[0931098] | 1 | <?xml version="1.0" encoding="ISO-8859-1"?>
|
---|
[6732c094] | 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
| 3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
[0931098] | 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 |
|
---|
| 7 | ]>
|
---|
| 8 |
|
---|
[6ff0105] | 9 | <sect1 id="cvsserver" xreflabel="Running a CVS Server">
|
---|
[59bfedf5] | 10 | <?dbhtml filename="cvsserver.html"?>
|
---|
[d5c9dbfb] | 11 |
|
---|
[59bfedf5] | 12 | <sect1info>
|
---|
| 13 | <othername>$LastChangedBy$</othername>
|
---|
| 14 | <date>$Date$</date>
|
---|
| 15 | </sect1info>
|
---|
[f45b1953] | 16 |
|
---|
[59bfedf5] | 17 | <title>Running a CVS Server</title>
|
---|
[0931098] | 18 |
|
---|
[59bfedf5] | 19 | <sect2 role="package">
|
---|
| 20 | <title>Running a CVS Server</title>
|
---|
[0931098] | 21 |
|
---|
[59bfedf5] | 22 | <para>This section will describe how to set up, administer and secure
|
---|
| 23 | a CVS server.</para>
|
---|
[d5c9dbfb] | 24 |
|
---|
[59bfedf5] | 25 | <bridgehead renderas="sect3">CVS Server Dependencies</bridgehead>
|
---|
[0931098] | 26 |
|
---|
[59bfedf5] | 27 | <bridgehead renderas="sect4">Required</bridgehead>
|
---|
| 28 | <para><xref linkend="cvs"/> and
|
---|
| 29 | <xref linkend="openssh"/></para>
|
---|
[0931098] | 30 |
|
---|
[59bfedf5] | 31 | </sect2>
|
---|
[0931098] | 32 |
|
---|
[59bfedf5] | 33 | <sect2 role="configuration">
|
---|
| 34 | <title>Setting up a CVS Server.</title>
|
---|
[0931098] | 35 |
|
---|
[59bfedf5] | 36 | <para>A CVS server will be set up using OpenSSH as the remote access
|
---|
| 37 | method. Other access methods, including :pserver: and :server: will
|
---|
| 38 | not be used for write access to the CVS repository. The :pserver:
|
---|
| 39 | method sends clear text passwords over the network and the :server:
|
---|
| 40 | method is not supported in all CVS ports. Instructions for anonymous,
|
---|
| 41 | read only CVS access using :pserver: can be found at the end of this
|
---|
| 42 | section.</para>
|
---|
[0931098] | 43 |
|
---|
[59bfedf5] | 44 | <para>Configuration of the CVS server consists of four
|
---|
| 45 | steps:</para>
|
---|
| 46 |
|
---|
| 47 | <sect3>
|
---|
| 48 | <title>1. Create a Repository.</title>
|
---|
| 49 |
|
---|
| 50 | <para>Create a new CVS repository with the following
|
---|
| 51 | commands:</para>
|
---|
| 52 |
|
---|
[efd03f7] | 53 | <screen role="root"><userinput>mkdir /srv/cvsroot &&
|
---|
| 54 | chmod 1777 /srv/cvsroot &&
|
---|
[affc260] | 55 | export CVSROOT=/srv/cvsroot &&
|
---|
[59bfedf5] | 56 | cvs init</userinput></screen>
|
---|
| 57 |
|
---|
| 58 | </sect3>
|
---|
| 59 |
|
---|
| 60 | <sect3>
|
---|
| 61 | <title>2. Import Source Code Into the Repository.</title>
|
---|
| 62 |
|
---|
| 63 | <para>Import a source module into the repository with the following
|
---|
| 64 | commands, issued from a user account on the same machine as the
|
---|
| 65 | CVS repository:</para>
|
---|
| 66 |
|
---|
[3cb0c57] | 67 | <screen><userinput>cd <replaceable><sourcedir></replaceable> &&
|
---|
| 68 | cvs import -m "<replaceable><repository test></replaceable>" <replaceable><cvstest></replaceable> <replaceable><vendortag></replaceable> <replaceable><releasetag></replaceable></userinput></screen>
|
---|
[59bfedf5] | 69 |
|
---|
| 70 | </sect3>
|
---|
[0931098] | 71 |
|
---|
[59bfedf5] | 72 | <sect3>
|
---|
| 73 | <title>3. Verify Local Repository Access.</title>
|
---|
[0931098] | 74 |
|
---|
[59bfedf5] | 75 | <para>Test access to the CVS repository from the same user
|
---|
| 76 | account with the following command:</para>
|
---|
[0931098] | 77 |
|
---|
[59bfedf5] | 78 | <screen><userinput>cvs co cvstest</userinput></screen>
|
---|
[0931098] | 79 |
|
---|
[59bfedf5] | 80 | </sect3>
|
---|
[0931098] | 81 |
|
---|
[59bfedf5] | 82 | <sect3>
|
---|
| 83 | <title>4. Verify Remote Repository Access.</title>
|
---|
[0931098] | 84 |
|
---|
[59bfedf5] | 85 | <para>Test access to the CVS repository from a remote machine using
|
---|
| 86 | a user account that has <command>ssh</command> access to the CVS
