From 59bfedf5e4f40dedba00158e5f7a32ce778a36ef Mon Sep 17 00:00:00 2001 From: Manuel Canales Esparcia Date: Wed, 18 May 2005 18:55:21 +0000 Subject: [PATCH] Tagged cvsserver.xml git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@4356 af4574ff-66df-0310-9fd7-8a98e5e911e0 --- server/other/cvsserver.xml | 298 ++++++++++++++++++++----------------- 1 file changed, 161 insertions(+), 137 deletions(-) diff --git a/server/other/cvsserver.xml b/server/other/cvsserver.xml index 011f80426a..3855a4187b 100644 --- a/server/other/cvsserver.xml +++ b/server/other/cvsserver.xml @@ -7,109 +7,129 @@ ]> - - $LastChangedBy$ - $Date$ - + - -Running a CVS server + + $LastChangedBy$ + $Date$ + - -Running a <acronym>CVS</acronym> server + Running a CVS Server -This section will describe how to set up, administer and secure -a CVS server. + + Running a CVS Server - -<application>CVS server</application> dependencies + This section will describe how to set up, administer and secure + a CVS server. - -Required - and - + CVS Server Dependencies - + Required + and + - -Setting up a <acronym>CVS</acronym> server. + -A CVS server will be set up using OpenSSH -as the remote access method. Other access methods, including :pserver: and -:server: will not be used for write access to the CVS -repository. The :pserver: method sends clear text passwords over the network -and the :server: method is not supported in all CVS ports. -Instructions for anonymous, read only CVS access using -:pserver: can be found at the end of this section. + + Setting up a CVS Server. -Configuration of the CVS server consists of four -steps: + A CVS server will be set up using OpenSSH as the remote access + method. Other access methods, including :pserver: and :server: will + not be used for write access to the CVS repository. The :pserver: + method sends clear text passwords over the network and the :server: + method is not supported in all CVS ports. Instructions for anonymous, + read only CVS access using :pserver: can be found at the end of this + section. -1. Create a repository. -Create a new CVS repository with the following -commands: -mkdir /srv/cvsroot && + Configuration of the CVS server consists of four + steps: + + + 1. Create a Repository. + + Create a new CVS repository with the following + commands: + +mkdir /srv/cvsroot && chmod 1777 /srv/cvsroot && export CVSROOT=/srv/cvsroot && -cvs init +cvs init -2. Import source code into the repository. -Import a source module into the repository with the following -commands, issued from a user account on the same machine as the -CVS repository: + -cd [sourcedir] && -cvs import -m "[repository test]" [cvstest] [vendortag] [releasetag] + + 2. Import Source Code Into the Repository. -3. Verify local repository access. -Test access to the CVS repository from the same user -account with the following command: + Import a source module into the repository with the following + commands, issued from a user account on the same machine as the + CVS repository: -cvs co cvstest +cd [sourcedir] && +cvs import -m "[repository test]" [cvstest] [vendortag] [releasetag] -4. Verify remote repository access. -Test access to the CVS repository from a remote -machine using a user account that has ssh access to the -CVS server with the following commands: -Replace [servername] with the -IP address or host name of the CVS -repository machine. You will be prompted for the user's shell account password -before CVS checkout can continue. + + + 3. Verify Local Repository Access. -export CVS_RSH=/usr/bin/ssh && -cvs -d:ext:[servername]:/srv/cvsroot co cvstest - + Test access to the CVS repository from the same user + account with the following command: - -Configuring <acronym>CVS</acronym> for anonymous read only access. +cvs co cvstest -CVS can be set up to allow anonymous read only access -using the :pserver: method by logging on as root and executing the following -commands: + -(grep anonymous /etc/passwd || useradd anonymous -s /bin/false) && + + 4. Verify Remote Repository Access. + + Test access to the CVS repository from a remote machine using + a user account that has ssh access to the CVS + server with the following commands: + + + Replace [servername] with the + IP address or host name of the CVS repository machine. You will + be prompted for the user's shell account password before CVS + checkout can continue. + + +export CVS_RSH=/usr/bin/ssh && +cvs -d:ext:[servername]:/srv/cvsroot co cvstest + + + + + + + Configuring CVS for Anonymous Read Only Access. + + CVS can be set up to allow anonymous read only access using the + :pserver: method by logging on as root + and executing the following commands: + +(grep anonymous /etc/passwd || useradd anonymous -s /bin/false) && echo anonymous: > /srv/cvsroot/CVSROOT/passwd && -echo anonymous > /srv/cvsroot/CVSROOT/readers +echo anonymous > /srv/cvsroot/CVSROOT/readers -If you