On Fri, Jul 21, 2000 at 12:39:15PM -0700, Stephen Rasku wrote:
> user1:ULtgRLXo7NRxs:cvsuser
> user2:ULtgRLXo7NRxs:cvsuser
> user3:ULtgRLXo7NRxs:cvsuser
> user4:ULtgRLXo7NRxs:cvsuser
Do you want them to all have the same password? If so (and you want to
anonymize CVS activity, which I wouldn't) an easier way to set this up would
be to just have everyone connect to CVS as cvsuser by setting their $CVSROOT
to :pserver:[EMAIL PROTECTED]:/path/to/repository.
> All our developers currently have root access so password security is
> not relevant. I am more concerned with repository security. I don't
> want our users to be able to access the repository directly (i.e. I
> want it under a different user and group so that they can't even see
> it without going through the server.
If they have root access to the machine with the repository, you can't stop
them from modifying it directly, regardless of who owns the files.
> That way I could make the repository owned by cvsuser and
> the programmers wouldn't be able to access it except through the CVS
> server and I wouldn't have to ever edit the CVSROOT/passwd file. The
> administrator would only have to add a Unix user -- he wouldn't have
> to add a CVS user as well.
Create an addcvsuser script to replace the admin's normal adduser/useradd
script which performs a normal user creation and then adds him to CVS's
passwd file also? (Preferably with a different password, especially if the
user will have root access...)
--
The Shortest Windows Manual: "Turn off the power switch."
Geek Code 3.1: GCS d- s+: a- C++ UL++$ P+>+++ L++>++++ E- W--(++) N+ o+ !K
w---$ O M- !V PS+ PE Y+ PGP t 5++ X+ R++ tv- b++ DI++++ D G e* h+ r++ y+
