Re: [cvsacl-users] cvsacl 1.2.0 for cvs 1.11.17 doesn't appear to work
Brought to you by:
sbaris
Menu
▾
▴
Re: [cvsacl-users] cvsacl 1.2.0 for cvs 1.11.17 doesn't appear to work
|
From: Alex H. <ah...@ke...> - 2004-06-22 21:32:44
|
I ran into a similiar problem with the cvsacl 1.2.0 patch. I have since reverted back to the cvsacl 1.1.3 patch on cvs 1.1.10. By default I grant only the cvsadm account p permissions and everyone else rt. After upgrading, our old access file didn't seem to be working so I made a backup and created a blank one. After running cvs racl cvsadm:p -r ALL -d ALL on an empty access file (successfully) it wasn't possible to run any more cvs racl command with the cvsadm user. It simply reported a permission denied error. In aclconfig I have the default permissions set to CVSACLDefaultPermissions=p. Perhaps we are both missing something. Alex On Tue, 22 Jun 2004, Mortensen, Mark wrote: > Alright I was told by our CM team that we had to upgrade to CVS 1.11.17 to > fix some security issues. We are currently using CVS 1.11.5 with cvsacl > 1.1.0 with no problems. CVSACL works great and does what we want. I > downloaded the new patch and ran into a build issue that was noted by Alex > on this list entitled "cvs-1.11.17-cvsacl-1.2.0-patched compile error". > After fixing the acl.c file as per the email the server is able to compile > and correctly reports the version. I created a brand new respository to > test with but now the cvsacl doesn't appear to be working. We are building > on Solaris. Here is what we have > > /TEST2/ > | > | > +--CVSROOT/ > | > | > +--projectA/ > | > | > +--src/... > > Inside of CVSROOT is the access file used by cvsacl and contains > > # CVS ACL definitions file. DO NOT EDIT MANUALLY > d:ALL:ALL:mmortens!p,ALL!a: > d:projectA:ALL:testuser!n: > > So if the "testuser" logs into CVS via a pserver connect the user should not > be able to checkout the projectA module. However, the testuser can. I > backed out the binaries to older cvs/cvsacl (1.11.5 w/cvsacl 1.1.0) patch > version and the correct behaviour is encounted and the testuser can not > checkout the projectA module. > > Am I missing something simple here? > > -Mark > > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ > > > ------------------------------------------------------- > This SF.Net email sponsored by Black Hat Briefings & Training. > Attend Black Hat Briefings & Training, Las Vegas July 24-29 - > digital self defense, top technical experts, no vendor pitches, > unmatched networking opportunities. Visit www.blackhat.com > _______________________________________________ > cvsacl-users mailing list > cvs...@li... > https://lists.sourceforge.net/lists/listinfo/cvsacl-users > |
