info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Upgrading cvs version


From: Riedel, Brian
Subject: RE: Upgrading cvs version
Date: Thu, 9 Feb 2006 12:52:50 -0600

 
I inherited this cvs repository with a really old version, and I would
like to upgrade to the latest version, but the SAs will not allow me to
change the old version, because it is owned by root, and is the default
when they installed the Linux version.  Are there instructions somewhere
on what steps you need to follow to bring down the old version of cvs,
and then change the install procedures to install into a different
directory, and then bring that version of cvs up without needing to
point to usr/bin/cvs?  Thanks 

-----Original Message-----
From: address@hidden
[mailto:address@hidden On
Behalf Of address@hidden
Sent: Thursday, February 09, 2006 12:25 PM
To: address@hidden
Subject: Info-cvs Digest, Vol 39, Issue 12

Send Info-cvs mailing list submissions to
        address@hidden

To subscribe or unsubscribe via the World Wide Web, visit
        http://lists.nongnu.org/mailman/listinfo/info-cvs
or, via email, send a message with subject or body 'help' to
        address@hidden

You can reach the person managing the list at
        address@hidden

When replying, please edit your Subject line so it is more specific than
"Re: Contents of Info-cvs digest..."


Today's Topics:

   1. Preventing Read Access to a File (Jake Colman)
   2. Re: Preventing Read Access to a File (address@hidden)
   3. RE: Preventing Read Access to a File (Arthur Barrett)
   4. RE: Preventing Read Access to a File (Wiest, Damian)
   5. Re: Preventing Read Access to a File (Paul Sander)
   6. Newbie: Troubleshooting Remote Login (address@hidden)
   7. RE: Newbie: Troubleshooting Remote Login (Arthur Barrett)
   8. [check out|read] control access feature (Francisco Yuste Garcia)
   9. Re: [check out|read] control access feature (Todd Denniston)
  10. Compare tags and include duplicates? (address@hidden)


----------------------------------------------------------------------

Message: 1
Date: Wed, 08 Feb 2006 09:25:59 -0500
From: Jake Colman <address@hidden>
Subject: Preventing Read Access to a File
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset=us-ascii


Can anyone suggest a method for restricting read access by specified
individuals to specific modules?  Using CVS' commitlog script I can
restrict users from committing to branches and/or modules.  But how can
I prevent them from even seeing it?

I don't think CVS, itself, can solve this for me.  Am I correct?

I've looked at the cvsacl project (a patch to CVS source code to support
file-based ACLs) but it appears to be dormant.  Also, the patch is three
point releases behind the current version.  Does anyone know anything
about this project?  Does anyone know why this patch never made it into
the mainline code?

Are any of the other CVS-compatible projects (e.g., CVSNT) an option?  I
need to keep the repository on Solaris so using NTFS ACLs is not a
solution.

Subversion does not directly support ACLs but might be able to help me
via WebDav and Apache.

Has anyone else faced this problem and found a way to solve it?  We have
been using CVS for this project for well over 10 years.  I'd love to
find a way to keep using it or to, at least, remain compatible with it.

Thanks!

...Jake

--
Jake Colman
Sr. Applications Developer
Principia Partners LLC
Harborside Financial Center
1001 Plaza Two
Jersey City, NJ 07311
(201) 209-2467
www.principiapartners.com





------------------------------

Message: 2
Date: 8 Feb 2006 14:12:49 -0800
From: address@hidden
Subject: Re: Preventing Read Access to a File
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset="iso-8859-1"

Jack,

Out of the box, these products do not allow finer control at the file
level. One can use the 'reader/'writer' file in CVS to control the
access to a module. However, this use only provide what your underlying
OS security level provides. One can only control the module level
access but not underlying directory/file level (because of group level
permission on the module level).

We faced the same problem that you are facing. We did not find a clean
solution with any of these product util now. Currently we are
evaluating WANDisco's product that allows active-active replication (as
we are a multi-site company) and provide ACL layer on top of CVS, CVSNT
and Subverion. Our requirement was with CVS only so we are evaluating
this product only. We did not have to change anything in CVS and the
user experience has not changed. However, we can control the
module/access to a directory/file level and grant no-access/read/write
permission. The user authentication is still done by the underlying
operating system but the access to a module/directory/file is done by
WANDisco before the the command is passed to CVS server. We have seen
performance improvements over the WAN for repository access due to
their underlying replication.

I can provide you more details as we are almost done with the
evaluation and ready to submit my report to my management.

-- Laura



------------------------------

Message: 3
Date: Thu, 9 Feb 2006 10:43:27 +1100
From: "Arthur Barrett" <address@hidden>
Subject: RE: Preventing Read Access to a File
To: "Jake Colman" <address@hidden>,     <address@hidden>
Message-ID:
        
<address@hidden>
Content-Type: text/plain;       charset="us-ascii"

Jake,

>Are any of the other CVS-compatible projects 
>(e.g., CVSNT) an option?  I need to keep 
>the repository on Solaris so using NTFS ACLs 
>is not a solution.

