[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

cvs repository folder permission

From: yancheng . cheok
Subject: cvs repository folder permission
Date: 20 Mar 2006 07:25:15 -0800
User-agent: G2/0.2

Previously, I am using CVS with CVS-1.11.18 patched by CVSACL-1.2.2.

When I setup CVS server, three objectives in my mind:
(1) Users (except root) should not have read/ write permission to the
CVS repository through telnet.

(2) However, users can checkout/ checkin the files to CVS repository
through CVS pserver.

(3) By enforcing some branch permission level control.

I make my CVS repository folder with ownership cvsuser:cvsuser. Since I
want to prevent the user from remote access the machine and accidently
delete the whole CVS repository, I make the CVS repository folder
permission as 700.

However, by setting the repository folder permission as 700, the users
cannot commit or checkout the files through pserver authentication.

Luckily, CVSACL path does give me an option - CVSServerRunAsUser.
Hence, I will set CVSServerRunAsUser=cvsuser

After the identification of the user has been verified, CVS process
switch to run as that cvsuser.

Recently, I found the CVSACL is somehow buggy.  (For example, the heap
memory is not freed after being used)

I decide to swith back to original source of CVS. However, I found that
original source of CVS doesn't have CVSServerRunAsUser.

My question is, how can I have objective

(1) - setting the repository folder to 700 to prevent users from read/
write folder through telnet
(2) - and allow users to read/ write files to the repository through
CVS pserver.

Thank you very much


reply via email to

[Prev in Thread] Current Thread [Next in Thread]