All,
I am looking for an opinion on the correct way to configure my server so that I can
access CVS locally from the server as well as from a PC using WinCVS. Here's the
dilemna.
Before upgrading to cvs 1.11.17, cvs was owned by a user on our system called cvs
(id=9001), and group also called cvs (id=2525) with the sticky bit set (i.e. 4755).
Therefore most of the files in the repository are owned by 9001:2525. With 1.11.17
configured as before, running cvs locally works, but running in pserver mode fails. I
think what is happening in pserver mode is:
- Inetd kicks off cvs as root:root, so the relevant ids are:
real user is root:root
user is retrieved from password file as root:other
effective user is 9001:root
- Cvs tries to setgid to the group id retrieved from the password file (other). I'm
guessing this fails because the effective user is 9001.
I tried to fix this by unsetting the sticky bit on the cvs executable, i.e. keep it
owned by 9001:2525 and keep perms at 755. That worked just fine in pserver mode, but
now causes cvs to fail (unable to create cvslock) when running it on the server.
I decided then to change the ownership of cvs to root:2525, with the sticky bit set
(perms=4755). This seems to work for both pserver and server modes, but now the files
in the repository are owned by root. I don't know that this is necessarily a bad
thing, but it makes me a little nervous.
Does anyone have any suggestions/opinions on the correct way to set this up? I guess
another option may be to kick off cvs as the 9001 user in inetd. Do you think that's
a better option?
Thanks in advance for your help -
Neti
_______________________________________________
Info-cvs mailing list
[EMAIL PROTECTED]
http://lists.gnu.org/mailman/listinfo/info-cvs
