tags:

views:

305

answers:

2
+2  Q: 

handling login in an automated backup script

I need to write a shell script to be scheduled to run daily to backup a directory using mercurial. I have got most of the use cases done except I can figure out a way to do automated login while the script is running.

for REPOSITORY in $@ 
do
    cd $REPOSITORY

    # commit the changes
    hg commit -A -m "Commit changes `date`"

    # push the changes to the remote repository
    if hg push 
    then
        logger hg push success
    else
        logger hg push failure
    fi
done

the login prompt is displayed after the hg push command is issued.

+3  A: 

Mercurial allows you to put the username and password in the Repository URL:

hg push http://username:[email protected]/repo

If you don't want to put the URL on the command line you can edit the hgrc file for the local repository and put the username and password in the default-push URL:

default-push = http://username:[email protected]/repo

This means any hg push will use the username specified in the hgrc file.

Dave Webb  2009-05-08 09:13:13
what are the potential security risk by doing this?! sorry for being paranoid...
Jeffrey04  2009-05-11 01:44:28
Anyone who can read the file where you put the password - either th script or the hgrc - would have push access to the remote repository. They couldn't do permanent damage to your repository as you could always rollback any changes they sent but they could waste lots of your time and pollute the history of your source.
Dave Webb  2009-05-11 06:05:28
+5  A: 

I agree that you should configure your backup script for non-interactive logins. One way is to use SSH keys and a simpler solution is to include the password directly in the URL.

Mercurial 1.3 makes it much easier to include HTTP passwords in your configuration files. I now have a

[auth]
bb.prefix = https://bitbucket.org/mg/
bb.username = mg
bb.password = pw

section in my configuration file. This means that you can avoid storing your passwords in multiple files and only concentrate on securing one file.

In fact, I am using another new feature in order to avoid putting the password in ~/.hgrc, since I might want to show that file to others. Instead I have

%include .hgauth

in ~/.hgrc and ~/.hgauth has the above [auth] section and is readable by me alone.

Martin Geisler  2009-05-24 15:18:49

related questions

Downgrading from ClearCase to SVN/Mercurial
Using Mercurial, is there an easy way to diff my working copy with the tip file in the default remote repository
Can I commit only parts of my code using SVN or Mercurial?
Using mercurial, what's the easiest way to commit and push a single file while leaving other modifications alone?
Using mercurial's mq for managing local changes
How can I integrate a bitbucket repository with the hosted on-demand version of FogBugz?
Can Mercurial be integrated into VS2008?
What are some GUI clients available for Mercurial?
BitBucket or freeHg?
Setting Environment Variables for Mercurial Hook
What are the relative strengths and weaknesses of Git, Mercurial, and Bazaar?
Which is the most useful Mercurial hook for programming in a loosely connected team?
Kenai invites: where to get them?
How to repeatedly merge branches in Mercurial
Why is branching and merging easier in Mercurial than in Subversion?
How to use p4merge as the merge/diff tool for Mercurial?
HgTortoise in Vista 64-bit not showing the context menu
What is the Difference Between Mercurial and Git?
Mercurial .hgignore for Visual Studio 2008 projects
Good Mercurial repository viewer for Mac
Is there a bug/issue tracking system which integrates with Mercurial?
how to allow files starting with period and no extension in windows 2003 server?
Mercurial stuck "waiting for lock"
How to combine two projects in Mercurial?
What is a good Mercurial usage pattern for this setup?