnonymousAccessCommand` file. The |
90 | implement a user authentication scheme in some flexible way. | 98 | command must force the anonymous user into some kind of sandbox, or implement a |
99 | user authentication scheme in some way, or else the user account will become | ||
100 | insecure. | ||
91 | 101 | ||
92 | `EndoForge` installs a `~/.ssh/AnonymousAccessCommand` that allows anonymous | 102 | `EndoForge` installs a `~/.ssh/AnonymousAccessCommand` that allows anonymous |
93 | users to run the `Git` protocol commands (`git-receive-pack`, etc.) to access | 103 | users to run the `Git` protocol commands (`git-receive-pack`, etc.) to access |
@@ -99,17 +109,14 @@ INSTALLATION | |||
99 | 109 | ||
100 | Run: | 110 | Run: |
101 | ``` | 111 | ``` |
102 | make install | 112 | sudo make install |
103 | ``` | 113 | ``` |
104 | 114 | ||
105 | This installs the `AnonymousAccessCommand` in the current user's home directory | 115 | This installs `EndoForge` to the system, and installs `AnonymousAccessCommand` |
106 | (under `$HOME/.ssh`). | 116 | in the current user's home directory (under `$HOME/.ssh`). If you don't want |
107 | 117 | to install that file, use `sudo make install NO_USER_COMMAND=y`. | |
108 | Then, if sudo access is available, it enables anonymous access by editing the | ||
109 | system `OpenSSH` configuration. This allows any user to listen for `SSH` | ||
110 | connections via the file `$HOME/.ssh/AnonymousAccessCommand`. | ||
111 | 118 | ||
112 | Finally, the command to enable public access to the `Self-Forge` may be run: | 119 | The command to enable public access to the `Self-Forge` may be run: |
113 | 120 | ||
114 | Run: | 121 | Run: |
115 | ``` | 122 | ``` |
@@ -128,6 +135,16 @@ To disable public access to the repository, run: | |||
128 | git config core.self-forge false | 135 | git config core.self-forge false |
129 | ``` | 136 | ``` |
130 | 137 | ||
138 | To uninstall: [run `make -n uninstall` to get this doc section] | ||
139 | |||
140 | ``` | ||
141 | sudo rm -f /etc/ssh/sshd_config.d/anonymous-access.conf \ | ||
142 | /usr/lib/ssh/AuthorizedKeysCommand \ | ||
143 | /etc/ssh/AuthorizedKeysCommand | ||
144 | systemctl restart sshd | ||
145 | ``` | ||
146 | |||
147 | |||
131 | NON-ROOT INSTALLATION | 148 | NON-ROOT INSTALLATION |
132 | --------------------- | 149 | --------------------- |
133 | 150 | ||