Re: "cvs server" accepts but ignored --allow-root

[Tim Riker]

Not sure how to do a test for this. src/sanity.sh does one rsh test, but 
I don't think you can alter the command it runs on the other end? I 
believe it does "cvs server" and I need it to do "cvs server 
--allow-root ${CVSROOT_DIRNAME}" which should work. Anything else like 
"cvs server --allow-root ${CVSROOT_DIRNAME}/foo" should get an error 
when the client tries to choose a different path.

The current state is that "cvs server --allow-root 
${CVSROOT_DIRNAME}/foo" _will_ allow setting the dirname to anything and 
will completely ignore the --allow-root without a warning or error message.

CVS_SERVER cannot contain arguments, correct? I suppose you could create 
a script like:

#!/bin/bash
exec cvs --allow-root /path/from/cvsroot_dirname $*

and then put the scriptname in CVS_SERVER?

Testing over rsh should work, but is kind of silly. I suppose an admin 
might provide a cvs wrapper as above and hide the real cvs binary. This 
really  is used with ssh authorized_keys as explained in the original 
message.

Derek Robert Price wrote:> Tim Riker wrote:
> > patch attached to enable handling --allow-server for "cvs server" use. 
> > It's against 1.11.1p1 as I added it to server running the older 
> > release, but it's trivial, so applying to 1.11.2 would be easy.
>
> Could you resubmit this patch with a test case and possibly 
> documentation, as per the HACKING file in the top level of the source 
> distribution?
>
> Thanks,
>
> Derek

--
Tim Riker - http://rikers.org/ - TimR@Debian.org
Lineo CTO - Tim@Lineo.com - http://www.Lineo.com/
BZFlag maintainer - http://BZFlag.org/ - for fun!