|
Bots United start a Sourceforge project?
Maybe bots united should get a source forge project and host all the open source bots..
they have a free cvs so you guys won't lose track of your changes.. Anyone else think bots united should start a sourceforge project? |
Re: Bots United start a Sourceforge project?
I don't know... we have all the abilities needed to set up and maintain a CVS ourselves... and we'll soon need more than a CVS, if the United Bot project leaves the ground one day.
I reckon this is a good idea, but given the choice between CVS at SourceForge and CVS here, I'd prever CVS here :) |
Re: Bots United start a Sourceforge project?
One advantage of using sourceforge would be a more reliable hosting with better worldwide internet links.
@memed: Is there some kind of backup system in place for this server? |
Re: Bots United start a Sourceforge project?
I would prefer sourceforge, since we do not need to setup a cvs, we have nice hosting / mirrors for all files, a bugtracking system, task manager.
the only problem on sourceforge is the updating of download counters and counting cvs commits, but that's not a disadvantage at all I think. I'm pretty content with old joebot on sourceforge. |
Re: Bots United start a Sourceforge project?
ok, the backup here is n.p., Nova has ordered a 2nd hdd, and up to 2 GB of important data can be shadowed at my "spare" disk, which is raid1+5.
the uplink on this server is much better than a shared account at SF.net, no doubt about that. from other developers i heard they where leaving SF.net to go to berlios.de, which runs the same software as SF, but with less restrictions, more speed and some advanced features, so sf.net is IMHO no option, it's either to go with this server or berlios.de. the bugtracking is no question of software but of work, it soley depends on the will of the developers to spend time on bugzilla. there are other systems (e.g. mantis or QA director) but they do not lower the amount of time needed much.(atleast in my last company bugtracking broke down as the bug-hunter left the company) so for bug tracking we should think about alternative organisation, if, and only if, all agree, some sort of open system like a wiki might be good. e.g. bugs _must_ be filed with a testcase so that even a non insider can find the bug, by using the code and replaying the testcase. this way a speedy development could be encouraged. i have that for some gpl vdr-plugin i maintain, we have had 3 main developer changes this year, always speeding up the development, i.e. i have to make a pre release every week) just my 2cents |
Re: Bots United start a Sourceforge project?
I tend to agree with memed.
Keep things in own house. Gives the oportunity change what ever needed or desired. Ofcoars source forge does a great job. But doing it in house gives more "feeling" and "bonding" to the project. Makes ppl more at home as the "cold looking" sourceforge environment. ;) |
Re: Bots United start a Sourceforge project?
@memed:
At least for some time I could provide some remote backup at one of my servers. |
Re: Bots United start a Sourceforge project?
I agree with memed and Cpl. Shrike. Things look always better and more appealing, and people are more involved when the work and the means of the work are home-made and not relying on any external support.
|
Re: Bots United start a Sourceforge project?
oh, well i should clarify, that using the kind service from berlios.de would be a "good way (tm)", for me it's just that SF is too big, too many non-uptodate mirrors and quite some hassle. the features at berlios would save some work, on the other hand making it on our own could tie people more to the project.
cheers |
Re: Bots United start a Sourceforge project?
About the only people who will contribute to a bot related open source project will already know about Bots United, so I don't expect much disadvantage on holding the source in house. I can see advantages however as was expressed by others above, so I agree with the option of "in house" open source development if that's the right term for it
*edit* copied related post from mEAn forum to here I'd like to see BU build up a number of "in house" (but open to the public) bot related projects. There's a ton of code that PMB has behind him that could go into a repository here (if he chooses of course). There's the mEAn mod comming soon. There's the old JoeBot code at sourceforge - would it do better if located here? There's the POD bot 2.6 fix up project. etc etc We have a good number of very nice projects for a open source repository already! |
Re: Bots United start a Sourceforge project?
I agree with botmeister. Since not everybody in the Council seem to have the same preference, someone opens a poll in the moderators forum, so that we can decide quickly.
|
Re: Bots United start a Sourceforge project?
Another option:
Sourceforge system is opensource. Why dont we just run our ownm project management system ? Nova |
Re: Bots United start a Sourceforge project?
Quote:
|
Re: Bots United start a Sourceforge project?
so its up and running allready ?
cool 8) should we use ssh fowarding (perhaps with key authentication) instad of opening the port in the firewall ? |
Re: Bots United start a Sourceforge project?
Quote:
|
Re: Bots United start a Sourceforge project?
You can use CVS directly with SSH, there is no need for portforwarding.
For Linux you set an environment variable which replaces the default rsh command with the ssh command. For Windows this depends on the client... |
Re: Bots United start a Sourceforge project?
i know, but that includes a valid shell login, i thought of ssh2 key with strict permissions to only foward a certain port :-)
cheers memed ---- there are paranoid admins and stupid admins *g* |
Re: Bots United start a Sourceforge project?
You can't do that without logging in to the host. I'll try to explain:
The ssh protocol is an end-to-end protocol, only the connections between two authenticated and authorized hosts are encrypted. You can use ssh tunnels between those two hosts once you're in. These tunnels encrypt the traffic between those hosts bot not the traffic outside of these connections! And (at least with OpenSSH) you can't restrict which ports are allowed to be forwarded - you only can turn it on or off. What you could do would be to use stunnel instead of ssh. (www.stunnel.org) Use it to encrypt the pserver protocoll and block the direct access to the pserver port using iptables. The drawback of this is that the developers need iptables at their machines too - but that's not a big problem ;). |
Re: Bots United start a Sourceforge project?
*g* nice that you want to explain, but i think i know what i'm talking about ;)
Quote:
sounds not very different but in terms of security it's a key point. the portfw only user can not try local root exploits (e.g. do_brk ..) since he can not spawn a shell at all. stunnel is not as secure as ssh unless a real PKI is used, allthough it's probably the easier one to setup and security is very good allready. cheers memed from man sshd: [qoute] AUTHORIZED_KEYS FILE FORMAT $HOME/.ssh/authorized_keys is the default file that lists the public keys that are permitted for RSA authentication in protocol version 1 and for public key authentication (PubkeyAuthentication) in protocol version 2. AuthorizedKeysFile may be used to specify an alternative file. ... ... ... no-pty Prevents tty allocation (a request to allocate a pty will fail). permitopen="host:port" Limit local ``ssh -L'' port forwarding such that it may only con- nect to the specified host and port. IPv6 addresses can be spec- ified with an alternative syntax: host/port. Multiple permitopen options may be applied separated by commas. No pattern matching is performed on the specified hostnames, they must be literal domains or addresses. [/quote] |
Re: Bots United start a Sourceforge project?
GREAT DANGER: not having a pty doesn't prevent users from executing programs !!!
Test for yourself: ssh -v user@host /bin/bash But I've at least missed the permitopen="host:port" option, never noticed that before 9_9. But for a person with some skills this is no real limitation, he/she would simple install/use another forwarder... |
Re: Bots United start a Sourceforge project?
i know you wont get a login shell, we tried to use scp instead of ftp on this server and it failed because the login shell for ftp accounts is /bin/false.
this does work as expected, i should have said "allow login, but choose shell to be /bin/false". i'd rather have ftp open that allow ppl. to exec /bin/bash ;) PMB and me tried our "best" to break into the servers root account, but both failed, the ftp exploits as well as the local shell exploits, so as of feb 2004 i consider this server to be safe, realy safe ;) |
Re: Bots United start a Sourceforge project?
If you set the users shell to /bin/false you will not be able to use portforwarding as the connection is terminated immediately after login.
I still don't get how you want to make sure that the ssh service can only be used for this special purpose. It's simply not designed for this kind of application. You will always need some tools which will do the trick. What might be possible is giving the user a special restricted shell (e.g. rbash) which only allows the execution of some definable programs (in this case the cvs tools). But I havn't tested this for the use with cvs, maybe it's restrictions are to restrictive as e.g. cd is not allowed. One thing I've learned in the last 11 years as system administrator: The only secure system is one without any connections - including the power line. ;) |
Re: Bots United start a Sourceforge project?
nope, ssh2 has exactly those features build in, restriction to certain programs to be executed (and only those), or restriction to not login (login=request pty) but only do portforwarding.
i will do so and give you a test login ;) |
Re: Bots United start a Sourceforge project?
Ok, I'm looking forward how you solve those topics 8).
|
| All times are GMT +2. The time now is 00:00. |
Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.