Re: acl for cvs try II

info-cvs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: acl for cvs try II

From:	Corey Minyard
Subject:	Re: acl for cvs try II
Date:	Mon, 30 Jun 2003 14:46:25 -0500
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030313

Edward Peschko wrote:

>On Sun, Jun 29, 2003 at 09:42:11PM -0500, Corey Minyard wrote:
>  
>
>>Have you looked at my patch, at http://home.attbi.com/~minyard/?  It's
>>been around for a while and is well tested, and implements full ACLs
>>(per directory, per file, and per branch) within CVS, and has a lot of
>>users.
>>
>>    
>>
>
>well I wasn't aware of it before I started coding, but yeah I looked at it, it 
>looked a 
>little bit more complicated/'batched up' than I wanted (ie: you've got other 
>changes 
>that don't relate to acl.) Also I wanted something simple, wasn't sure how 
>easy to use 
>your solution was. 
>
Yes, it has a few other things, too.  It's not terribly difficult to
use, but it may be difficult to use it to achieve what you want.

>
>Anyways, I'm not against your patches (ie: if they are the standard acl for 
>cvs, I'd be
>more than happy to use them), but I had a couple of questions:
>
>       1) is your acl mechanism backwards compatible with existing cvs 
> clients/servers?
>
Yes.  You can't do ACL operations, obviously, but the ACLs are enforced.

>       2) how do you use your acl?
>
Each directory has an owner and a set of permissions.  The owner (or an
admin) can set the permissions for directory/files/branches or assign a
new owner for the directory.  Permissions can also propigate directories
(you can assign them at a base directory and with a command-line option
to the server have the propigate to subdirectories.  propigation can
also be blocked).

Maintenance of ACLs is through new CVS commands.

It is not centralized, though.

>
>#1 is key for me - I need something where I don't need to download a new 
>client for 
>everyone who wants to use ACL. #2 is pretty important too - I want something 
>centralized,
>one file that I can check and see at a glance who has access to what. If #1 
>and #2 holds
>for your patch, then like I said I'd be more than happy to use it.
>
For single file centralized access that the users don't have control
over, I believe you could easily set up a shell script to handle that. 
No need to modify CVS.  I've never done it, but if that's what you want,
I'd recommend trying the shell-script approach.  It will be easier to
maintain in the long-term.

-Corey

[Prev in Thread]

Current Thread

[Next in Thread]

acl for cvs try II, Edward Peschko, 2003/06/24
- Re: acl for cvs try II, Max Bowsher, 2003/06/27
- Re: acl for cvs try II, Corey Minyard, 2003/06/29
  - Re: acl for cvs try II, Edward Peschko, 2003/06/30
    - Re: acl for cvs try II, Corey Minyard <=
    - Re: acl for cvs try II, Edward Peschko, 2003/06/30

Prev by Date: Re: Info-cvs Digest, Vol 7, Issue 54
Next by Date: Re: Checkout files to the same working directory
Previous by thread: Re: acl for cvs try II
Next by thread: Re: acl for cvs try II
Index(es):
- Date
- Thread