[CLUE-Admin] Anonymous CVS Access
CLUE President
president at clue.denver.co.us
Sat Jan 17 21:33:16 MST 2004
On Saturday 17 January 2004 7:50 pm, Jed S. Baer wrote:
> Hi Folks.
>
> Well, I'm testing a script to publish the development site to a location
> on the CLUE server. In the process, I've discovered that the anonymous CVS
> access described at http://cluedenver.org/siteDevelopment.html doesn't
> work.
>
> The culprit is the cvsroot/CVSROOT/passwd file, which specifies a password
> for user anonymous.
AFICT - there was no way to have an 'anonymous' user w/o a password using
pserver. I seem to recall something in the CVS docs about it.
This was 4 years ago and looking back, this does not make sense now. We
should be able to configure an anonymous user with no password for read-only
access.
> So, the question is, do we really want to allow unrestricted anonymous
> read access to the CVS respository?
Can't think of a reason not to - our code should be open source.
> If so, there's an impact to the publish.sh script, and somebody will need to
> add a readers file to the cvsroot/CVSROOT/ directory, and change the passwd
> file. I can do these things.
I thought anonymous was in the readers file, but from your comments I guess
not.
> I also note that the user "publish" exists in the CVS passwd file with no
> password, and "pubcvs" equivalent.
IIRC, the 'publish' user does the cvs update when you run the publish.cgi
script from the admin site. It also should (have been) read only.
> This is bad.
Bad because no password and no readers file?
> Any thoughts?
You are on the case - My initial configuration does not have the same
assumptions as yours and you're in charge of it now. So, do what you think
is best. I hacked it together because I was a cvs newbie and because I
didn't have clear requirements other than the ability for admin users to
publish the latest cvs commits to the web site from the cgi.
Jeff
--
Colorado Linux Users and Enthusiasts (CLUE)
http://cluedenver.org/
Jeffery Cann, President
More information about the clue-admin
mailing list