Chireru
asked on
CVS Security
I need to allow certain users the ability to read and write some modules in CVS, while being restricted from reading the rest, or certain others.
Does anyone know of a way to accomplish this?
Does anyone know of a way to accomplish this?
ASKER
That's an idea, however, I'd like to try to keep it on the pserver protocol. If I were to implement that, I would use CVS over SSH, which would force the authentication.
I may end up going that way, but I've also found this, which allows ACLs to be set:
http://cvsacl.sourceforge.net/
I'm still looking for ideas though, the easier to maintain and implement, the better.
I may end up going that way, but I've also found this, which allows ACLs to be set:
http://cvsacl.sourceforge.net/
I'm still looking for ideas though, the easier to maintain and implement, the better.
ASKER
Can't you just add a line in the config file of the CVSROOT dir like
SystemAuth=no
And then use 'passwd' flatfile auth within the CVS Tree (somewhat like .htaccess)?
[root@mail CVSROOT]# ls
checkoutlist config,v Emptydir/ modules,v rcsinfo,v verifymsg,v
checkoutlist,v cvswrappers history notify taginfo
commitinfo cvswrappers,v loginfo notify,v taginfo,v
commitinfo,v editinfo loginfo,v passwd val-tags
config editinfo,v modules rcsinfo verifymsg
[root@mail CVSROOT]# cat passwd
dkwan:ZPpGYyHjL/Jpk:dkwan
sangam:XTzBWBOINS1Tc:sanga m
admin:OLFbiCvHcxFe6:admin
sunlux:BD.QTI/uLaaP2:sunlu x
[root@mail CVSROOT]#
The cvs passwd file knows crypt and md5 passwords I get from the
/etc/shadow file.
Regards,
~K Black
Irvine, Ca.
SystemAuth=no
And then use 'passwd' flatfile auth within the CVS Tree (somewhat like .htaccess)?
[root@mail CVSROOT]# ls
checkoutlist config,v Emptydir/ modules,v rcsinfo,v verifymsg,v
checkoutlist,v cvswrappers history notify taginfo
commitinfo cvswrappers,v loginfo notify,v taginfo,v
commitinfo,v editinfo loginfo,v passwd val-tags
config editinfo,v modules rcsinfo verifymsg
[root@mail CVSROOT]# cat passwd
dkwan:ZPpGYyHjL/Jpk:dkwan
sangam:XTzBWBOINS1Tc:sanga
admin:OLFbiCvHcxFe6:admin
sunlux:BD.QTI/uLaaP2:sunlu
[root@mail CVSROOT]#
The cvs passwd file knows crypt and md5 passwords I get from the
/etc/shadow file.
Regards,
~K Black
Irvine, Ca.
ASKER
It looks like the passwd file would be per-repository, which means that I can't restrict it per-module..
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I found WinCVS handy in this respect as it inherently supported mapping multiple users. http://www.wincvs.org/
Let me know if this helps you.
Highest regards,
~K Black
Irvine, Ca.