3511
Comment:
|
4471
Tidied up, linked a few things, tried to make the text more style guide compliant.
|
Deletions are marked like this. | Additions are marked like this. |
Line 3: | Line 3: |
The traditional CVS-like model allows multiple different users to commit to the main repository. Indeed, it's about the only way to do things. | The traditional [[CvsLikePractice|CVS-like model]] allows multiple different users to commit to the main [[Repository|repository]]. Indeed, it's about the only way to do things. |
Line 16: | Line 16: |
== Traditional UNIX method == | == The shared SSH method == |
Line 18: | Line 18: |
The idea here is to create a repository that has a group ID that allows multiple users to access it. | The typical way to create an SSH-reachable repository is to create a special account for that project, create the project under that account, then provide each user with an SSH key that's authorized to use that account. See the guide to [[SharedSSH|shared SSH]] for general setup details. |
Line 20: | Line 20: |
The first step is to add a new group to''etc''group. The 'kosher' method for accomplishing this varies from system to system, but the end result is a new line in''etc''group like the following: | Another way to use SSH is just to provide regular SSH access and set up the depot with the "filesystem method", below. The only role of SSH in this case is that of a mechanism for reaching the remote repository. == The HTTPS method == The repository will be shared via a web server, which can also allow pushing. The security is handled by the web server. See the guide to [[PublishingRepositories|publishing repositories]] for some guidance. == The filesystem method == The idea here is to create a repository that is accessible by members of a certain user group. Multiple users will be able to access it if they belong to this group. The following steps apply to Unix-like operating systems: 1. Add a new group to `/etc/group`. The recommended method for accomplishing this varies from system to system, but the end result is a new line in `/etc/group` like the following: {{{ project:x:100001:alice,bob,charlie }}} Here, `project` is the name of the group. 2. Create a repository that's writable by that group: {{{ mkdir /home/mercurial/project cd /home/mercurial/project hg init chgrp project .hg .hg/* .hg/store/* chmod g+w .hg .hg/* .hg/store/* chmod g+s .hg .hg/store .hg/store/data }}} * The `chgrp` command marks the project as belonging to the `project` group. * The first `chmod` command marks the repository data writable by that group. * Finally, the second `chmod` command sets the 'setgid' bit on the project directories, which causes new files created in those directories to be marked as belonging to that group (rather than the user's default group). If you are using a version of Mercurial older than 1.0, it's important that each user's umask be set to `002` or something similar. If it's set to `022`, group write privileges will be masked off for files that users create, causing other users to be unable to modify them. You can change the default umask for a user by editing their `~/.profile` and adding the line... |
Line 23: | Line 60: |
project-x:x:100001:alice,bob,charlie | umask 002 }}} |
Line 25: | Line 63: |
}}} Then, we create a repository that's writable by that group: |
Alternatively, you can edit `/etc/profile` to change the system-wide settings. Changing the `/etc/profile` will not work if people check in stuff with the `hg` command, as that file isn't read by non-interactive shells, `/etc/bash.bashrc` is a better place to put the system-wide settings. |
Line 28: | Line 65: |
{{{ mkdir /home/mercurial/project-x cd /home/mercurial/project-x hg init chgrp project-x .hg .hg/* chmod g+w .hg .hg/* chmod g+s .hg .hg/data }}} The chgrp command marks the project as belonging to the project-x group. The first chmod command marks the repository data writable by that group. And finally, the second chmod command sets the 'setgid' bit on the project directories, which causes new files created in those directories to be marked as belonging to that group (rather than the user's default group). Next, it's important that each user's umask be set to 002 or something similar. If it's set to 022, group write privileges will be masked off for files that users create, causing other users to be unable to modify them. |
Otherwise since Mercurial 1.0, the default permission is inherited from `.hg/store`. |
Line 46: | Line 70: |
hg clone /home/mercurial/project-x cd project-x |
hg clone /home/mercurial/project cd project |
Line 50: | Line 74: |
hg push /home/mercurial/project-x |
hg push /home/mercurial/project |
Line 54: | Line 76: |
== The SSH method == Rather than bother with UNIX permissions, shared filesystem, etc., you can instead create a repository that's reachable by SSH. The typical way to do this is to create a special account for that project, create the project under that account, then provide each user with an SSH key that's authorized to use that account. See http://www.kitenet.net/~joey/sshcvs/ for the general setup details. == The HTTPS method == This is not yet implemented, but the plan is to allow push over HTTPS with an internal authentication scheme. This will bypass both the need to manage UNIX groups and permissions, and the need to do special SSH setup. |
|
Line 68: | Line 83: |
Line 70: | Line 84: |
This means you should pull the latest changes from project-x before pushing. | This means you should pull the latest changes from `project` before pushing. |
Line 76: | Line 90: |
}}} This means you've probably forgotten to merge changes you've pulled with the changes you're trying to push. |
|
Line 77: | Line 93: |
}}} This means you've probably forgotten merge changes you've pulled with the changes you're trying to push. |
As always, [[SyncEarlySyncOften|sync early, sync often]]! |
Line 80: | Line 95: |
As always, SyncEarlySyncOften. {{{ |
---- CategoryHowTo CategoryTutorial |
How To Handle Multiple Committers
The traditional CVS-like model allows multiple different users to commit to the main repository. Indeed, it's about the only way to do things.
