Re: Connection refused to CVS repository (and ACLs).

[Noel Yap]

--- Axelle <address@hidden> wrote:
>> > I think there may be atomicity problems when
>> mounting
>> > a CVS repository via NFS.
>> 
>> Well, there might be individual synchronization
>> problems, but mainly,
>> I do not have any problem using it myself.

Such problems would occur rarely in practice but would
wreak havoc within the repository.  I would suggest
making sure you don't have this problem or not using
NFS at all for the repo (use client/server instead).

>> > I'm assuming you're asking about POSIX file
system
>> > ACLs.
>> 
>> I'm using Sun's ACLs... I suppose they're Posix.

Yup, those are they.

>> > It's perfectly fine to use ACLs within the CVS
>> repo,
>> > in fact I promote them since it makes things much
>> > simpler.  However, be sure you understand exactly
>> how
>> > permissions are used within the repo.
>> 
>> Well, I have left for both developers an rwx user
>> access to 
>> $CVSROOT/CVSROOT. 
>> Is there something particular you had in mind ?

I think there's a section in Per Cederqvist about
this.  IIRC, users need write permissions on
directories where locks are created, they need write
permissions to the archive directories only if they
need to be able to checkin.  Of course, they also need
write permissions on archive files.

>> > One thing you'll need to do is create a loginfo
>> script
>> > that'll setfacl new directories and the archive
>> file
>> > each time it's checked in since there's no decent
>> > mechanism for new files to inherit ACLs.
>> 
>> I use the default ACL commands to position ACLs on
>> created files and
>> directories.
>> setfacl -s ... d:u:toto:rwx [etc].

Like I said, there's no /decent/ way to do this.  What
you do above will also create writable archive files. 
Typically, archive files are read-only to avoid
accidental deletion.

Noel

__________________________________________________
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/