×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

Using cvs_acls to restrict commits

Using cvs_acls to restrict commits

Using cvs_acls to restrict commits

(OP)
Hi

I want to be able to restrict commits in a certain repository/stream and cvs_acls looks just the trick:

http://www.opensource.apple.com/source/cvs/cvs-33.0.1/cvs/contrib/cvs_acls.html?f=text

However, I have a large repository (approx. 5GB) and so was interested in the following excerpt:

Quote:

2. Put two lines, as the *only* non-comment lines, in your commitinfo file:

   ALL $CVSROOT/CVSROOT/commit_prep
   ALL $CVSROOT/CVSROOT/cvs_acls [-d][-u $USER ][-f <logfilename>]

   where "-d" turns on debug trace
         "-u $USER" passes the client-side userId to cvs_acls
         "-f <logfilename"> overrides the default filename used to log
                            restricted commit attempts.

   (These are handled in the processArgs() subroutine.)

If you are using client-side userIds to restrict access to your repository, make sure that they are in this order since the commit_prep script is required in order to pass the $USER parameter.

A final note about the repository matching pattern. The example above uses ``ALL' but note that this means that the cvs_acls script will run for each and every commit in your repository. Obviously, in a large repository this adds up to a lot of overhead that may not be necesary. A better strategy is to use a repository pattern that is more specific to the areas that you wish to secure.

Which indicates that I can restrict the precommit check to a repository pattern.

This does not work though and from my understanding unless ALL is specified, only the first line to match has its script executed hence cvs_acls never is.

Does anybody have any experience using cvs_acls in this way?

Cheers

James
 

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close