[cvsnt] ACL's with Domain groups and sspi

bwhicks at aep.com bwhicks at aep.com
Fri Sep 29 13:41:29 BST 2006


cvsnt-bounces at cvsnt.org wrote on 09/28/2006 11:25:39 PM:

> Tony, you mentioned in a previous thread that using cvs -ttt would show 
the
> ALC logic.  I am familiar with using "-ttt" in various commands for
> debugging, but I don't know which command should return the ACL logic. I
> don't see anything when using "cvs -ttt update". 

The command above should spew a TON of output and the stuff you are 
looking for in the mess should look something like this:

08:35:40: S -> verify_access 
/usr/local/cvs/infrastructure/pm/bin,bin,(null)
08:35:40: S -> 
verify_perm(/usr/local/cvs/infrastructure/pm/bin,(null),read,(null),(null))
08:35:40: S -> verify_owner(/usr/local/cvs/infrastructure/pm/bin)
08:35:40: S -> 
cache_directory_permissions(/usr/local/cvs/infrastructure/pm/bin)
08:35:40: S -> fileattr_read(/usr/local/cvs/infrastructure/pm/bin)
08:35:40: S -> ACL lookup on directory 
/usr/local/cvs/infrastructure/pm/bin
08:35:40: S -> verify_acl(read,HEAD,(null))
08:35:40: S -> user_state = 0, group_state = 0
08:35:40: S -> no match at this level
08:35:40: S -> ACL lookup on directory /usr/local/cvs/infrastructure/pm
08:35:40: S -> verify_acl(read,HEAD,(null))
08:35:40: S -> verify_valid_name(cvsadmin)
08:35:40: S -> matched ACL user=cvsadmin, branch=_default_, merge=
08:35:40: S -> calculated ACL priority is 6
08:35:40: S -> new max priority is 6
08:35:40: S -> matched ACL user=, branch=_default_, merge=
08:35:40: S -> calculated ACL priority is 0
08:35:40: S -> user_state = 0, group_state = 1
08:35:40: S -> run template proc
08:35:40: S -> run_trigger()

Of course, traces need to be enabled in the server or it won't work. 

Good luck...

Brian


More information about the cvsnt mailing list