[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: locking a module
Re: locking a module
Thu, 27 Mar 2008 11:53:01 -0700
Gnus/5.110007 (No Gnus v0.7) Emacs/23.0.60 (gnu/linux)
On 27 Mar 2008 09:41:26 -0700, Eric Patty wrote:
> Got the commit "lock" working via the cvs_acls script. I am still
> looking into read locking, as well (okay, so the "powers that be"
> (my supervisors) are a little paranoid). Also, is the use of the
> cvs_acls/commitinfo/avail combination a "lock" lock, or just a
> permission restriction? I really appreciate your help on this (you
> guys are the best)!!!
NB: you need to add 'avail' to the checkoutlist file as well.
Yes, that combo is a "lock" lock. You can't commit unless you're
given karma for the module.
For 'read' locking, use standard unix group permissions. BTW, I also
recommend creating Attic subdirectories in your repository ahead of
time, so your users don't accidentally create them themselves with
their own screwed up permissions.
# Change group to restricted_group
chgrp -R restricted_group modulename
# Remove 'other' perms
chmod -R o-rwx modulename
# create Attic subdirs:
find modulename -type d -print | \
grep -v Attic | \
xargs -n1 -i@ mkdir -p @/Attic
# Ensure that new files and groups get special restricted_group
# id, using the little-understood Unix setgid sticky bit:
find modulename -type d -print | xargs chmod g+s
# Turn on write permissions for directories
find modulename -type d -print | xargs chmod ug+w
# Ensure user+group readability everywhere
chmod -R ug+rX modulename
> -----Original Message-----
> From: Ted Stern [mailto:address@hidden
> Sent: Wednesday, March 26, 2008 5:20 PM
> To: Patty, Eric
> Subject: Re: locking a module
> On 26 Mar 2008 13:05:25 -0700, EP1 wrote:
>> Is it possible (i.e., is there a CVS utility to take care of something
> Do you want to prevent writing or reading?
> Look at the file /usr/share/cvs/contrib/cvs_acls. The comments at the
> top explain what to do.
> If you still don't understand, send me email.
dodecatheon at gmail dot com
Frango ut patefaciam -- I break so that I may reveal