[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Problem in configuring cvs_acls on cvs-1.11.17 on Centos 4.0 with Pserve
From: |
ankush grover |
Subject: |
Problem in configuring cvs_acls on cvs-1.11.17 on Centos 4.0 with Pserver protocol |
Date: |
Thu, 21 Sep 2006 09:41:23 +0530 |
hey friends,
I am trying to configure cvs_acls so that I can restrict the
commiting of files from certain users. Presently I am using pserver
protocol in my company. The cvs version is 1.11.17 on Centos 4.0 and I
have set setguid on the repositories.
One of the repository is /opt/test. I followed the steps given in the
cvs_acls file which was there in the contrib folder.
contents of the cvs_acl file
To use this program as I intended, do the following four things:
#
# 0. Install PERL. :-)
#
# 1. Put one line, as the *only* non-comment line, in your commitinfo file:
#
# DEFAULT /usr/local/bin/cvs_acls
#
# 2. Install this file as /usr/local/bin/cvs_acls and make it executable.
#
# 3. Create a file named CVSROOT/avail and optionally add it to
# CVSROOT/checkoutlist and check it in. See the CVS manual's
# administrative files section about checkoutlist. Typically:
#
# $ cvs checkout CVSROOT
# $ cd CVSROOT
# [ create the avail file ]
# [ add avail to checkoutlist ]
# $ cvs add avail
# $ cvs commit -m 'Added avail for use with cvs_acls.' avail checkoutlist
#
# ==== FORMAT OF THE avail FILE:
#
# The avail file determines whether you may commit files. It contains lines
# read from top to bottom, keeping track of a single "bit". The "bit"
# defaults to "on". It can be turned "off" by "unavail" lines and "on" by
# "avail" lines. ==> Last one counts.
#
# Any line not beginning with "avail" or "unavail" is ignored.
#
# Lines beginning with "avail" or "unavail" are assumed to be '|'-separated
# triples: (All spaces and tabs are ignored in a line.)
#
# {avail.*,unavail.*} [|user,user,... [|repos,repos,... [|branch,branch,...]]]
#
# 1. String starting with "avail" or "unavail".
# 2. Optional, comma-separated list of usernames.
# 3. Optional, comma-separated list of repository pathnames.
# These are pathnames relative to $CVSROOT. They can be directories or
# filenames. A directory name allows access to all files and
# directories below it.
# 4. Optional, comma-separated list of branch tags.
Below is the configuration which I have done
contents of avail file
unavail ;; Make whole repository unavailable.
avail|agrover ;; Except for user "agrover".
contents of checkoutlist file
/opt/test/CVSROOT/avail "you cannot checkout the files"
contents of commitinfo file
DEFAULT /usr/local/bin/cvs_acls (this file is there in
/usr/local/bin directory)
But still the user agrover was able to commit the file after making
changes. The module was checkout after cvs_acl configuration was done.
I want to restrict some of the users from commiting to the
repositories, creating or working on branches. One more thing I would
like to know is it possible to give access read only or no access to a
particular file or to a particular folder or to a particular module
for a particular user or for some users through cvs_acl even though
the user or users are part of the group on which setguid is set.
Please let me know if you need any further inputs.
Thanks & Regards
Ankush Grover
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Problem in configuring cvs_acls on cvs-1.11.17 on Centos 4.0 with Pserver protocol,
ankush grover <=