[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: group permissions on parts of a module

From: Mark D. Baushke
Subject: Re: group permissions on parts of a module
Date: Thu, 05 Aug 2004 07:49:35 -0700

Hash: SHA1

Joseph Shraibman <address@hidden> writes:

> > Joseph Shraibman <address@hidden> writes:
> > 
> > 
> >>... Now the problem is that checkouts of
> >>certain files are failing because "Permission
> >>denied". These files are owned by a group that
> >>the user is a member of, but not the default
> >>group. Is there any way to get cvs to be smart
> >>about this and change its own gid?
> > 
> > Most folks either use an operating system that
> > lets the parent directory be the default group
> > for newly created files
> That is not the problem. The files are set up
> the way I want them. The problem:

> There is user user1. There are groups group1 and
> group2. user1 is a member of both groups.
> There are some files in the cvs that are owned
> by group1. There are some that are owned by
> group2. But when I do a checkout I get errors
> for the files that are owned by group2.

Then either you should not be allowed to checkout
those files owned by group2, or you are mistaken
that everything is setup the way you want them.

> > I suppose another way around it would be to
> > run the cvs executable on your server as a
> > set-gid process. I don't recommend it unless
> > you know what you are doing.
> That would defeat the purpose of making the
> files have group ownership.

My point is that the files should never have a
group ownership that does not match the directory
in which the file resides.

If you are doing something very tricky, you may
need to use a LockDir= directive to allow
checkouts of files that some users may not commit
to. The LockDir directory gets a group membership
for all of the directories that anyone may use to
checkout all of the files in a particular
directory that is permitted while letting the
repository use a different group for commit

        -- Mark
Version: GnuPG v1.2.3 (FreeBSD)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]