Re: cvs pserver not listening on port 2401

[Mark D. Baushke]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Tom Copeland <address@hidden> writes:

> On Thu, 2004-07-08 at 10:53, Mark D. Baushke wrote:
> > The cvs executable itself is not intended to be a long-running daemon.
> 
> That's something I've wondered about... since cvs is run under xinetd,
> the 500 KB binary gets loaded into memory each time a command comes in. 

I suspect the size and how many pages of the program may be shared among
processes will depend on your hardware and operating system.

> Has anyone given a shot at writing some front-end code to let cvs stay
> in memory and serve up requests?  

There are multiple 'front-end' programs for cvs. Two of the most popular
are named xinetd and inetd.

As for your suggestion that cvs run as a long-lived daemon, it is not
written securly enough for that (honestly, it would need a redesign and
reimplementation to be even close to safe running as 'root' most of the
time, that rewrite is called 'svn' and may be fetched from
subversion.tigris.org) and in any case as it needs to protect ownership
and group permissions, so all of the work after the initial connection
would need to be handed to a forked copy of itself that changed
permissions in any case which would have to switch users and 'lose' its
ability to do the right thing with future connections without a lot of
redesign.

Of course, I admit that I would personally rather see :pserver: code
dropped entirely from cvs as I do not consider it safe to operate a
server in pserver mode. In my opinion, cvs should operate without trying
to do user authentication and primary access control should be handled
by the operating system on which cvs is running... so I may be a bit
biased on the subject of this thread.

        Enjoy!
        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD4DBQFA7Yh83x41pRYZE/gRAmrXAKC9cvfMXCqTZtCJm0kqU4gelYx61gCY8ZMi
azHbSOcnBdXQzEAZoLVw/w==
=duDF
-----END PGP SIGNATURE-----