[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 508
  • Last Modified:

CVS on Redhat 9

Hi,

I'd like to setup CVS on redhat 9.

this is the cvspserver file which I've placed in etc/xinetd.d/ directory.

service cvspserver
{
      socket_type       = stream
      protocol            = tcp
      wait             = no
      user             = root
      server             = /usr/local/bin/cvs
      server-args       = --allow-root=/usr/local/repos
      disable       = no
}

But i cant connection via a client machine or more worringly i cant connect on the server itself - I've obviously configured something incorrectly???

Any help appreciated!


0
pixitron
Asked:
pixitron
  • 22
  • 16
1 Solution
 
blklineCommented:
At the very least you will need to add to the "server-args" line the argument  "pserver"

Thus:  

server-args = --allow-root=/usr/local/repos pserver

Don't forget to reload xinetd:

service xinetd reload   (for a RH system)  or
killall -SIGHUP xinetd  (for others).

For more information, see:

http://www.sugoi.org/bits/index.php?bit_id=32
0
 
pixitronAuthor Commented:
errr i seem to even have a problem with permissions (i think??) :-(

because when i try to connect on the local machine and commit a test project

CVSROOT = /usr/local/repos
export CVSROOT
(echo $CVSROOT works fine)

CVS import -m "test proj" test_proj me start

i get an error message ..cannot make path ...permission denied ..... no conflicts created by this import.
0
 
blklineCommented:
Make sure that the user you are connecting has has r/w authority to the directory into which you are committing your changes.  What I would do is:

Create a cvs user:
useradd cvs
chmod 2775 /usr/local/repos
chown cvs.cvs /usr/local/repos

Then modify /etc/group:

cvs:x:504:user1,user2

or alternately:

usermod -G cvs user1


That should get your permissions right.

0
Microsoft Certification Exam 74-409

VeeamĀ® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
pixitronAuthor Commented:
useradd...command cant be found???

I have already created a group called cvs - should i delete this?
0
 
blklineCommented:
Use whatever means you'd like to create that user.  The whole point is to create a CVS user and group which can be the owner of the repository.  Then you add your userid to the CVS group.  

That's how I have mine set up.

BK
0
 
pixitronAuthor Commented:
thanks - this i understand now.

despite the fact i setup CVSROOT=/usr/local/repos cvs keeps saying CVSROOT not specified - weird???

anyway i do the following:

cvs -d /usr/local/repos import -m "test" test_proj vncviewer start - which works! great ! so at least i know its working locally.

from a windows client using cygwin, i try:

CVSROOT=vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

cvs -d $CVSROOT login

which asks for the password for vncuser, but it rejects the (system) password
0
 
blklineCommented:
Is "vncuser" a user on your server?  Is is a member of the "cvs" group?

Barry
0
 
pixitronAuthor Commented:
Really appreciate the help you're giving me Barry.

Yes "vncviewer" is a user on the system where the cvs repository is located - i've checked that i can import/checkout/etc with this user while connected on the host computer.

unfortunately the remote login on the windows box via cygwin command line is where i'm now having trouble.



0
 
blklineCommented:
Since you're using Cygwin, you should have available to you ssh which you can use for your connection.    Try:

CVS_RSH=ssh
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

Now attempt to do a check out (you won't need to login or anything) and see if it goes properly.  If it does, then the issue is with your password server.    And just to be sure, you didn't just 'su - vncuser' from root, did you?  You actually can log onto that computer as vncuser?

Barry
0
 
pixitronAuthor Commented:
No i didn't su vncuser to root - so I'll confident the vncuser user worked.

