On Wed, Jan 13, 2021 at 03:18:55PM -0800, Kevin Fenzi wrote: > On Wed, Jan 13, 2021 at 05:20:16PM -0500, Matthew Miller wrote: > > On Wed, Jan 13, 2021 at 02:12:30PM -0800, Kevin Fenzi wrote: > > > Yes, tokens. Kerberos is not very feasable due to various constraints. > > > > I'm curious what the constraints are. > > Currently the reason ssh works is because users in the packager group > have actual, real, full accounts on the server. I'm not sure why it is a problem. I would even call it more secure because an operating system checking the file permissions will prevent a nefarious user from touching other's repositories. > So, then it becomes what pagure can support, and it has no Kerberos > support. It could be added I suppose, but it doesn't exist at all > currently. > I would not target to be-decommisioned Pagure. -- Petr
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ packaging mailing list -- packaging@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to packaging-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/packaging@xxxxxxxxxxxxxxxxxxxxxxx
