Hey all, I am trying to understand the various intracacies with users, permissions, groups and control of a repository.
I have done the usual in initing a repository, setting a "cvs" group as the owner of the initial repository directory. I read that a "cvsadmin" group should be the only accessible to the CVSROOT dir in a repository, so I created a cvsadmin group, made it the owner of the CVSROOT dir (via chgrp). Now, oddly, any user in the cvs group is still able to CD into the CVSROOT and see it. I basically want to only allow cvsadmin users to be able to do anything with that dir. Any ideas on this? I thought by making the cvsadmin group the owner of the dir with owner and group settings at rwx, but world set at --- would prevent any group other than users in cvsadmin group from accessing it. IS this not the case? Do I need to block off the group permission for execute to avoid them changing into it? Also, is their the notion of "parent" groups. That is, ALL of our users will access the cvs repository, so they will be in the cvs group. But besides that, we want to put specific users in some groups that have read/write to various projects but only read access to other projects. If the cvs group owns all repository dirs with a rwxrwx--- permission set on all dirs/files (initially) in the repository, how do we allow users of the cvs group to also be users of other groups that have read/write in some modules, and read-only in others? I understand permissions a bit, but am no expert with linux or cvs, so I am trying to figure out how to build a security architecture for our repository. Thanks. __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
