[cvsnt] Implementing ACLs - and not effecting existing users

Glen Starrett glen.starrett at march-hare.com
Mon Dec 18 17:30:07 GMT 2006


Hi Phil,


Cryer, Phil C. (STL) - cont wrote:
> cvs [login aborted]: authorization failed: server cvs rejected access to
> /usr/local/cvsroot for user test
> 
> I created user test to verify that some users can't get access.  Problem
> is I can, and another user (who I haven't put in any group, readers,
> writers) file can, but most devs can't.  

What's different between your test and the devs?  Same CVSROOT? Same 
group(s)?  Same method for accessing the box?

> 
> This all goes back to not doing this the 'clean' way like I wanted, but
> it's how this big corp is forcing me to do it.  How can I debug, or what
> would be causing this?  Anything cvsnt or something else?

Use tracing (-ttt).  Make sure you have server-side traces enabled. 
Won't help much at the authentication level since it's so early.

> I'm ready to mv CVSROOT, CVSROOT-TEMP and start with a fresh one as
> gen'd by CVSNT and then just cp in the old passwd file.  Would work?
> Other ideas?  Thanks.

You can init a fresh repository and compare to what you have existing. 
Check your /etc/cvsnt/PServer file as well.


-- 
Glen Starrett


More information about the cvsnt mailing list