[cvsnt] Reg: Problem in checkout
lists at connectionbrazil.com
Mon Sep 17 13:09:08 BST 2007
> I have 3 groups of users on windows 2003 server and using it with sspi
> Group1: CVSUsers
> Group2: CVSAdmins
> Group3: CVSAdmin-xxxx, here xxxx is the repository name.
> Group1 is given only modification privileges from Windows 2003 server
> security permission options. Similarly Group2 is given full access on
> all the repositories and Group3 is given full access on specific
> repositories. I have changed the config file AclMode to normal after
> that the particular user is not able to checkout the repository to the
> local client machine . It gives the following error :-
> cvs checkout: cwd=d:\Branch ,current=d:\Branch
> cvs server: User SV48388 cannot read .
Can you show the commands you're using, for everything CVSNT-related? For
example: how you set the ACLs for user SV48388 (or CVSUsers), an lsacl on
the module you want to check out, the exact checkout command (and if it
doesn't use the -d option to set the connection string, show that one
> -----Original Message----- From: cvsnt-bounces at cvsnt.org
> [mailto:cvsnt-bounces at cvsnt.org] On Behalf Of Gerhard Fiedler Sent:
> Saturday, September 15, 2007 10:33 PM To: cvsnt at cvsnt.org Subject: Re:
> [cvsnt] Reg: Problem in checkout
> Shivendra_Vishal wrote:
>> When the AclMode in CVSROOT\config file is set to normal the user is not
>> able to checkout the files to the client though the user is given
>> read,write and tag access through the chacl command. CVS is throwing the
>> error :
>> cvs checkout: cwd=d:\Branch ,current=d:\Branch
>> cvs server: User user1 cannot read
>> When I'm changing the AclMode to compat checkout is working properly
>> however when the user restricted using chacl the restriction dosen't
>> applies and user can perform anything like read,write,tagging ..etc
>> which is not desirable. Please help me out to resolve this issue in
>> windows 2003 server environment.
> I don't know what exactly your problem is, but from the description it
> seems that you aren't applying the ACLs you are thinking you are applying.
> Compatibility mode means that all users have full access by default, normal
> mode means that no normal user has any access by default. That explains
> your results, and the ACLs didn't become effective.
> It seems there's something wrong with the user setup.
More information about the cvsnt