John Summerfield writes:
>
> I have installed cvs in /etc/inetd.conf thus:
> 2401 stream tcp nowait cvs /usr/sbin/tcpd /usr/bin/cvs
> --allow-root=/home/cvs pserver
You probably want a -f in there, too.
> [summer@possum temp]$ cvs -d :pserver:summer@emu:/home/cvs checkout zap
> setgid failed: Operation not permitted
> cvs checkout: authorization failed: server emu rejected access
If you're going to run pserver as a non-root user, you need to have a
CVSROOT/passwd file that maps every user into the user you're running
CVS as. Otherwise, the server will try to change user to the actual
user and fail. In the past, such failures were simply ignored, but
that's a security hole.
-Larry Jones
It's not denial. I'm just very selective about the reality I accept.
-- Calvin
