Solved

CVS on Redhat 9

Posted on 2004-10-05
38
464 Views
Last Modified: 2013-12-16
Hi,

I'd like to setup CVS on redhat 9.

this is the cvspserver file which I've placed in etc/xinetd.d/ directory.

service cvspserver
{
      socket_type       = stream
      protocol            = tcp
      wait             = no
      user             = root
      server             = /usr/local/bin/cvs
      server-args       = --allow-root=/usr/local/repos
      disable       = no
}

But i cant connection via a client machine or more worringly i cant connect on the server itself - I've obviously configured something incorrectly???

Any help appreciated!


0
Comment
Question by:pixitron
  • 22
  • 16
38 Comments
 
LVL 6

Expert Comment

by:blkline
ID: 12225889
At the very least you will need to add to the "server-args" line the argument  "pserver"

Thus:  

server-args = --allow-root=/usr/local/repos pserver

Don't forget to reload xinetd:

service xinetd reload   (for a RH system)  or
killall -SIGHUP xinetd  (for others).

For more information, see:

http://www.sugoi.org/bits/index.php?bit_id=32
0
 

Author Comment

by:pixitron
ID: 12247705
errr i seem to even have a problem with permissions (i think??) :-(

because when i try to connect on the local machine and commit a test project

CVSROOT = /usr/local/repos
export CVSROOT
(echo $CVSROOT works fine)

CVS import -m "test proj" test_proj me start

i get an error message ..cannot make path ...permission denied ..... no conflicts created by this import.
0
 
LVL 6

Expert Comment

by:blkline
ID: 12247819
Make sure that the user you are connecting has has r/w authority to the directory into which you are committing your changes.  What I would do is:

Create a cvs user:
useradd cvs
chmod 2775 /usr/local/repos
chown cvs.cvs /usr/local/repos

Then modify /etc/group:

cvs:x:504:user1,user2

or alternately:

usermod -G cvs user1


That should get your permissions right.

0
 

Author Comment

by:pixitron
ID: 12248076
useradd...command cant be found???

I have already created a group called cvs - should i delete this?
0
 
LVL 6

Expert Comment

by:blkline
ID: 12248226
Use whatever means you'd like to create that user.  The whole point is to create a CVS user and group which can be the owner of the repository.  Then you add your userid to the CVS group.  

That's how I have mine set up.

BK
0
 

Author Comment

by:pixitron
ID: 12248575
thanks - this i understand now.

despite the fact i setup CVSROOT=/usr/local/repos cvs keeps saying CVSROOT not specified - weird???

anyway i do the following:

cvs -d /usr/local/repos import -m "test" test_proj vncviewer start - which works! great ! so at least i know its working locally.

from a windows client using cygwin, i try:

CVSROOT=vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

cvs -d $CVSROOT login

which asks for the password for vncuser, but it rejects the (system) password
0
 
LVL 6

Expert Comment

by:blkline
ID: 12248707
Is "vncuser" a user on your server?  Is is a member of the "cvs" group?

Barry
0
 

Author Comment

by:pixitron
ID: 12248831
Really appreciate the help you're giving me Barry.

Yes "vncviewer" is a user on the system where the cvs repository is located - i've checked that i can import/checkout/etc with this user while connected on the host computer.

unfortunately the remote login on the windows box via cygwin command line is where i'm now having trouble.



0
 
LVL 6

Expert Comment

by:blkline
ID: 12248976
Since you're using Cygwin, you should have available to you ssh which you can use for your connection.    Try:

CVS_RSH=ssh
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

Now attempt to do a check out (you won't need to login or anything) and see if it goes properly.  If it does, then the issue is with your password server.    And just to be sure, you didn't just 'su - vncuser' from root, did you?  You actually can log onto that computer as vncuser?

Barry
0
 

Author Comment

by:pixitron
ID: 12249231
No i didn't su vncuser to root - so I'll confident the vncuser user worked.