Yes - CVSNT is free/GPL and has binaries available for Solaris and has
ACLs.  The CVSNT ACL's are not NTFS based - they are integral to the
CVSNT server:
http://www.cvsnt.org/manual/html/chacl.html
http://www.cvsnt.org/manual/html/chown.html
http://www.cvsnt.org/manual/html/lsacl.html
http://www.cvsnt.org/manual/html/rchacl.html
http://www.cvsnt.org/manual/html/rchown.html

Also CVSNT has Audit, Merge Tracking, Change Sets, Lock Server, supports
unreserved and reserved edits, you can remove "insecure" protocols,
enforce compression/encryption, Unicode filenames/diff/merge, efficient
binary storage as well as plugins for shadow-directories, e-mail and
more...  All for free/GPL...

If you are interested in CVSNT please contact the CVSNT newsgroup:
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
or
news://news.cvsnt.org/support.cvsnt

Please read this FAQ before submitting a support request:
http://march-hare.com/cvspro/faq/faq2.asp#2z

Regards,



Arthur Barrett




------------------------------

Message: 4
Date: Wed, 8 Feb 2006 17:29:21 -0600 
From: "Wiest, Damian" <address@hidden>
Subject: RE: Preventing Read Access to a File
To: 'Jake Colman' <address@hidden>, address@hidden
Message-ID:
        <address@hidden>
Content-Type: text/plain

Jake,

Why not just use the UNIX group permissions system?  One downside is
that,
depending on your policy, users may have to remember to issue the
newgrp(1)
command.

-Damian

> -----Original Message-----
> From: Jake Colman [mailto:address@hidden 
> Sent: Wednesday, February 08, 2006 8:26 AM
> To: address@hidden
> Subject: Preventing Read Access to a File
> 
> 
> 
> Can anyone suggest a method for restricting read access by 
> specified individuals to specific modules?  Using CVS' 
> commitlog script I can restrict users from committing to 
> branches and/or modules.  But how can I prevent them from 
> even seeing it?
> 
> I don't think CVS, itself, can solve this for me.  Am I correct?
> 
> I've looked at the cvsacl project (a patch to CVS source code 
> to support file-based ACLs) but it appears to be dormant.  
> Also, the patch is three point releases behind the current 
> version.  Does anyone know anything about this project?  Does 
> anyone know why this patch never made it into the mainline code?
> 
> Are any of the other CVS-compatible projects (e.g., CVSNT) an 
> option?  I need to keep the repository on Solaris so using 
> NTFS ACLs is not a solution.
> 
> Subversion does not directly support ACLs but might be able 
> to help me via WebDav and Apache.
> 
> Has anyone else faced this problem and found a way to solve 
> it?  We have been using CVS for this project for well over 10 
> years.  I'd love to find a way to keep using it or to, at 
> least, remain compatible with it.
> 
> Thanks!
> 
> ...Jake
> 
> -- 
> Jake Colman
> Sr. Applications Developer
> Principia Partners LLC
> Harborside Financial Center
> 1001 Plaza Two
> Jersey City, NJ 07311
> (201) 209-2467
> www.principiapartners.com
> 
> 
> 
> _______________________________________________
> Info-cvs mailing list
> address@hidden http://lists.nongnu.org/mailman/listinfo/info-cvs
> 




------------------------------

Message: 5
Date: Wed, 8 Feb 2006 20:47:41 -0800
From: Paul Sander <address@hidden>
Subject: Re: Preventing Read Access to a File
To: "Wiest, Damian" <address@hidden>
Cc: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset=US-ASCII; format=flowed

Unfortunately, the newgrp command isn't available on many system, 
particularly BSD-based systems that don't have one of the popular 
shadow password packages installed.  Re-introduction as a native 
utility does not seem to be a priority.

On Feb 8, 2006, at 3:29 PM, Wiest, Damian wrote:

> Why not just use the UNIX group permissions system?  One downside is 
> that,
> depending on your policy, users may have to remember to issue the 
> newgrp(1)
> command.

--
Paul Sander       | "When a true genius appears in the world, you may
address@hidden | know him by this sign:  that all the dunces are in
                   | confederacy against him."  -- Jonathan Swift, 
writer.





------------------------------

Message: 6
Date: 8 Feb 2006 21:49:44 -0800
From: address@hidden
Subject: Newbie: Troubleshooting Remote Login
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset="iso-8859-1"

Hi,
So basically, I'm trying to setup a CVS repository for my group. I have
added myself as a user and a password - the command i used was the
following:

set CVSROOT=:sspi:******.*****.****.***:/TEST
cvs passwd -r user -a user


Then it prompted for password twice which i entered


Now when I try remote login to that cvs repository using the following
commands
set CVSROOT=:sspi:address@hidden:2401:/TEST
cvs login


and then it asks for my password which ive entered. But then it keeps
timing out on me for no apparent reason. My friend added himself in
similar fashion and when he tries to login remotely, it times out on
him too. Please help!



