glfs/archive/cvsserver.xml

232 lines
8.2 KiB
XML
Raw Normal View History

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../../general.ent">
%general-entities;
]>
<sect1 id="cvsserver" xreflabel="Running a CVS Server">
<?dbhtml filename="cvsserver.html"?>
<sect1info>
<othername>$LastChangedBy$</othername>
<date>$Date$</date>
</sect1info>
<title>Running a CVS Server</title>
<sect2 role="package">
<title>Running a CVS Server</title>
<para>This section will describe how to set up, administer and secure
a CVS server.</para>
<bridgehead renderas="sect3">CVS Server Dependencies</bridgehead>
<bridgehead renderas="sect4">Required</bridgehead>
<para><xref linkend="cvs"/> and
<xref linkend="openssh"/></para>
</sect2>
<sect2 role="configuration">
<title>Setting up a CVS Server.</title>
<para>A CVS server will be set up using OpenSSH as the remote access
method. Other access methods, including :pserver: and :server: will
not be used for write access to the CVS repository. The :pserver:
method sends clear text passwords over the network and the :server:
method is not supported in all CVS ports. Instructions for anonymous,
read only CVS access using :pserver: can be found at the end of this
section.</para>
<para>Configuration of the CVS server consists of four
steps:</para>
<sect3>
<title>1. Create a Repository.</title>
<para>Create a new CVS repository with the following
commands:</para>
<screen role="root"><userinput>mkdir /srv/cvsroot &amp;&amp;
chmod 1777 /srv/cvsroot &amp;&amp;
export CVSROOT=/srv/cvsroot &amp;&amp;
cvs init</userinput></screen>
</sect3>
<sect3>
<title>2. Import Source Code Into the Repository.</title>
<para>Import a source module into the repository with the following
commands, issued from a user account on the same machine as the
CVS repository:</para>
<screen><userinput>cd <replaceable>&lt;sourcedir&gt;</replaceable> &amp;&amp;
cvs import -m "<replaceable>&lt;repository test&gt;</replaceable>" <replaceable>&lt;cvstest&gt;</replaceable> <replaceable>&lt;vendortag&gt;</replaceable> <replaceable>&lt;releasetag&gt;</replaceable></userinput></screen>
</sect3>
<sect3>
<title>3. Verify Local Repository Access.</title>
<para>Test access to the CVS repository from the same user
account with the following command:</para>
<screen><userinput>cvs co cvstest</userinput></screen>
</sect3>
<sect3>
<title>4. Verify Remote Repository Access.</title>
<para>Test access to the CVS repository from a remote machine using
a user account that has <command>ssh</command> access to the CVS
server with the following commands:</para>
<note>
<para>Replace <replaceable>&lt;servername&gt;</replaceable> with the
IP address or host name of the CVS repository machine. You will
be prompted for the user's shell account password before CVS
checkout can continue.</para>
</note>
<screen><userinput>export CVS_RSH=/usr/bin/ssh &amp;&amp;
cvs -d:ext:<replaceable>&lt;servername&gt;</replaceable>:/srv/cvsroot co cvstest</userinput></screen>
</sect3>
</sect2>
<sect2 id='cvsserver-config' role="configuration">
<title>Configuring CVS for Anonymous Read Only Access.</title>
<para>CVS can be set up to allow anonymous read only access using the
:pserver: method by logging on as <systemitem class="username">root</systemitem>
and executing the following commands:</para>
<screen role="root"><userinput>(grep anonymous /etc/passwd || useradd anonymous -s /bin/false -u 98) &amp;&amp;
echo anonymous: &gt; /srv/cvsroot/CVSROOT/passwd &amp;&amp;
echo anonymous &gt; /srv/cvsroot/CVSROOT/readers</userinput></screen>
<!-- <para>If you use <command>inetd</command>, the following command
will add the <application>CVS</application> entry to
<filename>/etc/inetd.conf</filename>:</para>
<screen role="root"><userinput>echo "2401 stream tcp nowait root /usr/bin/cvs cvs -f \