use inetd, the following command will add the -CVS entry to /etc/inetd.conf: + If you use inetd, the following command + will add the CVS entry to + /etc/inetd.conf: -echo "2401 stream tcp nowait root /usr/bin/cvs cvs -f \ - --allow-root=/srv/cvsroot pserver" >> /etc/inetd.conf +echo "2401 stream tcp nowait root /usr/bin/cvs cvs -f \ + --allow-root=/srv/cvsroot pserver" >> /etc/inetd.conf - - /etc/inetd.conf - + + /etc/inetd.conf + -Issue a killall -HUP inetd to reread the changed -inetd.conf file. + Issue a killall -HUP inetd to reread the changed + inetd.conf file. -If you use xinetd, the following command will create the -CVS file as /etc/xinetd.d/cvspserver: + If you use xinetd, the following command will create + the CVS file as /etc/xinetd.d/cvspserver: -cat >> /etc/xinetd.d/cvspserver << "EOF" -# Begin /etc/xinetd.d/cvspserver +cat >> /etc/xinetd.d/cvspserver << "EOF" +# Begin /etc/xinetd.d/cvspserver service cvspserver { @@ -123,84 +143,88 @@ echo anonymous > /srv/cvsroot/CVSROOT/readers server_args = -f --allow-root=/srv/cvsroot pserver } -# End /etc/xinetd.d/cvspserver -EOF +# End /etc/xinetd.d/cvspserver +EOF - - /etc/xinetd.d/cvspserver - + + /etc/xinetd.d/cvspserver + -Issue a /etc/rc.d/init.d/xinetd reload to reread the changed -xinetd.conf file. + Issue a /etc/rc.d/init.d/xinetd reload to reread + the changed xinetd.conf file. -Testing anonymous access to the new repository requires an account -on another machine that can reach the CVS server via -network. No account on the CVS repository is needed. To -test anonymous access to the CVS repository, log in to -another machine as an unprivileged user and execute the following command: - + Testing anonymous access to the new repository requires an account + on another machine that can reach the CVS server via network. No account + on the CVS repository is needed. To test anonymous access to the CVS + repository, log in to another machine as an unprivileged user and execute + the following command: -cvs -d:pserver:anonymous@[servername]:/srv/cvsroot co cvstest +cvs -d:pserver:anonymous@[servername]:/srv/cvsroot co cvstest -Replace [servername] with the -IP address or hostname of the -CVS server. + + Replace [servername] with the + IP address or hostname of the CVS server. + - + - -Command explanations + + Command Explanations -mkdir /srv/cvsroot: Create the CVS -repository directory. + mkdir /srv/cvsroot: Create the CVS + repository directory. -chmod 1777 /srv/cvsroot: Set sticky bit permissions for -CVSROOT. + chmod 1777 /srv/cvsroot: Set sticky bit + permissions for CVSROOT. -export CVSROOT=/srv/cvsroot: Specify new CVSROOT - for all cvs commands. + export CVSROOT=/srv/cvsroot: Specify new + CVSROOT for all cvs commands. -cvs init: Initialize the new CVS -repository. + cvs init: Initialize the new CVS + repository. -cvs import -m "repository test" cvstest vendortag -releasetag: All source code modules must be imported -into the CVS repository before use, with the -cvs import command. The -m -flags specifies an initial descriptive entry for the new module. -The "cvstest" parameter is the name used for the module in all -subsequent cvs commands. The "vendortag" and "releasetag" -parameters are used to further identify each CVS module and -are mandatory whether used or not. + cvs import -m "repository test" cvstest vendortag + releasetag: All source code modules must be imported into the + CVS repository before use, with the cvs import command. + The flags specifies an initial descriptive entry for + the new module. The parameter is the name used + for the module in all subsequent cvs commands. The + and parameters are + used to further identify each CVS module and are mandatory whether used + or not. -(grep anonymous /etc/passwd || useradd anonymous -s -/bin/false): Check for an existing anonymous user and -create one if not found. + (grep anonymous /etc/passwd || useradd anonymous -s + /bin/false): Check for an existing anonymous user and create one if not + found. -echo anonymous: > /srv/cvsroot/CVSROOT/passwd -: Add the anonymous user to the CVS passwd file, -which is unused for anything else in this configuration. + echo anonymous: > /srv/cvsroot/CVSROOT/passwd: + Add the anonymous user to the + CVS passwd file, which is unused for anything else in this + configuration. -echo anonymous > /srv/cvsroot/CVSROOT/readers: Add the -anonymous user to the CVS readers file, a list of -users who have read only access to the repository. + echo anonymous > /srv/cvsroot/CVSROOT/readers: + Add the anonymous user to the + CVS readers file, a list of users who have read only access to the + repository. - + + + + Contents + + + Installed Programs + Installed Libraries + Installed Directories + + + None + None + /srv/cvsroot + + + + - -Contents - - - Installed Programs - Installed Libraries - Installed Directories - - - None - None - /srv/cvsroot - - - -