But in Mercurial, in some sense there is no 'main' repository. Users each have their own private repository to commit to and they can pull commits in from other users. This is rather drastically different than the CVS model and it has a number of advantages:
- it's easier to review the work that's being pulled in before merging
- it's easier to time or reorder merges for testing or deployment
- no concept of permissions is needed
- everything is atomic, no need to wait for locks
It is, of course, also possible to push as well as pull, though this is generally used to publish changes in a public place.
However, it is possible (though not recommended) to set up Mercurial to allow multiple users to push to a single repository. This allows Mercurial to be used in a more CVS-like fashion. Below are a couple possible approaches.
1. The shared SSH method
The typical way to create an SSH-reachable repository is to create a special account for that project, create the project under that account, then provide each user with an SSH key that's authorized to use that account. See the guide to shared SSH for general setup details.
Another way to use SSH is just to provide regular SSH access and set up the depot with the "filesystem method", below. The only role of SSH in this case is that of a mechanism for reaching the remote repository.
2. The HTTPS method
The repository will be shared via a web server, which can also allow pushing. The security is handled by the web server. See the guide to publishing repositories for some guidance.
3. The filesystem method
The idea here is to create a repository that is accessible by members of a certain user group. Multiple users will be able to access it if they belong to this group.
The following steps apply to Unix-like operating systems:
Add a new group to /etc/group. The recommended method for accomplishing this varies from system to system, but the end result is a new line in /etc/group like the following:
project:x:100001:alice,bob,charlie
Here, project is the name of the group.
- Create a repository that's writable by that group:
mkdir /home/mercurial/project cd /home/mercurial/project hg init chgrp project .hg .hg/* .hg/store/* chmod g+w .hg .hg/* .hg/store/* chmod g+s .hg .hg/store .hg/store/data
The chgrp command marks the project as belonging to the project group.
The first chmod command marks the repository data writable by that group.
Finally, the second chmod command sets the 'setgid' bit on the project directories, which causes new files created in those directories to be marked as belonging to that group (rather than the user's default group).
If you are using a version of Mercurial older than 1.0, it's important that each user's umask be set to 002 or something similar. If it's set to 022, group write privileges will be masked off for files that users create, causing other users to be unable to modify them.
You can change the default umask for a user by editing their ~/.profile and adding the line...
umask 002
Alternatively, you can edit /etc/profile to change the system-wide settings. Changing the /etc/profile will not work if people check in stuff with the hg command, as that file isn't read by non-interactive shells, /etc/bash.bashrc is a better place to put the system-wide settings.
Otherwise since Mercurial 1.0, the default permission is inherited from .hg/store.
Now you're ready to go:
hg clone /home/mercurial/project cd project [make changes] hg commit hg push /home/mercurial/project
4. Keeping in sync
You may sometimes get a warning like this when you push:
abort: unsynced remote changes!
This means you should pull the latest changes from project before pushing.
You may also get a warning like this:
abort: push creates new remote branches!
This means you've probably forgotten to merge changes you've pulled with the changes you're trying to push.
As always, sync early, sync often!