[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: locking a module

From: Ted Stern
Subject: Re: locking a module
Date: Thu, 27 Mar 2008 11:53:01 -0700
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/23.0.60 (gnu/linux)

On 27 Mar 2008 09:41:26 -0700, Eric Patty wrote:
> Got the commit "lock" working via the cvs_acls script.  I am still
> looking into read locking, as well (okay, so the "powers that be"
> (my supervisors) are a little paranoid).  Also, is the use of the
> cvs_acls/commitinfo/avail combination a "lock" lock, or just a
> permission restriction?  I really appreciate your help on this (you
> guys are the best)!!!
> -Eric

NB:  you need to add 'avail' to the checkoutlist file as well.

Yes, that combo is a "lock" lock.  You can't commit unless you're
given karma for the module.

For 'read' locking, use standard unix group permissions.  BTW, I also
recommend creating Attic subdirectories in your repository ahead of
time, so your users don't accidentally create them themselves with
their own screwed up permissions.

    cd $CVSROOT

    # Change group to restricted_group
    chgrp -R restricted_group modulename

    # Remove 'other' perms
    chmod -R o-rwx modulename
    # create Attic subdirs:
    find modulename -type d -print | \
         grep -v Attic | \
         xargs -n1 -i@ mkdir -p @/Attic

    # Ensure that new files and groups get special restricted_group
    # id, using the little-understood Unix setgid sticky bit:
    find modulename -type d -print | xargs chmod g+s

    # Turn on write permissions for directories
    find modulename -type d -print | xargs chmod ug+w

    # Ensure user+group readability everywhere
    chmod -R ug+rX modulename

> -----Original Message-----
> From: Ted Stern [mailto:address@hidden 
> Sent: Wednesday, March 26, 2008 5:20 PM
> To: Patty, Eric
> Subject: Re: locking a module
> On 26 Mar 2008 13:05:25 -0700, EP1 wrote:
>> Is it possible (i.e., is there a CVS utility to take care of something
> like
>> this)?
> Do you want to prevent writing or reading?
> Look at the file /usr/share/cvs/contrib/cvs_acls.  The comments at the
> top explain what to do.
> If you still don't understand, send me email.
> Ted

 dodecatheon at gmail dot com
 Frango ut patefaciam -- I break so that I may reveal

reply via email to

[Prev in Thread] Current Thread [Next in Thread]