[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVSROOT Admin files dilemma

From: Rez P
Subject: CVSROOT Admin files dilemma
Date: Tue, 14 Apr 2009 11:31:02 -0700

Hi Everyone


I have installed and set up the following:


Our cvsRepo on a redhat linux box contains 3 main project folders.  Each dept or project is given write/modify access to their own project by setting up linux group permissions and by users being set up in the cvsroot/passwd file as user:hashed_pw:systemUser and all users with write permission have been declared in the cvsroot/writers file as well. Our users use a mixture of cvs client, wincvs, eclipse plugin on their windows machines.



                -CVSROOT (who should chown cvsroot?)

                -dept1 (chown'd to cvsgrp1)

                -dept2 (chown'd to cvsgrp2)

                -dpet3 (chown'd to cvsgrp3)


content of cvsroot/passwd:






content of cvsroot/writers:





content of cvsroot/readers:



passwd, readers, and writers files have been added to the checkoutlist. cvsroot/history file has been chmod to ug+w. And LockDir=/tmp.


I have a few questions:


Who should chown cvsroot folder since there're 3 distinct groups now? Should a 4th master group be created to contain the other 3 groups and this master group has the ownership of cvsroot?  We did set up a master group who chowns cvsroot and I tested by login as user 1-3 and was able to modify and commit to the user's respective project only but not other projects, which is ideal. But regardless all users were able to modify files in cvsroot to my dismay!


Except all users and cvs processes writing to the history file and me modifying and checking in cvsroot admin files, do cvs processes need write permission to cvsroot folder or any of the files in general? Ultimately, I don't want any of the users except myself checking out cvsroot or look at the password file. How can this be done?  I thought of removing the entry for the passwd file from the checkoutlist but then again I'd deny access to myself and I have to resort to modifying this file directly on the server.



Rediscover HotmailĀ®: Get quick friend updates right in your inbox. Check it out.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]