Using what you advised above (and exporting those variables -  i guess i needed to do that as well), here is what i get.....

cvs co test_proj
ssh: connect to Host IP_ADDRESS on port 22: connection reset by peer
cvs [checkout aborted] end of file file from server


I guess this is bad.... I tried to ping the server....
ping IP_ADDR

4 packets sent, 4 packets recieved

So that connection is ok anyway.
0
 
blklineCommented:
You can successfully SSH to the machine?
0
 
pixitronAuthor Commented:
no cant ssh in
0
 
pixitronAuthor Commented:
I noticed that i had the wrong path to cvs in the cvspserver file, when i changed that and tried to log in remotely via cygwin, i got the following message, i'm not sure if this sheds any further light on the subject:

$ cvs login
Logging in to :pserver:vncuser@IP_ADDRESS:2401/usr/local/repos
CVS password:
cvs [login aborted]: reading from server: Software caused connection abort
0
 
blklineCommented:
This is perplexing.    When I set something like this up, I like to:

1) Ensure that I can log in locally as the user
2) Ensure that I can log in remotely as the user via SSH
3) Ensure that I can access cvs via ssh  (which, by the way, is more secure and the preferred method)
     This is much simpler for testing remote CVS
4) Get the cvs pserver up-and-running.

As to your current dilema, what are your logs saying on the server?  Check /var/log/messages to see if anything is showing up in there.  That you can ssh to the machine concerns me -- that should be a no brainer with no setup.  You don't happen to have a firewall set up on your server, do you?  If it's blocking ssh then most likely it's causing you grief with CVS pserver connections, too.  Most people don't realize when they install RH9 that it will set up the firewall by default.  You actually have to turn it off.  To test that theory, as root try:

service iptables stop

Then try your ssh connections, etc.


Barry
0
 
pixitronAuthor Commented:
is there another way i can type the above message:

service iptables stop

becuase my machine is responding with command not found.

Its only recently i installed redhat 9 - and i'm 99% certain i clicked on the default firewall/security settings.
0
 
pixitronAuthor Commented:
forget that last question - i found it on the menu.

logging in via ssh now ..... so i can do this with iptables stopped
0
 
blklineCommented:
Okay.  Now try to checkout your vncviewer project using the SSH transport:

cd ~/tmp
CVS_RSH=ssh
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos
cvs co vncviewer

Can you checkout your vncviewer project?

Try using the pserver method once again -- any improvement?


0
 
blklineCommented:
Sorry -- you might need to create your tmp directory first:

mkdir ~/tmp

BK
0
 
pixitronAuthor Commented:
CVS_RSH=ssh
export CVS_RSH
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos
export CVSROOT

$ cvs co test_proj
vncuser@IP_ADDR's password:
cannot access /usr/local/repos/CVSROOT
no such file or directory

seems like the CVSROOT isn't being substituted properly???





0
 
pixitronAuthor Commented:
on second thoughts of course the CVSROOT is being substituted properly.

I've double checked the permissions on the CVSROOT folder: owner, group : CVS CVS. and the permissions: drwxrwxr-x  
0
 
blklineCommented:
What does "ls  -l /usr/local/repos"  return?  You did initialize the cvs repository, right?

BK
0
 
pixitronAuthor Commented:
it returns listings for:

CVSROOT
test_proj

I cant remember if i initilized it - i think i did - there are files below CVSROOT
0
 
pixitronAuthor Commented:
im increasing the points - I really appreciate the effort you're making
0
 
blklineCommented:
Does your /var/log/messages file (tail /var/log/messages -n 50) give you a clue?  

Please post the results of:
find /usr/local/cvsroot -ls -print
(it may be a bit long)

I don't want to insult your intelligence, so please bear with me, but not being able to find CVSROOT usually comes from an uninitialized repository.  Which means that you may have initialized your repository, just not where you think you did.  

I just attempted to fake out a CVS request, and got this message:

[klinebl@laptop2 klinebl]$ cvs -d :ext:blk@www.mysite.com:/usr/local/sbin co dummy
Cannot access /usr/local/sbin/CVSROOT
No such file or directory
[klinebl@laptop2 klinebl]$

My repository is actually in  /usr/local/cvsroot

Can I assume that  you obfuscated this following line?
CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

Is the rest of that exchange you posted above accurate?