- -allow-root=/srv/cvsroot pserver" &gt;&gt; /etc/inetd.conf</userinput></screen>
<indexterm zone="cvsserver cvsserver-config">
<primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
</indexterm>
<para>Issue a <command>killall -HUP inetd</command> to reread the changed
<filename>inetd.conf</filename> file.</para>
-->
<!--
<para>If you use <command>xinetd</command>, the following command will create
the CVS file as <filename>/etc/xinetd.d/cvspserver</filename>:</para>
<screen role="root"><userinput>cat &gt;&gt; /etc/xinetd.d/cvspserver &lt;&lt; "EOF"
<literal># Begin /etc/xinetd.d/cvspserver
service cvspserver
{
port = 2401
socket_type = stream
protocol = tcp
wait = no
user = root
passenv = PATH
server = /usr/bin/cvs
server_args = -f - -allow-root=/srv/cvsroot pserver
}
# End /etc/xinetd.d/cvspserver</literal>
EOF</userinput></screen>
<indexterm zone="cvsserver cvsserver-config">
<primary sortas="e-etc-xinetd.d-cvspserver">/etc/xinetd.d/cvspserver</primary>
</indexterm>
<para>Issue a <command>/etc/rc.d/init.d/xinetd reload</command> to reread
the changed <filename>xinetd.conf</filename> file.</para>
-->
<para>Testing anonymous access to the new repository requires an account
on another machine that can reach the CVS server via network. No account
on the CVS repository is needed. To test anonymous access to the CVS
repository, log in to another machine as an unprivileged user and execute
the following command:</para>
<screen><userinput>cvs -d:pserver:anonymous@<replaceable>&lt;servername&gt;</replaceable>:/srv/cvsroot co cvstest</userinput></screen>
<note>
<para>Replace <replaceable>&lt;servername&gt;</replaceable> with the
IP address or hostname of the CVS server.</para>
</note>
</sect2>
<sect2 role="commands">
<title>Command Explanations</title>
<para><command>mkdir /srv/cvsroot</command>: Create the CVS
repository directory.</para>
<para><command>chmod 1777 /srv/cvsroot</command>: Set sticky bit
permissions for <envar>CVSROOT</envar>.</para>
<para><command>export CVSROOT=/srv/cvsroot</command>: Specify new
<envar>CVSROOT</envar> for all <command>cvs</command> commands.</para>
<para><command>cvs init</command>: Initialize the new CVS
repository.</para>
<para><command>cvs import -m "repository test" cvstest vendortag
releasetag</command>: All source code modules must be imported into the
CVS repository before use, with the <command>cvs import</command> command.
The <option>-m</option> flags specifies an initial descriptive entry for
the new module. The <option>cvstest</option> parameter is the name used
for the module in all subsequent <command>cvs</command> commands. The
<option>vendortag</option> and <option>releasetag</option> parameters are
used to further identify each CVS module and are mandatory whether used
or not.</para>
<para><command>(grep anonymous /etc/passwd || useradd anonymous -s
/bin/false -u 98)</command>: Check for an existing <systemitem
class="username">anonymous</systemitem> user and create one if not
found.</para>
<para><command>echo anonymous: &gt; /srv/cvsroot/CVSROOT/passwd</command>:
Add the <systemitem class="username">anonymous</systemitem> user to the
CVS passwd file, which is unused for anything else in this
configuration.</para>
<para><command>echo anonymous &gt; /srv/cvsroot/CVSROOT/readers</command>:
Add the <systemitem class="username">anonymous</systemitem> user to the
CVS readers file, a list of users who have read only access to the
repository.</para>
</sect2>
<sect2 role="content">
<title>Contents</title>
<segmentedlist>
<segtitle>Installed Programs</segtitle>
<segtitle>Installed Libraries</segtitle>
<segtitle>Installed Directories</segtitle>
<seglistitem>
<seg>None</seg>
<seg>None</seg>
<seg>/srv/cvsroot</seg>
</seglistitem>
</segmentedlist>
</sect2>
</sect1>