On Fri, Jan 27, 2023 at 5:39 PM RjOllos <
rjo...@gmail.com> wrote:
>
> On Friday, January 27, 2023 at 9:20:47 AM UTC-8
dim...@gmail.com wrote:
> our no longer really maintained, but actively used, trac installation
>
https://trac.sagemath.org/ is in the process of migrating to another platform.
> However, we'd like to keep it up in a read-only form.
> It's running Trac 1.2 - yes, severe shortage of hands to maintain it
>
> I'm looking for an advice on how to achieve this with minimal intervention,
> hopefully easily reversible (if migration process will need to be rescheduled
> we'd like to resume using trac for a while).
> Ideally, I'd like to do so just by modifying trac.ini
>
> Read-only can be achieved by revoking permissions. For the most part, just leave _VIEW permissions for standard users. You can set up permissions groups and continue to allow other users to have write access, such as admins, if you'd like.
>
https://trac.edgewall.org/wiki/TracPermissions
unfortunately it's got rather misconfigured at some point:
--------------------------------------------------------------------------
$ sudo trac-admin /srv/trac/sage_trac permission list
Error: Failed to clone gitolite-admin repository: Cloning into
'/srv/trac/sage_trac/gitolite-admin'...
fatal: 'gitolite-admin' does not appear to be a git repository
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
----------------------------------------------------------------------------
or even
$ sudo trac-admin /srv/trac/sage_trac
Welcome to trac-admin 1.2
Interactive Trac administration console.
Copyright (C) 2003-2013 Edgewall Software
Type: '?' or 'help' for help on commands.
Trac [/srv/trac/sage_trac]> help
trac-admin - The Trac Administration Console 1.2
TracError: Failed to clone gitolite-admin repository: Cloning into
'/srv/trac/sage_trac/gitolite-admin'...
fatal: 'gitolite-admin' does not appear to be a git repository
fatal: Could not read from remote repository.
Please make sure you have the correct access rights
and the repository exists.
Trac [/srv/trac/sage_trac]>
---------------------------------------------------
I have no idea why trac-admin wants to clone (!) this repo - and I
don't understand where it even gets
" gitolite-admin" (we do have a repository on the host, with this
name, containing ssh keys of users).
Is it a hack hardcoded somewhere? Or it's somehow parsing the directory tree?
I think what we're running a standard Trac package on Ubuntu 18.04:
https://packages.ubuntu.com/source/bionic/trac
(that was an update of some older hand-installed version in /usr/local)
>
> The permissions are stored in the database. You may want to screen-capture your current permissions and groups before making any changes, so you can return to it later if needed.
Well, as I can't use trac-admin (and there is no web admin interface
on on my account, not sure whether without
a working trac-admin it's possible to bring it up) my current plan is to
1) disable tracext.github.githubloginmodule in trac.ini (we allow
GitHub-authenticated users access to tickets and git tree)
2) point htdigest_file in trac.ini to a file without any actual passwords
I suppose 1)+2) should make tickets effectively read-only.
To make git tree read-only, one apparently still needs to disable ssh
authentication,
and I can't think of anything less intrusive than
3) removing all the ssh keys uploaded and stored
in the said gitolite-admin git repo (I can push there, and it appears
to effect changes)
>
> Let us know if you need any additional pointers.
In trac.ini there is a section
[sage_trac]
cgit_host =
git.sagemath.org
cgit_repository = sage.git
github_url =
https://github.com/sagemath/sagetrac-mirror
....
which seems to describe the local confg (all these values make perfect sense)
- bit I can't seem to find any docs on this.
And if you could tell me how this "git clone" thing can be avoided, so
that trac-admin becomes usable...
Dima
>
> Ryan
>
> --
> You received this message because you are subscribed to a topic in the Google Groups "Trac Users" group.
> To unsubscribe from this topic, visit
https://groups.google.com/d/topic/trac-users/C_ZFXu39jN4/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
trac-users+...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/trac-users/f7ca7db0-c6af-489a-8816-c0c8e8715e9cn%40googlegroups.com.