------------------------------

Message: 7
Date: Thu, 9 Feb 2006 19:07:53 +1100
From: "Arthur Barrett" <address@hidden>
Subject: RE: Newbie: Troubleshooting Remote Login
To: <address@hidden>,   <address@hidden>
Message-ID:
        
<address@hidden>
Content-Type: text/plain;       charset="us-ascii"


If you are using the SSPI protocol then you are using CVSNT, so ask on
the CVSNT newsgroup:
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
or
news://news.cvsnt.org/support.cvsnt

Please read this FAQ before submitting a support request:
http://march-hare.com/cvspro/faq/faq2.asp#2z

Regards,


Arthur

-----Original Message-----
From: address@hidden
[mailto:address@hidden On
Behalf Of address@hidden
Sent: 09 February 2006 16:50
To: address@hidden
Subject: Newbie: Troubleshooting Remote Login


Hi,
So basically, I'm trying to setup a CVS repository for my group. I have
added myself as a user and a password - the command i used was the
following:

set CVSROOT=:sspi:******.*****.****.***:/TEST
cvs passwd -r user -a user


Then it prompted for password twice which i entered


Now when I try remote login to that cvs repository using the following
commands set CVSROOT=:sspi:address@hidden:2401:/TEST
cvs login


and then it asks for my password which ive entered. But then it keeps
timing out on me for no apparent reason. My friend added himself in
similar fashion and when he tries to login remotely, it times out on him
too. Please help!

_______________________________________________
Info-cvs mailing list
address@hidden http://lists.nongnu.org/mailman/listinfo/info-cvs




------------------------------

Message: 8
Date: Thu, 09 Feb 2006 12:15:43 +0100
From: Francisco Yuste Garcia <address@hidden>
Subject: [check out|read] control access feature
To: address@hidden,  address@hidden
Message-ID: <address@hidden>
Keywords: CERN SpamKiller Note: -49 Charset: west-latin
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

        Dear CVS/SUBVERSION users & developers, 

        We provide Central CVS services for hundreds of software
projects
at CERN[1].

        Some of our CVS users would like to have a way to prevent read
access to their CVS repository by developers working on other CVS
projects
hosted in our CVS services.

        Though most of the software projects we host are open source, 
still we have few which contain sensitive files.

        We were looking for an already implemented solution in CVS or 
SUBVERSION for this feature. Does it exist?

        Thank you very much for your attention.
        Cordial greetings; Fran.

[1] http://cern.ch/cvs

-- 
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Francisco Yuste Garcia    mailto:address@hidden
  CERN  Dept. IT/DES        Phone  : +41 22 767 95 38
  Blg. 31-3-031             CH-1211 Geneva 23, Switzerland   

  System Infrastructure Services
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





------------------------------

Message: 9
Date: Thu, 09 Feb 2006 09:10:57 -0500
From: Todd Denniston <address@hidden>
Subject: Re: [check out|read] control access feature
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Francisco Yuste Garcia wrote:
>     Dear CVS/SUBVERSION users & developers,
>     We provide Central CVS services for hundreds of software projects
> at CERN[1].
> 
>     Some of our CVS users would like to have a way to prevent read
> access to their CVS repository by developers working on other CVS
projects
> hosted in our CVS services.
> 

If it is only devs on other projects they are having problems with, then
you 
can control access (both read and write) with file system permissions.
If the 
other devs don't have read and/or execute access to the project's
directories 
then they can not read the project. Unix groups are the easiest thing to

implement to control the permissions on the directories{1}.  Using
multiple 
repositories{2} makes it easier to apply the permission bits, when that
kind 
of setup is available.

the cvs_acls script{3} may also be something you are looking for except
I 
think it is more for commit control than read control.

>     Though most of the software projects we host are open source,
still 
> we have few which contain sensitive files.
> 
>     We were looking for an already implemented solution in CVS or 
> SUBVERSION for this feature. Does it exist?
> 
>     Thank you very much for your attention.
>     Cordial greetings; Fran.
> 
> [1] http://cern.ch/cvs
> 

{1} http://ximbiot.com/cvs/manual/cvs-1.11.21/cvs_2.html#SEC13
{2} http://ximbiot.com/cvs/manual/cvs-1.11.21/cvs_2.html#SEC22
{3} 
http://cvs.savannah.nongnu.org/viewcvs/ccvs/contrib/cvs_acls.pl?root=cvs
&view=markup
http://cvs.savannah.nongnu.org/viewcvs/ccvs/contrib/cvs_acls.html?root=c
vs&view=markup

-- 
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter




------------------------------

Message: 10
Date: 9 Feb 2006 07:22:26 -0800
From: address@hidden
Subject: Compare tags and include duplicates?
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset="iso-8859-1"

I am trying to use "cvs rdiff -s" to find the files that were changed
between two tags. My problem is that it compares the content of the
files, and skips a file if the content is the same between the two
versions. But I'd like to include these duplicates. In other words, if
a tag was moved from version 1.1 to version 1.3 but the content is the
same, I still want to see that as a difference. Is this possible?

Jacob



------------------------------

_______________________________________________
Info-cvs mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/info-cvs


End of Info-cvs Digest, Vol 39, Issue 12
****************************************




reply via email to

[Prev in Thread] Current Thread [Next in Thread]