[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cvs commit/up's change file ownership in working dir.

From: Steve deRosier
Subject: Re: cvs commit/up's change file ownership in working dir.
Date: Tue, 06 Jan 2004 09:06:31 -0800
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3.1) Gecko/20030428

Scenario: N system admins. they checkout a machine's configuration into
their private working directory. they all are not currently root (or I'll
shoot them) and so the files are all owned by them with whatever default
mode per standard (umask etc) procedure. They do their edits, check them
into the repository. Now when a process on the host goes to the respository
to fetch it's new/updated configuration files the perms of these Read-only
checked out files had BETTER have the right perms on them or the processes
that read them will fall over and die.

AFIK, CVS really doesn't support this type of operation, and in fact it would probably break normal usage. Perhaps some other versioning tool does, or you can use the various checkin hooks to modify the behavior.

If I was faced with this situation, I'd consider it a "build" issue. I'd have a make file in with these files, and my process (I'm assuming you've got some process that would be similar to a script running from cron?) would run a script that would do a checkout (as whatever user is aproprate, maybe give it a "valid" user with a home directory) or export, then run make on the Makefile. The Makefile would have whatever commands in it that are necessary to install the files:

.SUFFIXES: *.cf *.conf

        chown whoever $<
        chgrp wheel $<
        chmod 600 $<
        mv $< /etc/.

        chown whoever $<
        chgrp wheel $<
        chmod 600 $<
        mv $< /etc/.

This is only an example, write your own (not 100% if my syntax is correct even; security issues may be in above; check your permisions; etc...).

That's just how I'd do it if I was faced with the problem, but YMMV.

- Steve

reply via email to

[Prev in Thread] Current Thread [Next in Thread]