0
 
pixitronAuthor Commented:
>Please post the results of:
>find /usr/local/cvsroot -ls -print
>(it may be a bit long)

1057990    4 drwxrwsr-x   4 cvs      cvs          4096 Oct  7 14:40 /usr/local/repos/
/usr/local/repos/
1057991    4 drwxrwxr-x   3 cvs      cvs          4096 Oct  4 23:25 /usr/local/repos/CVSROOT
/usr/local/repos/CVSROOT
944492    4 drwxrwxr-x   2 root     cvs          4096 Sep 30 22:04 /usr/local/repos/CVSROOT/Emptydir
/usr/local/repos/CVSROOT/Emptydir
1058017    4 -r--r--r--   1 root     cvs          1168 Sep 30 22:04 /usr/local/repos/CVSROOT/loginfo
/usr/local/repos/CVSROOT/loginfo
1057993    4 -r--r--r--   1 root     cvs          1368 Sep 30 22:04 /usr/local/repos/CVSROOT/loginfo,v
/usr/local/repos/CVSROOT/loginfo,v
1058018    4 -r--r--r--   1 root     cvs           649 Sep 30 22:04 /usr/local/repos/CVSROOT/rcsinfo
/usr/local/repos/CVSROOT/rcsinfo
1057995    4 -r--r--r--   1 root     cvs           849 Sep 30 22:04 /usr/local/repos/CVSROOT/rcsinfo,v
/usr/local/repos/CVSROOT/rcsinfo,v
1058019    4 -r--r--r--   1 root     cvs          1025 Sep 30 22:04 /usr/local/repos/CVSROOT/editinfo
/usr/local/repos/CVSROOT/editinfo
1057997    4 -r--r--r--   1 root     cvs          1225 Sep 30 22:04 /usr/local/repos/CVSROOT/editinfo,v
/usr/local/repos/CVSROOT/editinfo,v
1058020    4 -r--r--r--   1 root     cvs          1026 Sep 30 22:04 /usr/local/repos/CVSROOT/verifymsg
/usr/local/repos/CVSROOT/verifymsg
1057999    4 -r--r--r--   1 root     cvs          1226 Sep 30 22:04 /usr/local/repos/CVSROOT/verifymsg,v
/usr/local/repos/CVSROOT/verifymsg,v
1058021    4 -r--r--r--   1 root     cvs           760 Sep 30 22:04 /usr/local/repos/CVSROOT/commitinfo
/usr/local/repos/CVSROOT/commitinfo
1058001    4 -r--r--r--   1 root     cvs           960 Sep 30 22:04 /usr/local/repos/CVSROOT/commitinfo,v
/usr/local/repos/CVSROOT/commitinfo,v
1058022    4 -r--r--r--   1 root     cvs           879 Sep 30 22:04 /usr/local/repos/CVSROOT/taginfo
/usr/local/repos/CVSROOT/taginfo
1058003    4 -r--r--r--   1 root     cvs          1079 Sep 30 22:04 /usr/local/repos/CVSROOT/taginfo,v
/usr/local/repos/CVSROOT/taginfo,v
1058023    4 -r--r--r--   1 root     cvs           493 Sep 30 22:04 /usr/local/repos/CVSROOT/checkoutlist
/usr/local/repos/CVSROOT/checkoutlist
1058005    4 -r--r--r--   1 root     cvs           693 Sep 30 22:04 /usr/local/repos/CVSROOT/checkoutlist,v
/usr/local/repos/CVSROOT/checkoutlist,v
1058024    4 -r--r--r--   1 root     cvs           602 Sep 30 22:04 /usr/local/repos/CVSROOT/cvswrappers
/usr/local/repos/CVSROOT/cvswrappers
1058007    4 -r--r--r--   1 root     cvs           802 Sep 30 22:04 /usr/local/repos/CVSROOT/cvswrappers,v
/usr/local/repos/CVSROOT/cvswrappers,v
1058025    4 -r--r--r--   1 root     cvs           564 Sep 30 22:04 /usr/local/repos/CVSROOT/notify
