[cvsnt] Re: permission control on CVSROOT in CVSNT 2.0.58d

Fri Dec 3 20:03:21 GMT 2004

On Fri, 3 Dec 2004 08:27:40 -0800 (PST), Lu Sun <lsun91125 at yahoo.com>
wrote:

>I test installed CVSNT on two XP Pro machines that
>belong to the same domain. The client machine also has
>TortoiseCVS GUI installed. The server and the client
>communicates through SSPI. In CVSROOT/config file,
>"SystemAuth=no". The users list is in the
>CVSROOT/passwd file with password field empty. This
>way I have control who can use the repository and
>domain users don't need to supply a password (am I
>right?).
>
>Here are the few questions I have:
>1. When I first checked out CVSROOT, I did not see
>these four files: admin, passwd, owner, perm. I had to
>set SystemAuth to yes to have admin right and
>add/remove users. Before knowing that the passwd file
>is auto generated by this, I manually created the
>passwd and admin files on the client and did a CVS add
>and commit with TortoiseCVS. 

No, this is not the right way!
The passwd file should be managed solely by the cvs passwd command!
And the admin file should *not* be managed through a
checkout-edit-commit cycle because it exposes this very important
security file to people who should not be allowed to change it.
This file should be created manually in CVSROOT on the server and
maintained by local editing on the srever console!

>But the two files did not
>appear on the server. Server has the auto-generated
>passwd file (I know because the passwd file I manually
>created was in the wrong format). I then manually
>created an admin file on the server in the CVSROOT
>direcotry directly - this is not the right way, but
>other than CVS add and commit, I don't know what else
>to do.

It *IS* the right way!!! This file controls access as admin to the
whole repository and you don't want to expose it to casual checkouts
of CVSROOT!

>My questions are what's the correct procedure
>to create the admin file? How do I specify a list of
>files in CVSROOT so that users can only check out
>certain files?

You can't. The only way is by using the cva access control system or
use NTFS file access permissions. But noone except admins have any
reason to work with or see files in CVSROOT!

>2. Since I don't know how to control what's checked
>out or not in CVSROOT, the config file is always
>checked out. The passwd and admin files are always
>not. On the server, the CVSROOT directory is set full
>permission to the CVSUsers group. Then everyone in
>this group can check out and change the "config" file,
>although not listed in "admin", they could change
>"SystemAuth" to "yes" and become admin. I tested with
>changing the CVSROOT directory permission on the
>server to read only to CVSUsers group, now users
>cannot change the "config" file, when modifying files
>in other modules, there's a waring from the server:
>"cannot write to history file
>C:/cvsrepo/CVSROOT/history: Permission denied". I also
>read in a document that users need write permission to
>the "taginfo" file as well, 

Where do you see this? taginfo is a script taht is executed by the
server when a user makes a tag operation in the repository. There is
no need for anyone except an admin to have write permissions on this
file.

/Bo
(Bo Berglund, developer in Sweden)