On Tue, Feb 04, 2003 at 04:35:47PM -0500, Brian Kowald wrote:
For my whole repository, I set the file and directory owner to cvs and the
group to cvsusers. I did this recursively.
Setting the group is good. Setting the owner doesn't help much;
as you've discovered, it doesn't stay set for very long...
I set set group id bit for the entire repository with'chmod -R g+s'.
This is so that new files will have the correct group and owner.
That should only have been done on the directories, NOT on the files.
However, everything should be g+w. So from a standing start,
it'd be something like:
chmod -R g+w
find . -type d -print0 | xargs -0 chmod g+s
(That's with GNU findutils. Without it, the g+s pipeline is
harder to do both safely and quickly. This has been discussed
here in the past; see the archives for details).
Of course, from your current state, your task is to turn *off*
setgid on the files, not to turn it *on* on the directories...
A couple more steps are needed:
- Add the users to group cvsgroup (then have them log in
again to pick up the change)
- Make sure that users' umasks do NOT include the 020 bit, i.e.
that they create files group-writable. Of course, this has
possibly-unpleasant ramifications for non-CVS files; the
CVSUMASK environment variable *might* be of help, depending
on your setup.
When
I go and look at the repository, the owner has changed to the user doing the
cvs command.
That's as expected. Once the group stuff that we're talking
about is set up properly, this behaviour shouldn't cause any
problems. (Indeed, working around this is a lot of the point of
the group stuff in the first place.)
When I execute a cvs update, I get the error message Can't do setuid'
I have a few thoughts, but nothing concrete:
- Do you have setuid or setgid enabled on the CVS executable
itself? If so, turn them off.
- One of the other suggestions might fix it (especially turning
off setgid on the ,v files).
- That message doesn't seem to occur in CVS 1.11.5. Which
version are you using? If it's an old one, try upgrading.
- Or are you using another implementation, e.g. WinCVS, cvsnt,
etc.? If so, you might have better luck on the appropriate
list.
--
| | /\
|-_|/ Eric Siegerman, Toronto, Ont.[EMAIL PROTECTED]
| | /
A distributed system is one on which I cannot get any work done,
because a machine I have never heard of has crashed.
- Leslie Lamport
___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs
