[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: how to implement user level security in cvs ?

From: Noel Yap
Subject: Re: how to implement user level security in cvs ?
Date: Fri, 17 May 2002 05:57:07 -0700 (PDT)

--- Muhammad Shakeel
<address@hidden> wrote:
> Thanks for your reply. I implemented a ACL on a
> folder in my repository, 
> when some one checkin in this folder, loginfo
> execute the script and 
> refreshes the whole ACL recursively  in that folder.
> But when  a user 
> who is not the owner of the files in repository
> (Although he has rwx 
> permissions), check in a file the script on its
> execution gives an error 
> message :
> not a owner of the file/folder.

First, reread _carefully_ my prior email.  It has a
lot of information packed into it.

Recursively resetting the ACLs is extremely time
consuming and may break something (eg if you have some
subdirectory with more ACLs on it).

> It means scripts with loginfo execute with the
> permission of that user 
> who is checking in.
> To  add or modify a ACL, some one should be the
> owner of the ACL.
> It means script failded at that point.

All this is correct.  Keep in mind, though, that when
a user checks in a file, a brand new archive is
created that is owned by that user.  The same goes for
new directories.  This means that users can set
permissions on newly checked in files and new

> Instead of above script, If in another script if i
> try to copy the ACL 
> of a parent folder to the newly  created folder in
> that folder, then how 
> to send its paths of bothe folder from loginfo to
> the script in the 
> arguments ?

You should be able to derive the parent directory from
the new element's name (ie use dirname).  IIRC, it's
the new element's name that's passed into loginfo

> Instead of using script to refresh the whole ACL or
> copy the ACL. I also 
> implement the default ACL at the start to a folder.
> But
> Default ACL permission also do not reflect all the
> ACL in the new folder 
> created  within that folder.

Again, please reread my prior email.  Permissions
between directories and files will tend to need to be
different (directories need to be executable and
writable, files need not be).  To reiterate (and put
it more strongly), DO NOT USE DEFAULT ACL'S.

> Please help to proceed. It seems i am stuck again.

Reread and memorize my prior email.  I haven't been
able to look for my loginfo script.  I'll try to do it


Do You Yahoo!?
LAUNCH - Your Yahoo! Music Experience

reply via email to

[Prev in Thread] Current Thread [Next in Thread]