[cvsnt] Fw: Users unable to add or commit

pdfeeny at aep.com pdfeeny at aep.com
Wed Oct 8 13:30:53 BST 2008 

Arthur,

Thank you for your reply.  The comment is one we created.  I expect to see 
that when a user does not have the appropriate permissions to commit or 
add to a particular module; I don't expect to see it when a user does have 
permission and I don't expect to see it from every user simultaneously. 

I have verified the permissions at all levels on select modules.  We made 
no changes to our CVS install nor to our Linux server.  fileattr.xml has 
not changed.  Users seem to be validating on the server, meaning, they 
have valid entries in /etc/passwd.  They appear to be authenticating 
through AD successfully.  It seems to be failing when the user permissions 
are verified in the group file because it throws that default message even 
though they have explicit access .  If nothing appears to have changed, 
then what changed?  Why would a user be able to authenticate and validate 
one day but not the next? 


Paul D. Feeny, MCP, MCSA
IT System Administrator II - SCM
IT Production Management
Audinet: 200.2249
Phone: 614.716.2249




"Arthur Barrett" <arthur.barrett at march-hare.com> 
10/08/2008 05:35 AM

To
<pdfeeny at aep.com>, <cvsnt at cvsnt.org>
cc

Subject
RE: [cvsnt] Fw: Users unable to add or commit






Paul,

> We are running 2.5.03 (Scorpio) Build 2382 on RHLinux 2.6.9-42.ELsmp. 
> Users authenticate to active directory through samba and winbind.  A 
> typical CVSROOT is :sspi:cafp1:/usr/local/cvs/caf
.
.
.
> cvs server: User 's210554' cannot create 
> /usr/local/cvs/caf/suites/AEP.COG.FUEL.FELPM/database/Anonymous on 
> tag/branch bd-FELPM-3-1-1
> cvs [server aborted]: Prohibited from access by your personal 
> cvsnt access 
> level. You require heightened access to perform this action.

If that is what you tell CVSNT to tell the user then CVSNT will tell the
user that ;)

Someone has set an ACL and set "Prohibited from access by your
personal..." as the message when the ACL is triggered, to view the ACL
use a command like this:

cvs -d :sspi:cafp1:/usr/local/cvs/caf rlsacl
suites/AEP.COG.FUEL.FELPM/database/Anonymous

The ACL could be on any directory and you will need to 'rlsacl' each
directory to find the one with the ACL, ie:
cvs -d :sspi:cafp1:/usr/local/cvs/caf rlsacl
suites/AEP.COG.FUEL.FELPM/database/Anonymous
cvs -d :sspi:cafp1:/usr/local/cvs/caf rlsacl
suites/AEP.COG.FUEL.FELPM/database
cvs -d :sspi:cafp1:/usr/local/cvs/caf rlsacl suites/AEP.COG.FUEL.FELPM
cvs -d :sspi:cafp1:/usr/local/cvs/caf rlsacl suites
cvs -d :sspi:cafp1:/usr/local/cvs/caf rlsacl .


Regards,


Arthur Barrett

More information about the cvsnt mailing list