Oh, you mean acls script only works with pserver? In our environment, we are still using pserver at the moment. But I am looking at upgrading it to use ssh2 (still not sure on how to do this). Am I still able to use acls with the ssh2 protocol?
Warm Regards, Jacky Wong -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark D. Baushke Sent: Thursday, September 28, 2006 11:37 AM To: Jacky Cc: CVS Subject: Re: CVS version 1.11.17 vs. 1.11.22 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jacky <[EMAIL PROTECTED]> wrote: > Thanks for the steps on upgrading my cvs server. I shall give them a try. > > Actually we are looking at controlling the access to the repository up > to the branch level. Sure, but lots of folks using the cvs_acls script do that already. > Other than acls, based on your experience, is there any other way of > achieving this? Yes. Read the cvs_acls.html documentation and look at hte cvs_acls.pl perl script. It handles branches and other such things on a commit basis. The only thing that an 'acls' patch might give you would be checkout-based permissions. If you care about that level of restriction, then you probably should never even think about using something like :pserver: which is the only thing that the 'acls' patch might work toward as the :pserver: protocol is NOT very secure as protocols go. -- Mark > > Warm Regards, > Jacky Wong > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark D. Baushke > Sent: Wednesday, September 27, 2006 5:28 PM > To: Jacky > Cc: CVS > Subject: Re: CVS version 1.11.17 vs. 1.11.22 > > Jacky <[EMAIL PROTECTED]> writes: > > > Sorry to intrude the thread, > > > > Has anyone come across tutorials on how to upgrade my cvs server? I am > > using 1.11.17 as well, I need to upgrade to 1.11.22 so that I can use > > acls. > > The CVS version you have now would work with the cvs_acls.pl script that > you can get by browsing the sources on savannah.nongnu.org > http://cvs.savannah.nongnu.org/viewcvs/ccvs/contrib/?root=cvs with > documentation in the cvs_acls.html file. > > The CVSNT folks have a more native implementation of acls if that is > what you think you want. You should visit http://www.cvsnt.org/ for more > details on that fork of the CVS sources. > > To upgrade from cvs 1.11.17 to cvs 1.11.22, do the following: > > 1) download, configure, build, make check, make install > > 2) You may find it desirable to do a 'cvs init' command on your > repository to create any new default templates and triggers that > are not present in your current CVSROOT, otherwise there is nothing > else you need to do. > > If you are considering the cvsacl.sourceforge.net project, that is > outside of the scope of this mailinglist/newsgroup. > > Fwiw: I have never used those set of patches and I have no idea if they > work or what changes you might need to make to your CVS repository to > get them to work. My understanding is that those patches are only useful > if your conneciton method is :pserver: ... you may wish to search out > the various postings on :pserver:, but I personally believe it is a > really bad idea to ever run a :pserver: for any purpose other than as an > anonymous reader to a mirror of your main repository. Using it to > control write access to your repository is a really bad idea in our > current hostile network environment called the Internet. Using it inside > of a given organization and/or company is foolish as you may as well > provision a separate account for each member in any case and doing it to > allow the operating system to authenticate and authorize actions on the > repository is a safer thing to do than to hack a mostly anonymous system > mechanism to do things it was never really intended to do. > > Good luck, > -- Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFFG0NjCg7APGsDnFERAvnUAKC/5bnj0ldrzK7rLL0cPTzt2We6iQCeNjTC 6YJ6TXHCHlwxs/mzA3gxMxo= =h522 -----END PGP SIGNATURE----- _______________________________________________ info-cvs mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/info-cvs