Using what you advised above (and exporting those variables -  i guess i needed to do that as well), here is what i get.....

cvs co test_proj
ssh: connect to Host IP_ADDRESS on port 22: connection reset by peer
cvs [checkout aborted] end of file file from server


I guess this is bad.... I tried to ping the server....
ping IP_ADDR

4 packets sent, 4 packets recieved

So that connection is ok anyway.
0
 
LVL 6

Expert Comment

by:blkline
ID: 12249485
You can successfully SSH to the machine?
0
 

Author Comment

by:pixitron
ID: 12249618
no cant ssh in
0
 

Author Comment

by:pixitron
ID: 12249705
I noticed that i had the wrong path to cvs in the cvspserver file, when i changed that and tried to log in remotely via cygwin, i got the following message, i'm not sure if this sheds any further light on the subject:

$ cvs login
Logging in to :pserver:vncuser@IP_ADDRESS:2401/usr/local/repos
CVS password:
cvs [login aborted]: reading from server: Software caused connection abort
0
 
LVL 6

Accepted Solution

by:
blkline earned 400 total points
ID: 12250090
This is perplexing.    When I set something like this up, I like to:

1) Ensure that I can log in locally as the user
2) Ensure that I can log in remotely as the user via SSH
3) Ensure that I can access cvs via ssh  (which, by the way, is more secure and the preferred method)
     This is much simpler for testing remote CVS
4) Get the cvs pserver up-and-running.

As to your current dilema, what are your logs saying on the server?  Check /var/log/messages to see if anything is showing up in there.  That you can ssh to the machine concerns me -- that should be a no brainer with no setup.  You don't happen to have a firewall set up on your server, do you?  If it's blocking ssh then most likely it's causing you grief with CVS pserver connections, too.  Most people don't realize when they install RH9 that it will set up the firewall by default.  You actually have to turn it off.  To test that theory, as root try:

service iptables stop

Then try your ssh connections, etc.


Barry
0
 

Author Comment

by:pixitron
ID: 12250176
is there another way i can type the above message:

service iptables stop

becuase my machine is responding with command not found.

Its only recently i installed redhat 9 - and i'm 99% certain i clicked on the default firewall/security settings.
0
 

Author Comment

by:pixitron
ID: 12250215
forget that last question - i found it on the menu.

logging in via ssh now ..... so i can do this with iptables stopped
0
 
LVL 6

Expert Comment

by:blkline
ID: 12250455
Okay.  Now try to checkout your vncviewer project using the SSH transport:

cd ~/tmp
CVS_RSH=ssh
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos
cvs co vncviewer

Can you checkout your vncviewer project?

Try using the pserver method once again -- any improvement?


0
 
LVL 6

Expert Comment

by:blkline
ID: 12250595
Sorry -- you might need to create your tmp directory first:

mkdir ~/tmp

BK
0
 

Author Comment

by:pixitron
ID: 12250662
CVS_RSH=ssh
export CVS_RSH
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos
export CVSROOT

$ cvs co test_proj
vncuser@IP_ADDR's password:
cannot access /usr/local/repos/CVSROOT
no such file or directory

seems like the CVSROOT isn't being substituted properly???





0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:pixitron
ID: 12250863
on second thoughts of course the CVSROOT is being substituted properly.

I've double checked the permissions on the CVSROOT folder: owner, group : CVS CVS. and the permissions: drwxrwxr-x  
0
 
LVL 6

Expert Comment

by:blkline
ID: 12250958
What does "ls  -l /usr/local/repos"  return?  You did initialize the cvs repository, right?

BK
0
 

Author Comment

by:pixitron
ID: 12251019
it returns listings for:

CVSROOT
test_proj

I cant remember if i initilized it - i think i did - there are files below CVSROOT
0
 

Author Comment

by:pixitron
ID: 12251041
im increasing the points - I really appreciate the effort you're making
0
 
LVL 6

Expert Comment

by:blkline
ID: 12251347
Does your /var/log/messages file (tail /var/log/messages -n 50) give you a clue?  

Please post the results of:
find /usr/local/cvsroot -ls -print
(it may be a bit long)

I don't want to insult your intelligence, so please bear with me, but not being able to find CVSROOT usually comes from an uninitialized repository.  Which means that you may have initialized your repository, just not where you think you did.  

I just attempted to fake out a CVS request, and got this message:

[klinebl@laptop2 klinebl]$ cvs -d :ext:blk@www.mysite.com:/usr/local/sbin co dummy
Cannot access /usr/local/sbin/CVSROOT
No such file or directory
[klinebl@laptop2 klinebl]$

My repository is actually in  /usr/local/cvsroot

Can I assume that  you obfuscated this following line?
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

Is the rest of that exchange you posted above accurate?

