[cvsnt] Re: CVS Streams and permissions.

Jeffrey S. Nelson jnelson at covansys.com
Thu Sep 26 21:28:23 BST 2002


Can you maintain the .perms file external to CVS?

When we use the chacl command with domain level users it takes about 5 to 10
seconds to set the permissions for a project.  Our projects are quite big.

I have produced a script that will create/modify the .persm file and then
replicate it to sub folders.  I just want to make sure that CVS will not
have a problem with doing that.

Thanks


"Tony Hoyle" <tmh at nodomain.org> wrote in message
news:3d93198f.269483171 at news.cvsnt.org...
> On Thu, 26 Sep 2002 09:01:50 -0400, "Jeffrey S. Nelson"
> <jnelson at covansys.com> wrote:
>
> >HEAD (Stream)
> >    default:n
> >    domain#user1:crw
> >    domain#user2:cwr
> >
> >TEST (Stream)
> >    {TEST}default:n
> >    {TEST}domain#user1.crw
>
> So only user1&2 can access HEAD, and only user1 can access TEST.
>
> >The permissions have been granted at the parent project directory only =
> >they are not replicated down through out the project sub folders.
>
> You need at least read access to all the parent directories of a
> folder before the permissions on that folder can be used (so 'n'
> implicitly replates down, but none of the other permissions do).
> chacl has a recursive (-R) option to permit relication of permissions.
>
> >When User1 does a checkout of the TEST stream they can update and add =
> >files without any problems.  User1 can also update and add files to the =
> >HEAD stream. =20
>
> OK.
>
> >User2 can checkout from TEST stream however they are unable to update or
=
> >add any files.
>
> They shouldn't actually be able to checkout, since they have no
> permission to do so - that's probably a bug.  Otherwise it's behaving
> correctly.
>
> >To get User2 to work correctly we had to change from default:n to =
> >default:cwr in the TEST stream.  After making that change User2 was able
=
> >to update and add files to the TEST stream.
>
> User2 only has write permission to the HEAD, not TEST.  This is how it
> is supposed to work.  You would have to give user2 write/create
> permissions to TEST to achieve what you want.
>
> (btw. your use of the word 'stream' seems to suggest you're expecting
> cvs to work like some other tool - which one would that be?  cvs has
> branches and directories.  I'm assuming by stream you mean branch).
>
> Tony
>





More information about the cvsnt mailing list