Comments below. Andrey Aristarkhov wrote:
>Hi all! > >Some years ago I had a lot of administering issues with users who wanted >to change their password for CVS. As a result I've wrote cvspassword >program to allow such users change password via web. >After some period of time I've rewrite the program to add commands >"user" and "pass(word)" to cvs. > >Find README file for my project at the bottom of this message. I can >also post my implementation files and patches to CVS code. > >Regards, >Andrey Aristarkhov >BiTechnology > >README file for cvs user/pass(word) commands >------------------------------------------------------------------------ >---- > cvs user & cvs pass(word) commands implementation > Author: Andrey Aristarkhov <[EMAIL PROTECTED]> >------------------------------------------------------------------------ >---- > >Introduction >============ > >Usage: cvs user <[-a | -m | -d] username> [-u alias] [-p | -P password] > -a|-m|-d 'add', 'modify' or 'delete' user respectively > -u Use "alias" to specify system user for cvs-user. > -P Use "password" to specify user password in a command >line OR > -p enter user password interactively > > >Usage: cvs password [username] > If no "username" is given password will be set for the current >user > "username" Use it if you want to change password for the >specified user > >CVS' command "user" is intended to simplify user management within CVS >repository. It works with administrative file $CVSROOT/CVSROOT/passwd to >add/delete/modify users. > >CVS' command "password" is intended to allow users change their own >passwords to CVS repository. Note: "user" and "password" commands work >only >with CVS users listed in passwd file. There is no way to change password >for >system users by means of these commands. > >These commands have simplest security restrictions and considerations: >0. There must be a user named "admin" in CVS repository who has full >rights to >modify users in the CVS repository. > Why add a new user? Why not use the UNIX `cvsadmin' group like the `cvs admin' command does: <http://www.cvshome.org/docs/manual/cvs_16.html#SEC119>? Even better would be a permissions API that accepts some token representing the action (say a string "name"), and a list of data, then returns true or false and maybe an error message, but that's probably too much to hope for at the moment. :) `cvs passwd' would be available to all users, so it makes sense that it be given a full command namespace, but does it make sense to make `cvs user' its own command rather than part of the the `cvs admin' command? You could use the existing `cvsadmin' group restriction for free then, I think. Of course, if added, `user' should be restricted regardless of the existance of the `cvsadmin' group, so maybe the extra work would be necessary anyhow. >1. Only administrator can add and delete users. >2. Only administrator can change user alias. >3. User's password can be changed either by CVS Administrator or by a >person who >knows current user's CVS password. > >Known issues >============ >There is no way to add user "admin" to CVS' user list via cvs user >command. >This user should be added manually. > >To-Do List >========== >1. Test cvs user & pass(word) command for various platforms. Current >version >is tested under FreeBSD 4.3-RELEASE. >2. "user" command should take additional paramters: Email and Name of >user to >add it to CVSROOT/notify admin file. >3. Write cvspasswd - standalone wrapper program around user/password >functions. (Currently is under development) > > I'll add some more comments to the patches. Derek -- *8^) Email: [EMAIL PROTECTED] Get CVS support at http://ximbiot.com -- Man who run in front of car get tired. _______________________________________________ Bug-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/bug-cvs
