I have setup cvs with xinetd. My config file for it is
From this you can see that my cvs root repository is located at /var/lib/cvs
I have made the /var/lib/cvs owner=cvsgroup group=cvsgroup and permissions are drwxrwx--- So only users that are add to the cvsgroup can access the repository.
1) say I have created another repo at location /home/morerepos same own/group/permissions as /var/lib/cvs. Is their some way I can add the /home/morerepos to the configuration file above so that they both can be used as repo locations when I restart the cvs service.
2) Is it possible to start to different cvs services each running on different ports?
3) Is their away to restrict a particular user to a few particular projects so that he can only check in/out on those projects in my repo?
Note is their away without have to alter the group of a project since I have tons of users already accessing that project under the group cvsgroup rwx but I only want some users to have "r" or "rx" permissions. Basically what is the easiest way to have complete control over all my users.
posted 8 years ago
I figured most of it out
1) is add server_args = -f --allow-root /var/lib/cvs --allow-root /var/lib/cvsnextone --allow-root /var/lib/cvsanotherrepo pserver then restart xinetd
2) add another config file in /etc/xinetd directory for a second cvs service and set the port to something different then the default 2401. Then restart the xinetd service.
So those 2 questions are solved
But the 3 one is a problem for me
Because whenever I check in stuff under a given user it commits it with user and group to be the same?
For example I have cvsguy1 and cvsguy2 each are in the cvsgroup and the repo's owner=nobody , group=cvsgroup chmod= rwxrwx---
Why is it when ever I commit something with cvsguy1 the folder owner/group is cvsguy1/cvsguy1? I want it to be cvsguy1/cvsgroup ?
The problem then becomes cvsguy2 is not in group cvsguy1...
How do you set the default group that the user checks in stuff as? (I don't want to always have to chgrp on each folder after the fact )
I think you're confusing the user/group ID of the person doing the check-on with the user/group ID of the CVSpserver process.
Typically, unless my memory fails, you'd create a user ID of "cvs" with a primary group ID of "cvs" and use that for the pserver. That is, instead of "user = root", code "user = cvs" in your xinetd config file.
Authorized CVS users would then be added to the CVS group. The actual access control within CVS would be done using the CVS security mechanisms themselves, based on the userid that the committing user logged into CVS under.
Being persecuted doesn't in any way prove your righteousness or your beliefs. Many people get persecuted because they are repugnant or annoying. Or just because they can be.