Require TUs to explicitly request to overwrite a pkgbase

AUR_PRIVILEGED allows people with privileged AUR accounts to evade the
block on non-fast-forward commits. While valid in this case, we should
not do so by default, since in at least one case a TU did this without
realizing there was an existing package.
( https://aur.archlinux.org/packages/rtmidi/ )

Switch to using allow_overwrite to check for destructive actions.
Use .ssh/config "SendEnv" on the TU's side and and sshd_config
"AcceptEnv" in the AUR server to specifically request overwrite access.
TUs should use: `AUR_OVERWRITE=1 git push --force`

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>

1 files changed, 1 insertions, 0 deletions

diff --git a/INSTALL b/INSTALL
index 8c9c4dd1..369e1e3f 100644
--- a/INSTALL
+++ b/INSTALL
@@ -76,6 +76,7 @@ read the instructions below.
         PasswordAuthentication no
         AuthorizedKeysCommand /usr/local/bin/aurweb-git-auth "%t" "%k"
         AuthorizedKeysCommandUser aur
+        AcceptEnv AUR_OVERWRITE
 
 9) If you want to enable smart HTTP support with nginx and fcgiwrap, you can
    use the following directives: