Hi there,
> > Generally I agree with Ross' view, and that downloading 1MB is likely to
> > be faster not only because of its small size but also because CVS sets
> > transaction locks for each incoming 'update' request that slow down the
> > transfer times not only for the user but also for every other developer
> > who currently works with CVS. This could in bad circumstances prevent a
> > developer from checking in new sources in time.
>
> OTOH the transactions do not take SO long, so I believe the locking is
> acceptable for a reasonable number of "anonymous" users.
^^^^^^^^^^
That's a good point. Yet we do not know anything about the amount of anon
CVS users.
But can you imagine how boring it would to wait for, say, a dozen transactions
until you get the ball?
> > To achieve that I have to set up CVSROOT/commitinfo in that it denies
> > commits for any non-developer. With CVS 1.10 I found this problem impossible
> > to solve, because CVS does not provide information about the CVS login name
> > during the time it parses commitinfo. This seems to be a bug.
>
> Yes and no. I've hacked at the repository and introduced another (UNIX)
> user "l2hanon". This user has the same group, but only limited write
> access (as group). I completely removed world access for the repository.
> Now in the CVS' passwd file I added "ANONYMOUS:latex2html:l2hanon" (in the
> passwd file the passwd is encrypted, of course) and modified the cvsallow
> script, so that it should work as advertised. I tried both types of
> access, that worked ok. Oh, I forgot to mention that of course I had to
> change the inetd.conf entry: cvs is now started as root, but takes on the
> user id listed in the CVS' passwd before doing modifications.
> So now we have anonymous read access. Should we advertise it?
I personally would prefer to try out your solution, Marek.
I agree in all that your idea is a valid work-around for that CVS bug.
So we could 'advertise' it and look what happens.
Anyway I don't like to put much effort in this topic until next year (lazy
as I am)...
As password I suggest a temptative <RET>. Marek, you guess the crypted one.
> > I am interested in more comments on this topic.
> > Currently the developers' release still contains CVS directories that point
> > to the CVS Repository in Bayreuth, and *everyone* who is keen enough to
> > CVS login is able to update whatever he wants.
>
> How does this work? I didn't quite understand this. CVS requires
> username/passwd to log in, and if the user isn't listed in the passwd
> file, she doesn't get access, right?
If the developers' release contains the CVS directories, they contain files
named Root. In that files you will find the CVSROOT content of the latex2ht
user. So anyone who runs cvs in that release on whatever side causes cvs
to take that information as CVSROOT. Consequently, first what cvs does is
prompting for the CVSADMIN user password at Bayreuth. Smile :)
> > So what do you prefer?
I prefer to remain in silence for now. (The brown bag, please, XXL).
Marek, good luck with your config stuff.
Regards,
Jens Lippmann.
--
# Jens Lippmann [EMAIL PROTECTED]
# http://www.informatik.tu-darmstadt.de/TI
#
# Technische Universitaet Darmstadt http://www.tu-darmstadt.de