0
 

Author Comment

by:pixitron
ID: 12252037
>Please post the results of:
>find /usr/local/cvsroot -ls -print
>(it may be a bit long)

1057990    4 drwxrwsr-x   4 cvs      cvs          4096 Oct  7 14:40 /usr/local/repos/
/usr/local/repos/
1057991    4 drwxrwxr-x   3 cvs      cvs          4096 Oct  4 23:25 /usr/local/repos/CVSROOT
/usr/local/repos/CVSROOT
944492    4 drwxrwxr-x   2 root     cvs          4096 Sep 30 22:04 /usr/local/repos/CVSROOT/Emptydir
/usr/local/repos/CVSROOT/Emptydir
1058017    4 -r--r--r--   1 root     cvs          1168 Sep 30 22:04 /usr/local/repos/CVSROOT/loginfo
/usr/local/repos/CVSROOT/loginfo
1057993    4 -r--r--r--   1 root     cvs          1368 Sep 30 22:04 /usr/local/repos/CVSROOT/loginfo,v
/usr/local/repos/CVSROOT/loginfo,v
1058018    4 -r--r--r--   1 root     cvs           649 Sep 30 22:04 /usr/local/repos/CVSROOT/rcsinfo
/usr/local/repos/CVSROOT/rcsinfo
1057995    4 -r--r--r--   1 root     cvs           849 Sep 30 22:04 /usr/local/repos/CVSROOT/rcsinfo,v
/usr/local/repos/CVSROOT/rcsinfo,v
1058019    4 -r--r--r--   1 root     cvs          1025 Sep 30 22:04 /usr/local/repos/CVSROOT/editinfo
/usr/local/repos/CVSROOT/editinfo
1057997    4 -r--r--r--   1 root     cvs          1225 Sep 30 22:04 /usr/local/repos/CVSROOT/editinfo,v
/usr/local/repos/CVSROOT/editinfo,v
1058020    4 -r--r--r--   1 root     cvs          1026 Sep 30 22:04 /usr/local/repos/CVSROOT/verifymsg
/usr/local/repos/CVSROOT/verifymsg
1057999    4 -r--r--r--   1 root     cvs          1226 Sep 30 22:04 /usr/local/repos/CVSROOT/verifymsg,v
/usr/local/repos/CVSROOT/verifymsg,v
1058021    4 -r--r--r--   1 root     cvs           760 Sep 30 22:04 /usr/local/repos/CVSROOT/commitinfo
/usr/local/repos/CVSROOT/commitinfo
1058001    4 -r--r--r--   1 root     cvs           960 Sep 30 22:04 /usr/local/repos/CVSROOT/commitinfo,v
/usr/local/repos/CVSROOT/commitinfo,v
1058022    4 -r--r--r--   1 root     cvs           879 Sep 30 22:04 /usr/local/repos/CVSROOT/taginfo
/usr/local/repos/CVSROOT/taginfo
1058003    4 -r--r--r--   1 root     cvs          1079 Sep 30 22:04 /usr/local/repos/CVSROOT/taginfo,v
/usr/local/repos/CVSROOT/taginfo,v
1058023    4 -r--r--r--   1 root     cvs           493 Sep 30 22:04 /usr/local/repos/CVSROOT/checkoutlist
/usr/local/repos/CVSROOT/checkoutlist
1058005    4 -r--r--r--   1 root     cvs           693 Sep 30 22:04 /usr/local/repos/CVSROOT/checkoutlist,v
/usr/local/repos/CVSROOT/checkoutlist,v
1058024    4 -r--r--r--   1 root     cvs           602 Sep 30 22:04 /usr/local/repos/CVSROOT/cvswrappers
/usr/local/repos/CVSROOT/cvswrappers
1058007    4 -r--r--r--   1 root     cvs           802 Sep 30 22:04 /usr/local/repos/CVSROOT/cvswrappers,v
/usr/local/repos/CVSROOT/cvswrappers,v
1058025    4 -r--r--r--   1 root     cvs           564 Sep 30 22:04 /usr/local/repos/CVSROOT/notify
