Re: group permissions on parts of a module

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: group permissions on parts of a module

From:	Mark D. Baushke
Subject:	Re: group permissions on parts of a module
Date:	Thu, 05 Aug 2004 07:49:35 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Joseph Shraibman <address@hidden> writes:

> > Joseph Shraibman <address@hidden> writes:
> > 
> > 
> >>... Now the problem is that checkouts of
> >>certain files are failing because "Permission
> >>denied". These files are owned by a group that
> >>the user is a member of, but not the default
> >>group. Is there any way to get cvs to be smart
> >>about this and change its own gid?
> > 
> > Most folks either use an operating system that
> > lets the parent directory be the default group
> > for newly created files
> 
> That is not the problem. The files are set up
> the way I want them. The problem:

> There is user user1. There are groups group1 and
> group2. user1 is a member of both groups.
> 
> There are some files in the cvs that are owned
> by group1. There are some that are owned by
> group2. But when I do a checkout I get errors
> for the files that are owned by group2.

Then either you should not be allowed to checkout
those files owned by group2, or you are mistaken
that everything is setup the way you want them.

> > I suppose another way around it would be to
> > run the cvs executable on your server as a
> > set-gid process. I don't recommend it unless
> > you know what you are doing.
> 
> That would defeat the purpose of making the
> files have group ownership.

My point is that the files should never have a
group ownership that does not match the directory
in which the file resides.

If you are doing something very tricky, you may
need to use a LockDir= directive to allow
checkouts of files that some users may not commit
to. The LockDir directory gets a group membership
for all of the directories that anyone may use to
checkout all of the files in a particular
directory that is permitted while letting the
repository use a different group for commit
updates.

        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFBEkj/3x41pRYZE/gRAsYlAJ9QUgQVocbTXlPAw3/2N9ef4KG3hwCfUuJ1
COFTwms64sznZVyMGqays6A=
=EqlN
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

group permissions on parts of a module, Joseph Shraibman, 2004/08/03
- Re: group permissions on parts of a module, Larry Jones, 2004/08/04
- Re: group permissions on parts of a module, Joseph Shraibman, 2004/08/04
  - Re: group permissions on parts of a module, Larry Jones, 2004/08/05
- Re: group permissions on parts of a module, Joseph Shraibman, 2004/08/05
  - Re: group permissions on parts of a module, Mark D. Baushke, 2004/08/05
    - Re: group permissions on parts of a module, Frederic Brehm, 2004/08/05
    - Message not available
    - Re: group permissions on parts of a module, Mark D. Baushke <=
  - Re: group permissions on parts of a module, Todd Denniston, 2004/08/05
  - Message not available
    - Re: group permissions on parts of a module, Joseph Shraibman, 2004/08/05

Prev by Date: Re: group permissions on parts of a module
Next by Date: Re: group permissions on parts of a module
Previous by thread: Re: group permissions on parts of a module
Next by thread: Re: group permissions on parts of a module
Index(es):
- Date
- Thread