/usr/local/repos/CVSROOT/notify
1058009    4 -r--r--r--   1 root     cvs           764 Sep 30 22:04 /usr/local/repos/CVSROOT/notify,v
/usr/local/repos/CVSROOT/notify,v
1058016    4 -r--r--r--   1 root     cvs          1151 Sep 30 22:04 /usr/local/repos/CVSROOT/modules
/usr/local/repos/CVSROOT/modules
1058011    4 -r--r--r--   1 root     cvs          1351 Sep 30 22:04 /usr/local/repos/CVSROOT/modules,v
/usr/local/repos/CVSROOT/modules,v
1058284    4 -r--r--r--   1 root     cvs           987 Sep 30 22:04 /usr/local/repos/CVSROOT/config
/usr/local/repos/CVSROOT/config
1058013    4 -r--r--r--   1 root     cvs          1187 Sep 30 22:04 /usr/local/repos/CVSROOT/config,v
/usr/local/repos/CVSROOT/config,v
1058014    4 -rw-rw-rw-   1 root     cvs            50 Oct  7 14:40 /usr/local/repos/CVSROOT/history
/usr/local/repos/CVSROOT/history
1058015    0 -rw-rw-rw-   1 root     cvs             0 Sep 30 22:04 /usr/local/repos/CVSROOT/val-tags
/usr/local/repos/CVSROOT/val-tags
1058010    4 -rw-rw-r--   1 root     cvs          1151 Sep 30 22:04 /usr/local/repos/CVSROOT/.#modules
/usr/local/repos/CVSROOT/.#modules
1057992    4 -rw-rw-r--   1 root     cvs          1168 Sep 30 22:04 /usr/local/repos/CVSROOT/.#loginfo
/usr/local/repos/CVSROOT/.#loginfo
1057994    4 -rw-rw-r--   1 root     cvs           649 Sep 30 22:04 /usr/local/repos/CVSROOT/.#rcsinfo
/usr/local/repos/CVSROOT/.#rcsinfo
1057996    4 -rw-rw-r--   1 root     cvs          1025 Sep 30 22:04 /usr/local/repos/CVSROOT/.#editinfo
/usr/local/repos/CVSROOT/.#editinfo
1057998    4 -rw-rw-r--   1 root     cvs          1026 Sep 30 22:04 /usr/local/repos/CVSROOT/.#verifymsg
/usr/local/repos/CVSROOT/.#verifymsg
1058000    4 -rw-rw-r--   1 root     cvs           760 Sep 30 22:04 /usr/local/repos/CVSROOT/.#commitinfo
/usr/local/repos/CVSROOT/.#commitinfo
1058002    4 -rw-rw-r--   1 root     cvs           879 Sep 30 22:04 /usr/local/repos/CVSROOT/.#taginfo
/usr/local/repos/CVSROOT/.#taginfo
1058004    4 -rw-rw-r--   1 root     cvs           493 Sep 30 22:04 /usr/local/repos/CVSROOT/.#checkoutlist
/usr/local/repos/CVSROOT/.#checkoutlist
1058006    4 -rw-rw-r--   1 root     cvs           602 Sep 30 22:04 /usr/local/repos/CVSROOT/.#cvswrappers
/usr/local/repos/CVSROOT/.#cvswrappers
1058008    4 -rw-rw-r--   1 root     cvs           564 Sep 30 22:04 /usr/local/repos/CVSROOT/.#notify
/usr/local/repos/CVSROOT/.#notify
1058012    4 -rw-rw-r--   1 root     cvs           987 Sep 30 22:04 /usr/local/repos/CVSROOT/.#config
/usr/local/repos/CVSROOT/.#config
131720    4 drwxrwsr-x   2 vncuser  cvs          4096 Oct  7 14:49 /usr/local/repos/test_proj
/usr/local/repos/test_proj
131721    4 -r--r--r--   1 vncuser  cvs           379 Oct  7 14:40 /usr/local/repos/test_proj/test.cpp,v
/usr/local/repos/test_proj/test.cpp,v

