[Cvsnt] Problem setting access rights for repository

Koen no at ssppaamm.com
Thu Feb 14 09:55:50 GMT 2002


OK. Thanks!
Running the beta now, using the "use local users instead of domain".
It did not work immediately though: I had to add the CVSUsers and
CVSAdministrators groups to the security settings of the C:\ drive (not only
the repositories). I got "cannot chdir c:\" or something like that. Is this
normal ? (I don't have a CVSROOT environment variable, since I use multiple
repositories).
See also further for more on security settings (need some approval here
:-) ).

I first tried to uninstall the previous (stable) version, and then
installing the latest beta, but then I did not have the "generate passwords"
module any longer in the Start menu. So, I uninstalled the beta, reinstalled
the stable one, and installed the beta again over the stable one. Is this OK
? Or what is the right way to upgrade to a newer version ?

I noticed that now all users are checked either on the domain OR (XOR) on
the local machine.
I really don't want to force anyone, but is it not possible to allow both,
and have this specified in the passwd file in this style:
usera:Mdfjjkds:MYMACHINE\localuser
userb:hdjkDfs:MYDOMAIN\domainuser
Just asking, sorry if this sounds like criticism: it's not...

Now, about security settings: following some advice from here:
http://www.devguy.com/fp/cfgmgmt/cvs/cvs_admin_nt.htm#NTFSPERM ,
I also tried restricting access to each CVSROOT directory of each
repository: "Finally, only CVSAdmins have write access to the files in the
CVSROOT directory", but that raised immediately when checking out a module
by a "normal user": "could not write to history" or something like that.
So now, I have the following:

C:\
CVSAdministrators : full control
CVSUsers : all except full control

C:\cvsMyRepository
CVSAdministrators : full control
CVSUsers : all except full control

C:\cvsMyRepository\CVSRoot
CVSAdministrators : full control
CVSUsers : all except full control

C:\cvsMyRepository\MyModule
CVSAdministrators : full control
CVSUsers : all except full control

Do you think this is OK?
Or should I do other things?

Is it a good idea to set the top-level repository security settings to:
    C:\cvsMyRepository
    CVSAdministrators : full control
    CVSUsers : no full control, no modify, no write
to avoid that users can create new modules themselves?

Thanks again for all help until now, and I hope this feedback also helps the
developers somehow!

Koen

"Tony Hoyle" <tmh at nothing-on.tv> wrote in message
news:3c6a93f1.3567557656 at tony-home...
> On Wed, 13 Feb 2002 16:13:49 +0000 (UTC), "Koen" <no at ssppaamm.com>
> wrote:
>
>
> >OK, but is it really stable enough (it's called "beta" after all ;-) ) to
> >use in a multi-user research environment?
> >Any known problems with it (or incompatibilties with WinCVS)?
> >
> I'm trying to get it stable enough for release at the moment (since
> all the features are in for now).  It should be OK but I suspect there
> are still bugs lurking - at least one person has reported a crash
> (which shouldn't happen, no matter how badly cvs gets abused), but
> there's nothing major at the moment.  There's another beta due, which
> I'll probably release today, which fixes everything I know about so
> far.
>
> Tony
> _______________________________________________
> Cvsnt mailing list
> Cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt


_______________________________________________
Cvsnt mailing list
Cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt



More information about the cvsnt mailing list