[cvsnt] Re: ACLs for groups?

bwhicks at aep.com bwhicks at aep.com
Tue Oct 18 22:09:13 BST 2005 

I see! My test user was inadvertently in the linux group "cvsadmin" and
this was causing anything in the CVSROOT/group file to be overridden. It
works great! I like it! Thanks a lot!

Brian



                                                                           
             Tony Hoyle                                                    
             <tony.hoyle at march                                             
             -hare.com>                                                 To 
                                       bwhicks at aep.com                     
             10/18/2005 04:36                                           cc 
             PM                        cvsnt at cvsnt.org                     
                                                                   Subject 
                                       Re: [cvsnt] Re: ACLs for groups?    
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




bwhicks at aep.com wrote:
> I'm actually on the local machine, using :local:/usr/local/cvs as my
> CVSROOT.
>
> I see with "-ttt" that if I use my username specifically in the acl, i
see
> this line:
>
> 16:16:23:   -> matched ACL user=fred, branch=_default_, merge=
>
> but if I try to depend on the groupname as per my previous email, I see
> this instead (showing more data for emphasis):
>
> 16:20:09:   -> verify_valid_name(fakegroup)
> 16:20:09:   -> matched ACL user=, branch=_default_, merge=
> 16:20:09:   -> calculated ACL priority is 0
> 16:20:09:   -> user_state = 0, group_state = 0
> 16:20:09:   -> no match at this level
>
> I see these messages multiple times in both cases. It looks like the
group
> simply doesn't get matched.
>
You should see a bunch of add_valid_group lines earlier, eg:

21:34:07:   -> Checking admin file d:/repo/CVSROOT/admin for user tmh
21:34:07:   -> add_valid_group(testgroup)
21:34:07:   -> add_valid_group(admin)
21:34:07:   -> Checking local access token for groups
21:34:07:   -> add_valid_group(Domain Users)
21:34:07:   -> add_valid_group(Everyone)
21:34:07:   -> add_valid_group(Debugger Users)
21:34:07:   -> add_valid_group(Users)
21:34:07:   -> add_valid_group(Administrators)
21:34:07:   -> add_valid_group(INTERACTIVE)
21:34:07:   -> add_valid_group(Authenticated Users)
21:34:07:   -> add_valid_group(Authenticated Users)
21:34:07:   -> add_valid_group(LOCAL)
21:34:07:   -> add_valid_group(Domain Admins)
21:34:07:   -> add_valid_group(Enterprise Admins)
21:34:07:   -> add_valid_group(Schema Admins)
21:34:07:   -> add_valid_group(CERTSVC_DCOM_ACCESS)

The first one comes from the CVSROOT/group file, the second (admin)
because I am an adminsitrator, and all the others from the system.

Tony

More information about the cvsnt mailing list