>Can I assume that  you obfuscated this following line?
>CVSROOT=:ext:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

yes i did this.

>Is the rest of that exchange you posted above accurate?
absolutely

0
 
pixitronAuthor Commented:
>Does your /var/log/messages file (tail /var/log/messages -n 50) give you a clue?  

nothing about cvs
0
 
pixitronAuthor Commented:
Ok, due to weird behaviour, I decided to:

1. Reboot the cvs machine
2. Double check iptables were disabled
3. Connect via :ext:
4. Import a new project from cygwin command line


weirdly ..... it has worked - I'm not sure of the exact reason unless it was because  i think I might have only temporarily stopped the iptables and done a reboot, but the iptables filtering came back up - maybe this was the issue.

Anyway this now works.


Onto the pserver, changin the definition of CVSROOT to
CVSROOT=:pserver:vncuser@IP_ADDRESS_OF CVS_MACHINE:/usr/local/repos

and it responds with unrecognized auth command.

0
 
blklineCommented:
Did you enter a password for vncuser into the /usr/local/repos/CVSROOT/passwd file?

See section 2.9.3:

https://www.cvshome.org/docs/manual/cvs-1.11.17/cvs_2.html#SEC26
0
 
pixitronAuthor Commented:
no - as i understood if a passwd file wasn't present, but the login user was a user on the system he would still be validated ...however this doesn't appear to be the case.

great link btw - i think once i read through this it should sort out all of the issues
0
 
blklineCommented:
> as i understood if a passwd file wasn't present, but the login user was a user on the system he would still be validated

Yes, it's supposed to work that way.  But I'm not sure if cvs will use PAM authentication against the /etc/shadow file, or whether it will search the older /etc/passwd file.  Given the age of CVS I'm suspecting that it may be the latter.  In any event, I don't use pserver authentication, instead deferring to my favorite:  ssh.  
0
 
pixitronAuthor Commented:
i copied the user "vncuser" encrypted password from the shadow file and placed it in the /usr/local/repos/CVSROOT/ and tried to connect via the cygwin client using the pserver - alas to no avail.  I'm getting what is appraently a generic error still:

unrecognized auth response

I double checked that everything is ok with using ssh login and thats fine. So I'm perplexed
0
 
blklineCommented:
Please post your /etc/xinetd.d/cvs file

(so I can see your configuration)
0
 
pixitronAuthor Commented:
here is my cvspserver file (i presume that was what you meant)

service cvspserver
{
      port            = 2401
      socket_type       = stream
      protocol            = tcp
      wait             = no
      user             = root
      server             = /usr/bin/cvs
      server-args       = -f --allow-root=/usr/local/repos pserver
}

My cvs password file

vncuser:****************:

and i copied that exactly from the shadow file.
0
 
pixitronAuthor Commented:
if i cant get pserver method to work - is using ssh ok? you seem to suggest its actually the perfered approach? though nearly all online tutorials seems to talk about setting up the pserver approach.
0
 
blklineCommented:
I'm going to set up a test system today and see if I can figure out your pserver problem.   You still have iptables stopped, right?
0
 
pixitronAuthor Commented:
wow thanks ever so much.

Yes indeed the iptables are stopped - checked. - anyway i wasn't able to establish a ssh connection when they were up previously, so the very fact i can  connect to the cvs repository using ssh makes me feel confident its defintely stopped.
0
 
blklineCommented:
Okay -- I got it working.  The problem is with xinetd.  I followed the instructions in the CVS docs and tested the server with:

telnet localhost 2401

According to the docs ( F.2 Trouble making a connection to a CVS server )  the result I got indicated a problem with cvs receiving the "pserver" command when called by xinetd..  I played with difference permutations of commands in /etc/xinetd.d/cvspserver  but was unable to make the thing work.  My solution, though somewhat inelegant, is to create a script (/usr/local/sbin/cvspserver), which contains:

#!/bin/sh
exec /usr/bin/cvs -f --allow-root=/home/cvs pserver

and ensure that it's executable:     chmod +x /usr/local/sbin/cvspserver.  Then I altered the /etc/xinetd.d/cvspserver file to contain:

service cvspserver
{
        disable         = no
        port            = 2401
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = root
        passenv         = PATH
        server          = /usr/local/sbin/cvspserver
}

A quick:    service xinetd reload and I was in!    I can't spend any more time fooling around with XINETD, so this is the best solution I can offer for you.
0
 
pixitronAuthor Commented:
ok, sorry for not closing this question out - i was on holidays for a few day.

SO i tried the suggestion you outlined above - however still cant connect.

No to worry, i have connection via ssh, and i guess that's ok, for now at least.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 22
  • 16
Tackle projects and never again get stuck behind a technical roadblock.
Join Now