LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   CVS module (in repository) user:group - what is the correct approach? (https://www.linuxquestions.org/questions/linux-software-2/cvs-module-in-repository-user-group-what-is-the-correct-approach-610118/)

xp_newbie 12-31-2007 06:50 AM
CVS module (in repository) user:group - what is the correct approach?
 
I have setup a CVS pserver which works nicely for me, the user who first created the modules (subdirectories under /cvs).

The problem is when other users try to check out from that module (subdirectory under /cvs).

/cvs and /cvs/CVSROOT all belong to special 'user:group' that I created: 'cvs:cvs'.

Code:
drwxrwxr-x 3 cvs        cvs        4096 2007-12-30 13:25 CVSROOT
-rw-rw-r-- 1 cvs        cvs          0 2007-12-29 10:34 locks
drwxrwxr-x 8 xpnewbie  xpnewbie  4096 2007-12-30 06:53 mymodule
As you can see, when I first created 'mymodule' (using import/commit), it was created with the ownership of xpnewbie:xpnewbie, not xpnewbie:cvs as I had hoped.

My question is: What is the right approach to tackle this problem?

Of course I could perform a 'chown -R xpnewbie:cvs mymodule' but then:
  1. I don't know what would happen to a newly added file to the module (it would most certainly not receive 'xpnewbie:cvs' ownership.
  2. I will have to repeat this (manual) procedure every time I create a new module.

Is there a way to tell CVS/pserver to automatically assign the group 'cvs' to any newly checked in module/file?

Thanks,
Alex

gilead 01-01-2008 04:41 PM
There are a couple of ways to approach this. The first is to put all CVS users into a cvs group, run chgrp cvs over the modules and then set the gid bit on all of the module directories:
Code:
find /path/to/cvsrepo/module -type d -exec chmod g+sw {} \;
That way all cvs group members will have write permission and all new files will belong to the cvs group.

The second way is to have a single cvs user and add your repository users added to CVSROOT/passwd. The cvs user owns the modules and the problem of multiple system users owning the files goes away.

xp_newbie 01-01-2008 06:38 PM
Thank you very much, gilead.

I like the first way better, because it allows keeping track of who performed what in the CVS repositories.

However, it also means that every time a new repository is added, I will have to perform that 'chgrp cvs' and 'chmod g+sw'...

Is there a way to avoid that? Can I just do 'chmod g+sw' on /cvs, thus assuming from now on that every newly created repository (via cvs command, of course) will automatically receive g+sw as well?

Also, do I understand correctly that the 's' in the g+sw, simply makes every newly created directory/file belong to the cvs group?

Thanks,
Alex

gilead 01-01-2008 10:12 PM
Yes, to both... You can run chmod g+sw on the top level directory so that you don't need to run it on each new module. The 's' does cause each new directory/file to belong to the cvs group.

xp_newbie 01-03-2008 09:00 AM
Gilead, thanks again. This clarifies the issue.

For future reference, I am posting here a link that, although refers to ssh clients (vs. pserver), provides additional clues for finer granularity when needing to control access to CVS repositories:

http://ioctl.org/unix/cvs/server

What a great community!

Cheers,
Alex

gilead 01-03-2008 01:28 PM
No problem - glad it helped. Thank you for posting the link :)


All times are GMT -5. The time now is 05:18 PM.