Subject: Question regarding to set up an AnonCVS mirror
To: None <netbsd-users@netbsd.org>
From: Viktor Holmlund <viktor@netbsd.se>
List: netbsd-users
Date: 03/09/2007 13:43:13
God morning,
I'm a bit muddle-headed about the LockDirs thing, read-only repositories
don't use locks.
It's quite possible but I can't get things to work unless I set LockDir to
a writeable directory in CVSROOT/config.
...
After some minutes I tested to use the '-u' flag in cvs (cvs -u server),
it seems to work without any LockDirs set in CVSROOT/config, but what I
can see its a security problem. Users can checkout dirs/files behind
/cvsroot, e.g:
(export :/ intestead of :/cvsroot)
>export CVSROOT=anoncvs@anoncvs.netbsd.org:/
>export CVS_RSH=ssh
>cvs co -PA etc
cvs checkout: Updating etc
cvs checkout: Updating etc/pam.d
cvs checkout: Updating etc/systrace
>
I compared this with the openbsd anoncvs mirror and got this results:
>export CVSROOT=anoncvs@anoncvs.openbsd.org:/
>export CVS_RSH=ssh
>cvs co -PA etc
Cannot access //CVSROOT
No such file or directory
>
..and that's the correct way.
I'm talking about the CVSREADONLYFS env variable that OpenBSD's cvs seems
to support, but I can't see any supports in NetBSD's cvs:/
To workaround this problem I have patched my cvs to use CVSREADONLYFS, and
so far it works good. Couldn't see any other way to solve my problem.
../
Then I'm setting this in cvssh.c
#define CHECKOUT_USER "checkout"
char * const env[] = {
"PATH=" _PATH_DEFPATH,
"SHELL=" _PATH_BSHELL,
"CVSROOT=" LOCALROOT,
"HOME=/",
"CVSREADONLYFS=1",
NULL
};
../
"CVSREADONLYFS=1" solved my problem with LockDirs!
Do you have any suggestions regarding this?
Thanks in advance!
--
Viktor Holmlund, NetBSD.se
Key fingerprint = 8EA6 BD87 F7D7 9761 5083 A859 6D46 B771 E6CA 66D7