Re: Moving to Pserver from .rhosts
Greg A. Woods wrote, On 2002-11-15 19:40: [ On Friday, November 15, 2002 at 17:08:16 (+0100), Fredrik Wendt wrote: ] Subject: Re: Moving to Pserver from .rhosts It has the advantage of not having the user at the cvs server adding/rewriting files, but only the user that the pserver runs as (which might take some weight of the poor admins burden). Then you have no accountability in your CVS repository. None. True, but to us, there's actually only one developer, person X. It doesn't matter who does what to the repository - there is a very limited number of developers who can access the server via SSH. And we don't use reserved checkouts, editors/watchers. There is no interest of who did what, only what's been developed. You cannot have security without accountability. Integrity alone is useless. You're probably right, though I'm not sure what you mean by accountability (I'm not a native english speaker). / Fredrik ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: Providing the functionality of CVS as a library
Larry == Larry Jones [EMAIL PROTECTED] writes: Larry To: [EMAIL PROTECTED] (Alex Taler) Larry Subject: Re: Providing the functionality of CVS as a library Larry Date: Sun, 3 Nov 2002 14:01:58 -0500 (EST) Larry There's only one client/server protocol that's used by all the client/ Larry server methods (pserver, ext, fork, etc.): see doc/cvsclient.*. And happily it can be invoked as cvs server on the command line, to support the local repository case and make development easier. Thanks for the pointer, it's just what I need. The libcvs project has now been approved (thanks Derek?), so if you're curious take a look at libcvs.cvshome.org. I've written some design docs for the API, and now we're working on an implementation of the CVS client purely in Perl. Alex -- Some men can swing by their heels on the flying trapeze; some men can become president of the republic; I can drink cognac. Henri Toulouse-Lautrec (as portrayed in Moulin Rouge) PGP: 42D0 66C2 9FF8 553A 373A B819 4C34 93BA 23DC 453B ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: Newbie question re: ssh
[ On Friday, November 15, 2002 at 22:20:39 (-0800), Mike Ayers wrote: ] Subject: Re: Newbie question re: ssh Robert Koster wrote: I have set up a repository, and want to use :ext w/ SSH (without keys). Pros/cons? Con: this isn't possible. ssh operating without keys will forcibly invoke username/password login, which will gag the CVS client. Huh? I haven't tried without keys in a while but I'm pretty sure my client still just asks me for the password and lets me type it -- Greg A. Woods +1 416 218-0098;[EMAIL PROTECTED]; [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED]; VE3TCP; Secrets of the Weird [EMAIL PROTECTED] ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: Moving to Pserver from .rhosts
[ On Saturday, November 16, 2002 at 12:18:19 (+0100), Fredrik Wendt wrote: ] Subject: Re: Moving to Pserver from .rhosts True, but to us, there's actually only one developer, person X. Then why even bother with remote access via CVS? If that one developer wants to work on files on some other host then they can easily copy them over to it as necessary, and back again when they're done. CVS is not a file distribution mechanism. CVS is not a networked filesystem. Use the right tool for the job! :-) You're probably right, though I'm not sure what you mean by accountability (I'm not a native english speaker). accountability is that which allows you to hold the real person responsible for changes. Accountability is impossible without an equal level of authentication (to make sure you have the right person), and integrity (to make sure the person in question is actually responsible for the changes). The three A's are the primary components of a trusted computing base. Privacy is the fourth leg of security. (indeed with cvs pserver there's no guarantee of integrity either, which is why you end up with even less than no accountabilty) -- Greg A. Woods +1 416 218-0098;[EMAIL PROTECTED]; [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED]; VE3TCP; Secrets of the Weird [EMAIL PROTECTED] ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: Moving to Pserver from .rhosts
