[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Jason Henry Parker
14 Dec 2000 10:11:48 +1000
I'm responsible for reconfiguring our CVS repository where I work.
What we have currently is an NFS-shared CVS root, using standard UNIX
file permissions to control access. There is one Windows user using
Samba and WinCVS (1.0.6) who is having a great deal of trouble.
The proposed solution is to move the modules available to a new
repository accessible through pserver, with all files owned by a
cvs user and group. Thus all the password entries for a project would
We're wondering if it wouldn't be better to divide the repository up
on a per-customer basis, since some employees should not be able to
read (let alone write!) some data, such as in-confidence customer
data, or projects under NDA. If we do this, then I imagine each
repository will need to be owned by its own user and group (not too
hard), and the data will need to be moved out of where it is now.
1. Will simply copying the existing directories work? What about the
CVSROOT/history file? What about other metadata in CVSROOT/ ?
2. Alternatively, is it possible to tweak CVSROOT/ to make some
directories readable or writable by only some users, or do I have
to resort to messing with UNIX file permissions?
3. The CVS book says CVSROOT/ needs to be writable by everyone. My
plan is to make CVSROOT/ writable by world, and all the files
(except CVSROOT/history) writable only by a cvsadmin user.
Any advice is more than welcome.
 : We're not concerned about pserver's security limitations as this
host is not on our external network. However, I can see a
project on sourceforge called cvsauth which uses SSL---does
anyone have experience with it?
Jason Henry Parker ``Choose mnemonic identifiers. If you
address@hidden can't remember what mnemonic means,
address@hidden you've got a problem.'' -- Larry Wall
- Repository management,
Jason Henry Parker <=