file ownership in the repository

[Bogus User]

I'm setting up a cvs repository on a Linux machine for multiple developers 
and have been reading through a lot of the documentation about how to set up 
security for the repository.

The best behavior I've found so far is the "pserver" method.  I can create a 
user on the system that is just used for controlling the repository, for 
example cvsuser, and then set the CVSROOT/password file to be something like

user1:XXXX:cvsuser
user2:XXXX:cvsuser

What I like about this is that any CVS operation that one of the users does 
will be proxied as cvsuser. The problem with this method is that there's no 
good way for a user to change their password.  They have to somehow get the 
administrator to paste the encrypted version of their password into the 
CVSROOT/passwd file.

To get around this, I thought maybe I could create system accounts for the 
users, having them all be a member of some common cvs group, and setting the 
permissions on the repository to allow write access  for that group.

The problem I've run into with this is that when a user creates a directory 
in the repository, it isn't owned by the cvs group, it's owned by the user's 
main group.  When another developer tries to extract the files, they get 
permission denied.

Is there a way to do this?  Can I use the system accounts for 
authentication, but still proxy the cvs operations?

Thanks.

_________________________________________________________________
Protect your PC - get McAfee.com VirusScan Online  
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963