info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: creating policy


From: Denniston, Todd A CIV NAVSURFWARCENDIV Crane, Code 6067
Subject: Re: creating policy
Date: Thu, 13 Sep 2007 10:30:33 -0500
User-agent: Thunderbird 2.0.0.5 (X11/20070716)

mthread wrote, On 09/13/2007 06:52 AM:
On Sep 13, 7:25 am, Jim Hyslop <address@hidden> wrote:
mthread wrote:
   We are using CVS for our project and we have established policies
for different team members in the project. I would like to give
testing team only the permission to export a version(using export
command). No other commands should work for them. Kindly help me how
do I go about doing this.
CVS does not allow restrictions based on commands. I am not aware of any
plug-ins that allow you to do what you want.

Off the top of my head, some of your choices are:

1) use different version management software;

2) enforce the policies by imposing strict penalties for anyone who
disobeys, possibly including firing them if the situation warrants;

3) wrap the CVS commands in a script/batch file/customized GUI, and do
not allow direct access to the CVS executable.

- --
Jim Hyslop
Dreampossible: Better software. Simply.    http://www.dreampossible.ca
                 Consulting * Mentoring * Training in
    C/C++ * OOD * SW Development & Practices * Version Management



Hi,
  thanx for the reply. But I am curious how so many projects are
handled using CVS. I am sure every project development team must be
implementing the sort of policy we are looking to implement. Hope more
guys give their ideas for this topic.

regards,
mthread



Assuming a Unix server:
permissions can be controlled on a directory by directory basis[1] using the Unix file system permissions, i.e., if the user's permissions for the _directory_ are read but not write, they can read the files in the directory but not write them. However for CVS if you want to checkout you also need write permissions to write the lock files, but CVS has a way to work around this, restrict tightly the write permissions in the repository directories but also create a LockDir[2] with more open permissions.

Also as Arthur indicated there are methods for controlling some of the commands using command triggers[3]. The type of trigger you might be most interested in is a Commitinfo trigger[4], of which there is one for controlling access called cvs_acls[5][6] that I think you would be most interested in. There are several trigger scripts in the contrib directory[7] that you should probably look at if you are going to use CVS.

And if you wanted to move to CVSNT (which as Arthur usually points out, also runs on most Unix platforms too), there are some other permission things that can be set too.

I would also suggest that if you are going to manage CVS or any other SCM tool, that you should read the manual[8] all the way through at least once.

[1] http://ximbiot.com/cvs/manual/cvs-1.11.22/cvs_2.html#SEC13
[2] http://ximbiot.com/cvs/manual/cvs-1.11.22/cvs_18.html#IDX282
[3] http://ximbiot.com/cvs/manual/cvs-1.11.22/cvs_18.html#SEC167
[4] http://ximbiot.com/cvs/manual/cvs-1.11.22/cvs_18.html#SEC171
[5] http://cvs.savannah.nongnu.org/viewvc/*checkout*/ccvs/contrib/cvs_acls.html?root=cvs [6] http://cvs.savannah.nongnu.org/viewvc/*checkout*/ccvs/contrib/cvs_acls.pl?root=cvs
[7] http://cvs.savannah.nongnu.org/viewvc/ccvs/contrib/?root=cvs
[8] http://ximbiot.com/cvs/manual/

--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter




reply via email to

[Prev in Thread] Current Thread [Next in Thread]