/usr/local/repos/CVSROOT/notify
1058009    4 -r--r--r--   1 root     cvs           764 Sep 30 22:04 /usr/local/repos/CVSROOT/notify,v
/usr/local/repos/CVSROOT/notify,v
1058016    4 -r--r--r--   1 root     cvs          1151 Sep 30 22:04 /usr/local/repos/CVSROOT/modules
/usr/local/repos/CVSROOT/modules
1058011    4 -r--r--r--   1 root     cvs          1351 Sep 30 22:04 /usr/local/repos/CVSROOT/modules,v
/usr/local/repos/CVSROOT/modules,v
1058284    4 -r--r--r--   1 root     cvs           987 Sep 30 22:04 /usr/local/repos/CVSROOT/config
/usr/local/repos/CVSROOT/config
1058013    4 -r--r--r--   1 root     cvs          1187 Sep 30 22:04 /usr/local/repos/CVSROOT/config,v
/usr/local/repos/CVSROOT/config,v
1058014    4 -rw-rw-rw-   1 root     cvs            50 Oct  7 14:40 /usr/local/repos/CVSROOT/history
/usr/local/repos/CVSROOT/history
1058015    0 -rw-rw-rw-   1 root     cvs             0 Sep 30 22:04 /usr/local/repos/CVSROOT/val-tags
/usr/local/repos/CVSROOT/val-tags
1058010    4 -rw-rw-r--   1 root     cvs          1151 Sep 30 22:04 /usr/local/repos/CVSROOT/.#modules
/usr/local/repos/CVSROOT/.#modules
1057992    4 -rw-rw-r--   1 root     cvs          1168 Sep 30 22:04 /usr/local/repos/CVSROOT/.#loginfo
/usr/local/repos/CVSROOT/.#loginfo
1057994    4 -rw-rw-r--   1 root     cvs           649 Sep 30 22:04 /usr/local/repos/CVSROOT/.#rcsinfo
/usr/local/repos/CVSROOT/.#rcsinfo
1057996    4 -rw-rw-r--   1 root     cvs          1025 Sep 30 22:04 /usr/local/repos/CVSROOT/.#editinfo
/usr/local/repos/CVSROOT/.#editinfo
1057998    4 -rw-rw-r--   1 root     cvs          1026 Sep 30 22:04 /usr/local/repos/CVSROOT/.#verifymsg
/usr/local/repos/CVSROOT/.#verifymsg
1058000    4 -rw-rw-r--   1 root     cvs           760 Sep 30 22:04 /usr/local/repos/CVSROOT/.#commitinfo
/usr/local/repos/CVSROOT/.#commitinfo
1058002    4 -rw-rw-r--   1 root     cvs           879 Sep 30 22:04 /usr/local/repos/CVSROOT/.#taginfo
/usr/local/repos/CVSROOT/.#taginfo
1058004    4 -rw-rw-r--   1 root     cvs           493 Sep 30 22:04 /usr/local/repos/CVSROOT/.#checkoutlist
/usr/local/repos/CVSROOT/.#checkoutlist
1058006    4 -rw-rw-r--   1 root     cvs           602 Sep 30 22:04 /usr/local/repos/CVSROOT/.#cvswrappers
/usr/local/repos/CVSROOT/.#cvswrappers
1058008    4 -rw-rw-r--   1 root     cvs           564 Sep 30 22:04 /usr/local/repos/CVSROOT/.#notify
/usr/local/repos/CVSROOT/.#notify
1058012    4 -rw-rw-r--   1 root     cvs           987 Sep 30 22:04 /usr/local/repos/CVSROOT/.#config
/usr/local/repos/CVSROOT/.#config
131720    4 drwxrwsr-x   2 vncuser  cvs          4096 Oct  7 14:49 /usr/local/repos/test_proj
/usr/local/repos/test_proj
131721    4 -r--r--r--   1 vncuser  cvs           379 Oct  7 14:40 /usr/local/repos/test_proj/test.cpp,v
/usr/local/repos/test_proj/test.cpp,v

