[cvsnt] Re: Limiting access to CVSROOT and some CVS commands...

Mike Wake mike.wake at thales-tts.com
Wed Aug 4 18:50:30 BST 2004 

Try this.

Set the config file back to SystemAuth=Yes and relogin as a user in the 
admin file. Lets say that user is called "yourAdminUser"

Then login and checkout the CVSROOT module into a sandbox
cd sandbox
cvs co CVSROOT
cd CVSROOT

Check the ACL permissions
cvs lsacl

Make sure "yourAdminUser" owns the directory
cvs chown yourAdminUser

Check again
cvs lsacl

Give yourAdminUser Read Write and Create permissions
cvs chacl yourAdminUser:rwc

Check the result
cvs lsacl

Do the same for any other user AnotherAdminUser Read Write and Create 
permissions
cvs chacl yourAdminUser:rwc

Check the result
cvs lsacl


Give everyone else no permission
cvs chacl default:n

Check the result.
cvs lsacl


Ultimately the output of cvs lsacl on your CVSROOT directory should look 
something like this.

Directory: .
Owner: yourAdminUser
   default:n
   yourAdminUser:rwc
   AnotherAdminUser:rwc


I did all this within the output window of my favourite GUI WinCVS.


Cheers
Mikew

Tony Hoyle wrote:

> On Wed, 4 Aug 2004 10:51:35 -0600, "Lehman, Curtis"
> <CLehman at carrieraccess.com> wrote:
> 
> 
>>I have been reading the news posts and tried following them to setup an
>>admin file to limit access to CVSROOT. I am using 2.0.51 of CVSNT with the
>>SSPI protocol for user login. How do I go about limiting access to CVSROOT
>>and some cvs commands like import and remove?
> 
> 
> You can set certain users to have read only access to the repository
> (using the readers/writers files) and using ACLs do the same for
> branches.  
> 
> 
>>Now no one was able to log in to CVS. They kept getting "cvs [login
>>aborted]: no such user clehman in CVSROOT/passwd". Contrary to the commit
>>above the line that states "# Set this to `no' if pserver shouldn't check
>>system users/passwords" it looks like the system is trying to access passwd
>>file which doesn't even exists. How can I get what I want done with the
> 
> 
> ?? If you set SystemAuth=No and have no passwd file you've removed all
> users from the system, so of course you won't be able to log in...
> 
> 
> _______________________________________________
> cvsnt mailing list
> cvsnt at cvsnt.org
> http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt

More information about the cvsnt mailing list