Yeesh. Have you explained why this is wrong, that they are losing history when they do this, and the potential for irreversable accidents? It's better to rule by consensus than by fiat.. not to say you can't persuade them to agree with you AND refuse to allow them full access.
Is it acceptable to remove their regular login shell? They are obviously abusing their access, and if so it makes this restriction pretty easy. The only command they need to be able to run to access the CVS server via SSH is "cvs server". You could make a pretty trivial shell script that's used as a login shell, which only allows that command to be executed. HTH, Rob On Tue, Sep 02, 2003 at 05:24:53PM -0400, Christopher Rumpf wrote: > Hi there. > > > > I have some developers who simply refuse to use the 'cvs rm', 'cvs delete' > and 'cvs remove' commands. Instead they log into the CVS server (using > SSH), cd into the repository and /bin/rm the ,v files which they are > concerned about. (yikes!) > > > > Removing their cvs write permissions is not a solution which will work as > most of these people are major contributors. > > > > Has anyone encountered this before and how did you solve it? The only way I > can think (right now) is to write a script that will run for every single > /bin/rm command which will first make sure that the repository path is not > in the path to be deleted. This seems very inefficient. > > > > Is there an easier way using UNIX groups and/or some other Unix admin > command or trick I don't know of? > > > > Thanks! > > > > /* --- > > Christopher Rumpf > > 786.385.3892:MOBILE > > 305.860.4461:FAX > > MrRumpf:YIM > > --- */ > > > > _______________________________________________ > Info-cvs mailing list > [EMAIL PROTECTED] > http://mail.gnu.org/mailman/listinfo/info-cvs _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
