[cvsnt] Re: Error with 2.0.51a ends with "results may not be correct"

Tony Hoyle tmh at nodomain.org
Wed Aug 4 19:12:08 BST 2004


Fish wrote:

> I turned on all the system-level auditing and all filesystem auditing for the 
> group in question and the local SYSTEM account at the root of the repository 
> on down.  I see the following..
> 
> A CVS process being created.
> LSA granting the impersonation for the domain-level user who is trying to 
> access a directory listing.
> A network logon for that user.
> Read access by localsystem for /CVSROOT/config
> Execute/traverse by the user for /
> Read by the user for /CVSROOT/cvswrappers
> Read by the user for /CVSROOT/cvsrc
> Network logoff for user
> 
> The files listed above - config, cvswrappers, and cvsrc are either all blank 
> or all commented out.  There are no failure audits to be spoken of.
> 
The error message tells you exactly which directory is failing and it's 
always the result of an access denied from the filesystem doing a search 
on that directory - it's a very specific error.

The only way to solve it is to find out why the user is being denied 
access to the directory.  The audit logs are the normal way to do this, 
although it should be possible just by looking at the ACLs for the 
directories.

There isn't really any more I can suggest... there must be something on 
your config denying access for those users but if you can't find it I'm 
stumped...

Tony

-- 
Before you criticize someone, walk a mile in their shoes.
That way, if he gets angry, he's a mile away and barefoot.

Tony Hoyle <tmh at nodomain.org>  Key ID: 104D/4F4B6917 2003-09-13
Fingerprint: 063C AFB4 3026 F724 0AA2  02B8 E547 470E 4F4B 6917
FWD: 413300



More information about the cvsnt mailing list