On 01/25/08 06:19:12, Arthur Barrett wrote: > > Is your question "How do I store two repositories on a server with > different users able to access different repos?" > > The simplest way to achieve that is with two --allow_root's and set the > filesystem level ownership and permissions on the files.
I've got a pretty good handle on how --allow-root might work, and we presently utilize users/groups to enforce some level of access control. I prefer something like the pserver protocol because it has per repository access control that is separate from the system's idea of users and groups, and it makes it possible to manage CVS access using CVS-related files/tools only. > > If you need to get fancier then use the cvsacls script from the contrib > directory. I looked at that and a few other add ons. Seemed somewhat clunky and complex. > > If you need to get fancier still then use CVSNT (free/GPL just like CVS > and yes it runs on unix/linux/windows/mac) and use the 'chacl' command > with ACLmode=normal. OK. I haven't looked into CVSNT. Thanks for the tip. > > Also: using pserver over the internet for write access is discouraged > since the password is sent in plan text. Understood, that's why I grativated towards a server->pserver conversion. The server side is accessed via the ssh and the external network. The pserver protocol is accessed only on the internal network (this shares a similar philosophy with with the ssh port forwarding to pserver solution). > CVSNT has a 'sserver' protocol which is an encrypted version > of pserver. This sounds like it will fit the bill. Thanks. How well supported, and widely used is CVSNT? It doesn't seem to be readily available via the usual collection of repositories as an FC8 rpm for example. - Gary
