RE: CVS users or linux OS users?

[Alexandre Augusto Drummond Barroso]

> -----Original Message-----
> From: address@hidden
> [mailto:address@hidden 
> Behalf Of M Taha Masood
> Sent: Friday, September 03, 2004 7:24 PM
> To: address@hidden
> Subject: CVS users or linux OS users?
> 
> 
> Hello,
> 
> If a new source code repository is being set up on a RedHat Linux box
> , what is the advisable way of adding users whom we want to have
> varied degrees of permissions on different dirs of the repository.
> 
CVS users can be mapped to different users and you don't have to create
one linux user for each cvs user. You can create one linux user for each 
cvs user but you don't have to, but you should create specific groups for 
cvs modules access.

Of course none of these users should have a shell so even having access to 
telnet they will not cause problems by using telnet.

> also when we dont want any user to log on to the box thru telnet etc
> and potentially delete a directory of the repository to which he has
> read/write( checkout /checkin) CVS access.
> 
[Off-topic] I strongly advise you to remove telnet daemon to avoid a 
security hell (no pun intended) and use ssh connections only.

> in other words can CVS access control be done independent of OS file
> system acess control? should it be done this way?
[snip]
 
If you're using CVSNT this access control can be done independent of OS
file system access control.
In spite of CVS not having access control list feature, there are 
projects that implement it. To name a few:
- CVSPermissions - http://sarovar.org/projects/cvspermissions/
- CVS Access Control List Extension Patch - http://cvsacl.sourceforge.net/
- Patch found in CVS home site - 
https://www.cvshome.org/cyclic/cvs-html/dev-access.html