On Fri, Jan 02, 2009 at 01:40:09PM -0800, Alec Warner wrote: > How hard would it be to change permissions on the ,v file for this and > just run the use.local.desc updater as a user with different > privileges? It does have different permissions. It's the directory permissions that matter however. I already tried the file permissions. If we want to truly block it while not affecting commits to the rest of the directory, we need to add CVS ACLS, which I've been meaning to do, but just never got around to.
CVS does (the short version): 1. Take a file-based lock (#A) for the target ,v file. No writes permitted, reads are permitted. 2. Build the new version of the ,v in the temp space. 3. Copy the new version to a different name in the target directory. 4. Upgrade lock #A, no reads permitted now. 5. unlink the old ,v file (the kernel checks the directory permissions, not the file perms). 6. rename the new file into place. 7. Release lock #A. -- Robin Hugh Johnson Gentoo Linux Developer & Infra Guy E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
pgpqXZDVOIet3.pgp
Description: PGP signature