>Can I assume that  you obfuscated this following line?
>CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

yes i did this.

>Is the rest of that exchange you posted above accurate?
absolutely

0
 

Author Comment

by:pixitron
ID: 12252062
>Does your /var/log/messages file (tail /var/log/messages -n 50) give you a clue?  

nothing about cvs
0
 

Author Comment

by:pixitron
ID: 12253008
Ok, due to weird behaviour, I decided to:

1. Reboot the cvs machine
2. Double check iptables were disabled
3. Connect via :ext:
4. Import a new project from cygwin command line


weirdly ..... it has worked - I'm not sure of the exact reason unless it was because  i think I might have only temporarily stopped the iptables and done a reboot, but the iptables filtering came back up - maybe this was the issue.

Anyway this now works.


Onto the pserver, changin the definition of CVSROOT to
CVSROOT=:pserver:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

and it responds with unrecognized auth command.

0
 
LVL 6

Expert Comment

by:blkline
ID: 12253604
Did you enter a password for vncuser into the /usr/local/repos/CVSROOT/passwd file?

See section 2.9.3:

https://www.cvshome.org/docs/manual/cvs-1.11.17/cvs_2.html#SEC26
0
 

Author Comment

by:pixitron
ID: 12253877
no - as i understood if a passwd file wasn't present, but the login user was a user on the system he would still be validated ...however this doesn't appear to be the case.

great link btw - i think once i read through this it should sort out all of the issues
0
 
LVL 6

Expert Comment

by:blkline
ID: 12254010
> as i understood if a passwd file wasn't present, but the login user was a user on the system he would still be validated

Yes, it's supposed to work that way.  But I'm not sure if cvs will use PAM authentication against the /etc/shadow file, or whether it will search the older /etc/passwd file.  Given the age of CVS I'm suspecting that it may be the latter.  In any event, I don't use pserver authentication, instead deferring to my favorite:  ssh.  
0
 

Author Comment

by:pixitron
ID: 12256770
i copied the user "vncuser" encrypted password from the shadow file and placed it in the /usr/local/repos/CVSROOT/ and tried to connect via the cygwin client using the pserver - alas to no avail.  I'm getting what is appraently a generic error still:

unrecognized auth response

I double checked that everything is ok with using ssh login and thats fine. So I'm perplexed
0
 
LVL 6

Expert Comment

by:blkline
ID: 12258150
Please post your /etc/xinetd.d/cvs file

(so I can see your configuration)
0
 

Author Comment

by:pixitron
ID: 12270098
here is my cvspserver file (i presume that was what you meant)

service cvspserver
{
      port            = 2401
      socket_type       = stream
      protocol            = tcp
      wait             = no
      user             = root
      server             = /usr/bin/cvs
      server-args       = -f --allow-root=/usr/local/repos pserver
}

My cvs password file

vncuser:****************:

and i copied that exactly from the shadow file.
0
 

Author Comment

by:pixitron
ID: 12275072
if i cant get pserver method to work - is using ssh ok? you seem to suggest its actually the perfered approach? though nearly all online tutorials seems to talk about setting up the pserver approach.
0
 
LVL 6

Expert Comment

by:blkline
ID: 12275478
I'm going to set up a test system today and see if I can figure out your pserver problem.   You still have iptables stopped, right?
0
 

Author Comment

by:pixitron
ID: 12277451
wow thanks ever so much.

Yes indeed the iptables are stopped - checked. - anyway i wasn't able to establish a ssh connection when they were up previously, so the very fact i can  connect to the cvs repository using ssh makes me feel confident its defintely stopped.
0
 
LVL 6

Expert Comment

by:blkline
ID: 12280076
Okay -- I got it working.  The problem is with xinetd.  I followed the instructions in the CVS docs and tested the server with:

telnet localhost 2401

According to the docs ( F.2 Trouble making a connection to a CVS server )  the result I got indicated a problem with cvs receiving the "pserver" command when called by xinetd..  I played with difference permutations of commands in /etc/xinetd.d/cvspserver  but was unable to make the thing work.  My solution, though somewhat inelegant, is to create a script (/usr/local/sbin/cvspserver), which contains:

#!/bin/sh
exec /usr/bin/cvs -f --allow-root=/home/cvs pserver

and ensure that it's executable:     chmod +x /usr/local/sbin/cvspserver.  Then I altered the /etc/xinetd.d/cvspserver file to contain:

service cvspserver
{
        disable         = no
        port            = 2401
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        passenv         = PATH
        server          = /usr/local/sbin/cvspserver
}

A quick:    service xinetd reload and I was in!    I can't spend any more time fooling around with XINETD, so this is the best solution I can offer for you.
0
 

Author Comment

by:pixitron
ID: 12327220
ok, sorry for not closing this question out - i was on holidays for a few day.

SO i tried the suggestion you outlined above - however still cant connect.

No to worry, i have connection via ssh, and i guess that's ok, for now at least.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

In this tutorial I will explain how to make squid prevent malwares in five easy steps: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now