info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cvs over ext


From: Mark D. Baushke
Subject: Re: cvs over ext
Date: Tue, 13 Sep 2005 10:14:56 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Manish,

I have CC'd my reply to address@hidden Other
folks may learn from these interactions. All
future 'private' e-mail questions will only be
answered in this manner, so get used to sending
them to the list rather than to me personally.

1) The :ext: method does NOT use 'login' which is
only a :pserver: command. 

If you are using the commands and let :ext: via
'ssh', then the 'ssh' command contacts the sshd
command on your CVS server to do the 'login'
functionality on the server for you.

2) You should NOT try to use 'root' as the userid
for doing any activity with the repository. That 
userid is specificly restricted from using CVS.

I do not use CVSNT, or WinCVS, but I do know it is
possible to specify that you are to use either an
:ext: or :extssh: method for connection. Read
how to set that up if you are going to be using a
windows client in the wincvs documentation.

I urge you to contact them via the methods
suggested by http://www.cvsnt.org/

3) IGNORE the entire existance of /etc/xinetd. 

xinetd is only for dealing with connections to the
server over the cvspserver port (which defaults to
port 2401). The entire :pserver: protocol does
authentication differently and needs to execute
a 'login' command and save the password in the
clients .cvspass file.

If you intend to use 'write proxy', you should
stop using :pserver: completely.

This is because the suggested methods of using
rsync presume that you will be running an ssh
connection from your primary CVS server to your
secondary CVS server as the user doing the commit
to update the secondary. This assumes that the
primary is able to make use of ssh-agent to get
the appropraite credentials to ssh to the
secondary machine. If you are using :pserver:,
then you will likely not be able to update your
secondary in the suggested manner. Also, :pserver:
would only be possible to the primary CVS server.

:ext: does NOT use CVSROOT/readers

:ext: does NOT use CVSROOT/passwd

:ext: does NOT use CVSROOT/writers

If you are assuming that you are able to somehow
map the root user to specific users, you will find
this is not possible using :ext: mode. Instead,
you will need to have the accounting system able
to accept login connections via sshd to all of
your CVS users.

4) It is a bad idea to use IP addresses in
CVSROOT. Use hostnames instead. It is much
easier on your users.

        -- Mark

manish popli <address@hidden> writes:

> 
> Hi Mark,
> I m agreed that we had long conversation thanks for
> all that but still i am in problem..i did that all
> address@hidden CVSROOT]#
> CVSROOT=:ext:164.164.128.13/home/cvs/fioranodev
> address@hidden CVSROOT]# export CVSROOT

Problem. User 'root' is not normally allowed to
do cvs commits unless you do special configurations
when you build the executable. Use real userids.

Warning. Do NOT use IP addresses.

> address@hidden CVSROOT]# cvs -t version
>   -> main: Session ID is 14df4326c57e4567
>   -> main loop with CVSROOT=/home/cvs/fioranodev
> Client: Concurrent Versions System (CVS) 1.12.12
> (client/server)
>   -> open_connection_to_server
> (:ext:164.164.128.13/home/cvs/fioranodev)
>  -> Starting server: ssh 164.164.128.13 cvs server 
> address@hidden's password: 
> S -> do_cvs_command (version)
> S -> server_notify()
> Server: Concurrent Versions System (CVS) 1.12.12
> (client/server)
>   -> close_connection_to_server ()
> S -> Lock_Cleanup()
> S -> Simple_Lock_Cleanup()
> S -> server_cleanup()

The above command indicates that you should be able
to do checkouts from the 164.164.128.13 system. You
will NOT be able to do checkins as user root.

> 
> after that i tryed with this sommand but same error i
> m facing.........
> address@hidden CVSROOT]# cvs
> -d:ext:address@hidden:/home/cvs/fioranodev
> login

DO NOT USE THE 'cvs login' command unless you are
using :pserver: and given that you are attempting
to use the :ext: method, this command should be
skipped completely.

> cvs login: can only use `login' command with the
> 'pserver' method
> cvs [login aborted]: CVSROOT:
> :ext:address@hidden:/home/cvs/fioranodev

The error message is correct and tells you exactly
what the problem is.

> well i have configured it for putty also with the
> guidence of this
> site...www.bsdconsulting.no/wincvs-ssh
> ...but still i m not able to connect it from Wincvs
> even though you can see when i run command on the
> server its not accepting connection with ext
> authontication...can you tell me where i am wrong...

If you are using 'root' as your user, that is a
big problem. You should run the 'cvs version' test
using a non-root user to see if that much works.

> Through this way i have configured my cvs server..
> I m using CVS 1.12.12 on red hat enterprise linux
> server..i have installed
> it like
> #./configure
> #make check 
> #make install

Stop here. An xinetd file is there to help you
setup a :pserver: connection. You do NOT want to
use that any further.

> and my /etc/xinetd file is like....
> 
> service cvspserver
> {
>         disable          = no
>         id               = cvspserver
>         env              = HOME=/home/cvs
>         socket_type      = stream
>         protocol         = tcp
>         port             = 2401
>         wait             = no
>         user             = root
>         passenv          = PATH
>         server           = /usr/bin/cvs
>         server_args      = -f
> --allow-root=/home/cvs/fiorano --allow-root=/home/cvs
> --allow-root=/home/cvs/fioranoesb
> --allow-root=/home/cvs/fioranodev pserver
> }
> includedir /etc/xinetd.d
> 
> and then i extrect my backup file for cvs server..

What is 'extrect' ?

        -- Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFDJwkQCg7APGsDnFERAqiqAJ43VsEX3u3Un5HaVCgkhvnsHvJ+eACfd7iV
4YxB0eEMyZ/q9NiZu9NP79A=
=je20
-----END PGP SIGNATURE-----




reply via email to

[Prev in Thread] Current Thread [Next in Thread]