On Sun, 2002-11-17 at 07:25, Greg A. Woods wrote: [ On Saturday, November 16, 2002 at 12:18:19 (+0100), Fredrik Wendt wrote: ] Subject: Re: Moving to Pserver from .rhosts True, but to us, there's actually only one developer, person X. Then why even bother with remote access via CVS? If that one developer wants to work on files on some other host then they can easily copy them over to it as necessary, and back again when they're done. I'm doing single-user development with CVS at the moment, and using a remote host. (Yes, Greg, I'm using ssh.) Why CVS? For the version and revision control. Why a remote host? Because this way I automatically have two copies, in two different locations, at all times. We do also have a backup system, which backs the repository up to tape, but I'm comfortable knowing that whatever gets cvs committed is sent to a different machine, with a different hard disk, in a different building. Besides, the remote host is the one that already had a repository which was already in our backup script. :) Occasionally the right tool for the job is the one which takes least effort. But speaking of minimal effort: ssh takes, IMO, less effort to set up than correctly setting up pserver, especially if you have a package manager on the server and are running Unix or Linux. Install ssh on both machines, generate keys, set CVS_RSH to ssh, set your CVS connection method to :ext:. Done. Yes, SSH is a little more annoying to set up on Windows. I recommend recent versions of Putty. Do read the docs - you'll need to use the key generator and to set 'pageant' (putty key agent) running. Plink is the command line ssh client. Jenn V. -- Do you ever wonder if there's a whole section of geek culture you miss out on by being a geek? - Dancer. [EMAIL PROTECTED] http://anthill.echidna.id.au/~jenn/ ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: Moving to Pserver from .rhosts
Greg wrote: True, but to us, there's actually only one developer, person X. Then why even bother with remote access via CVS? If that one developer wants to work on files on some other host then they can easily copy them over to it as necessary, and back again when they're done. CVS is not a file distribution mechanism. CVS is not a networked filesystem. Use the right tool for the job! :-) The problem is not to distribute files, nor handing them out over some network, but to track changes made to them and disabling the ability to accidently overwrite what the other person spent his last two days on, just because those win-people are too easy on the drag-n-drop trigger finger... Using CVS this way can't be wrong. CVS offers a lot of other features and possible ways of operation, but there's nothing wrong with not getting into a car crash just because the car has life saving airbags... accountability is that which allows you to hold the real person responsible for changes. Accountability is impossible without an equal level of authentication (to make sure you have the right person), and integrity (to make sure the person in question is actually responsible for the changes). The three A's are the primary components of a trusted computing base. Privacy is the fourth leg of security. I've never actually read or heard the word up 'til now, however my guess was what you explained here. Thanks. / Fredrik ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: Moving to Pserver from .rhosts
[ On , November 17, 2002 at 10:23:47 (+1100), Jenn Vesperman wrote: ] Subject: Re: Moving to Pserver from .rhosts Why a remote host? Because this way I automatically have two copies, in two different locations, at all times. That's not a bad reason, though it wouldn't be good enough alone to justify not using SSH. :-) But speaking of minimal effort: ssh takes, IMO, less effort to set up than correctly setting up pserver, especially if you have a package manager on the server and are running Unix or Linux. That's what I've always thought too! -- Greg A. Woods +1 416 218-0098;[EMAIL PROTECTED]; [EMAIL PROTECTED] Planix, Inc. [EMAIL PROTECTED]; VE3TCP; Secrets of the Weird [EMAIL PROTECTED] ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: Newbie question re: ssh
Greg A. Woods wrote: [ On Friday, November 15, 2002 at 22:20:39 (-0800), Mike Ayers wrote: ] Subject: Re: Newbie question re: ssh Robert Koster wrote: I have set up a repository, and want to use :ext w/ SSH (without keys). Pros/cons? Con: this isn't possible. ssh operating without keys will forcibly invoke username/password login, which will gag the CVS client. Huh? I haven't tried without keys in a while but I'm pretty sure my client still just asks me for the password and lets me type it Hmmm. thinking back, that problem occurs on WinCVS. It may be that the command line client behaves correctly. I need to get my lab rebuilt and test these things first. /|/|ike ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
Re: WinCVS problem - sandbox files not shown
Stefan Andersson wrote: (I've tried all combinations of the Show buttons, but the only thing that differs is if non-cvs files is shown or not...) Incorrect. There are a number of Show buttons colored red. Those buttons will hide all files *except* those shown. Please check those and make sure none are depressed. If any are, tell them a good joke, or just click them, and your hidden files should come out to play. /|/|ike ___ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
