[CLUE-Admin] Anonymous CVS Access

[CLUE President]

On Saturday 17 January 2004 7:50 pm, Jed S. Baer wrote:
> Hi Folks.
>
> Well, I'm testing a script to publish the development site to a location
> on the CLUE server. In the process, I've discovered that the anonymous CVS
> access described at http://cluedenver.org/siteDevelopment.html doesn't
> work.
>
> The culprit is the cvsroot/CVSROOT/passwd file, which specifies a password
> for user anonymous.

AFICT - there was no way to have an 'anonymous' user w/o a password using 
pserver.    I seem to recall something in the CVS docs about it.

This was 4 years ago and looking back, this does not make sense now.  We 
should be able to configure an anonymous user with no password for read-only 
access.

> So, the question is, do we really want to allow unrestricted anonymous
> read access to the CVS respository? 

Can't think of a reason not to - our code should be open source.

> If so, there's an impact to the publish.sh script, and somebody will need to
> add a readers file to the cvsroot/CVSROOT/ directory, and change the passwd
> file. I can do these things.

I thought anonymous was in the readers file, but from your comments I guess 
not.

> I also note that the user "publish" exists in the CVS passwd file with no
> password, and "pubcvs" equivalent. 

IIRC, the 'publish' user does the cvs update when you run the publish.cgi 
script from the admin site.  It also should (have been) read only.

> This is bad. 

Bad because no password and no readers file?

> Any thoughts?

You are on the case - My initial configuration does not have the same 
assumptions as yours and you're in charge of it now.   So,  do what you think 
is best.  I hacked it together because I was a cvs newbie and because I 
didn't have clear requirements other than the ability for admin users to 
publish the latest cvs commits to the web site from the cgi.

Jeff
-- 
Colorado Linux Users and Enthusiasts (CLUE)
http://cluedenver.org/
Jeffery Cann, President