LinuxQuestions.org - CVS Login: Authorization Failed

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - CVS Login: Authorization Failed (https://www.linuxquestions.org/questions/linux-newbie-8/cvs-login-authorization-failed-528625/)

nestorjb

02-13-2007 06:59 AM

CVS Login: Authorization Failed

Hi

I'm trying to set up my CVS Repository on a Red Hat ES 4 with rpm cvs-1.11.17-9.RHEL4. I configured the /etc/xinetd.d/cvspserver file:

service cvspserver
{
port = 2401
socket_type = stream
protocol = tcp
wait = no
user = cvs
passenv = PATH
server = /usr/bin/cvs
server_args = -f --allow-root=/desarrollo/cvs pserver
disable = no
}

I checked that the CVSROOT is correct. When I log with a standard operating system user and password I get:

cvs login: authorization failed: server localhost rejected access to /desarrollo
/cvs for user nboscan

I tried with an old repository, with a new repository, I tried to using a passwd file and none of this works.

The server is up because I can do a telnet localhost 2401 and it works.

Any ideas?

bathory

02-13-2007 07:48 AM

cvs server is using its own passwd file, which is located under CVSROOT. If you want to add users to the server you must read this to see how to create users and using a perl script to give them a password.

nestorjb

02-13-2007 07:30 PM

Hi bathory

Thanks for the answer but on my first tests the passwd was not created and not on the CVSROOT directory. In my second test I created one checked out the CVSROOT module and saved it and it is not authenticating using the passwd user and password.

nestorjb

02-13-2007 08:42 PM

I created a passwd using checkout, update, commit. Checked that the file was created in the CVSROOT folder. Tried to login:

cvs login: authorization failed: server odin rejected access to /desarrollo/cvs
for user nboscan

It's really getting frustrating, it should have something to do with the configuration because with or without passwd file I can't login

nestorjb

02-13-2007 09:14 PM

I checked login as cvs and root and it works. But is not working for the rest of the users. The rest of the users has read and write access to the CVS Repository.

bathory

02-14-2007 02:25 AM

Your cvs passwd file must look like this:

Quote:

user1:<random chars>:cvs
user2:<random chars>:cvs
user3:<random chars>:cvs

The <random chars> is the password created by the perl script and the last option (cvs) is the user under which cvs pserver is running. Make sure that the whole repository is owned by that user.

nestorjb

02-14-2007 09:29 AM

Bathory thanks a lot

I figured out that there were 3 things wrong.

1.- In the /etc/xinetd.d/cvspserver the user has to be root
2.- The passwd file is required for pserver protocol. With CVSNT this was not a requirement.
3.- I was using htpasswd to generate the passwords and this didn't work. I used the perl script.

Now, managing the passwd file can be a real headache. If I use the sserver protocol I can authenticate using the operating system user/password?

bathory

02-14-2007 04:18 PM

Quote:

Now, managing the passwd file can be a real headache. If I use the sserver protocol I can authenticate using the operating system user/password?

I don't know how sserver works, but searching a little I found that:

Quote:

With the default settings you should be able to connect to CVSNT using sserver as if you were using pserver and the SSL layer used with sserver only provides the encryption. The actual authentication against the server still relies on the mechanisms known from pserver.

With pserver you can use the system password file (/etc/passwd), but it's not recommended since it's a security risk. With the pserver passwd you use virtual users that are onle able to use the cvs and cannot login to your system to use others services.

All times are GMT -5. The time now is 05:05 PM.