|
---|
| 87 | server with the following commands:</para>
|
---|
[0931098] | 88 |
|
---|
[59bfedf5] | 89 | <note>
|
---|
[3cb0c57] | 90 | <para>Replace <replaceable><servername></replaceable> with the
|
---|
[59bfedf5] | 91 | IP address or host name of the CVS repository machine. You will
|
---|
| 92 | be prompted for the user's shell account password before CVS
|
---|
| 93 | checkout can continue.</para>
|
---|
| 94 | </note>
|
---|
[d5c9dbfb] | 95 |
|
---|
[59bfedf5] | 96 | <screen><userinput>export CVS_RSH=/usr/bin/ssh &&
|
---|
[3cb0c57] | 97 | cvs -d:ext:<replaceable><servername></replaceable>:/srv/cvsroot co cvstest</userinput></screen>
|
---|
[0931098] | 98 |
|
---|
[59bfedf5] | 99 | </sect3>
|
---|
[0931098] | 100 |
|
---|
[59bfedf5] | 101 | </sect2>
|
---|
| 102 |
|
---|
| 103 | <sect2 id='cvsserver-config' role="configuration">
|
---|
| 104 | <title>Configuring CVS for Anonymous Read Only Access.</title>
|
---|
| 105 |
|
---|
| 106 | <para>CVS can be set up to allow anonymous read only access using the
|
---|
| 107 | :pserver: method by logging on as <systemitem class="username">root</systemitem>
|
---|
| 108 | and executing the following commands:</para>
|
---|
| 109 |
|
---|
[b785ab29] | 110 | <screen role="root"><userinput>(grep anonymous /etc/passwd || useradd anonymous -s /bin/false -u 98) &&
|
---|
[affc260] | 111 | echo anonymous: > /srv/cvsroot/CVSROOT/passwd &&
|
---|
[59bfedf5] | 112 | echo anonymous > /srv/cvsroot/CVSROOT/readers</userinput></screen>
|
---|
[0931098] | 113 |
|
---|
[efd03f7] | 114 | <!-- <para>If you use <command>inetd</command>, the following command
|
---|
[59bfedf5] | 115 | will add the <application>CVS</application> entry to
|
---|
| 116 | <filename>/etc/inetd.conf</filename>:</para>
|
---|
[0931098] | 117 |
|
---|
[59bfedf5] | 118 | <screen role="root"><userinput>echo "2401 stream tcp nowait root /usr/bin/cvs cvs -f \
|
---|
[efd03f7] | 119 | - -allow-root=/srv/cvsroot pserver" >> /etc/inetd.conf</userinput></screen>
|
---|
[0931098] | 120 |
|
---|
[59bfedf5] | 121 | <indexterm zone="cvsserver cvsserver-config">
|
---|
| 122 | <primary sortas="e-etc-inetd.conf">/etc/inetd.conf</primary>
|
---|
| 123 | </indexterm>
|
---|
[d5c9dbfb] | 124 |
|
---|
[59bfedf5] | 125 | <para>Issue a <command>killall -HUP inetd</command> to reread the changed
|
---|
[0d7900a] | 126 | <filename>inetd.conf</filename> file.</para>
|
---|
[efd03f7] | 127 | -->
|
---|
[59048cd9] | 128 | <!--
|
---|
[59bfedf5] | 129 | <para>If you use <command>xinetd</command>, the following command will create
|
---|
| 130 | the CVS file as <filename>/etc/xinetd.d/cvspserver</filename>:</para>
|
---|
[1f672c1] | 131 |
|
---|
[59bfedf5] | 132 | <screen role="root"><userinput>cat >> /etc/xinetd.d/cvspserver << "EOF"
|
---|
| 133 | <literal># Begin /etc/xinetd.d/cvspserver
|
---|
[0931098] | 134 |
|
---|
| 135 | service cvspserver
|
---|
| 136 | {
|
---|
| 137 | port = 2401
|
---|
| 138 | socket_type = stream
|
---|
| 139 | protocol = tcp
|
---|
| 140 | wait = no
|
---|
| 141 | user = root
|
---|
| 142 | passenv = PATH
|
---|
| 143 | server = /usr/bin/cvs
|
---|
[59048cd9] | 144 | server_args = -f - -allow-root=/srv/cvsroot pserver
|
---|
[0931098] | 145 | }
|
---|
[1f672c1] | 146 |
|
---|
[59bfedf5] | 147 | # End /etc/xinetd.d/cvspserver</literal>
|
---|
| 148 | EOF</userinput></screen>
|
---|
| 149 |
|
---|
| 150 | <indexterm zone="cvsserver cvsserver-config">
|
---|
| 151 | <primary sortas="e-etc-xinetd.d-cvspserver">/etc/xinetd.d/cvspserver</primary>
|
---|
| 152 | </indexterm>
|
---|
| 153 |
|
---|
| 154 | <para>Issue a <command>/etc/rc.d/init.d/xinetd reload</command> to reread
|
---|
| 155 | the changed <filename>xinetd.conf</filename> file.</para>
|
---|
[59048cd9] | 156 | -->
|
---|
[59bfedf5] | 157 | <para>Testing anonymous access to the new repository requires an account
|
---|
| 158 | on another machine that can reach the CVS server via network. No account
|
---|
| 159 | on the CVS repository is needed. To test anonymous access to the CVS
|
---|
| 160 | repository, log in to another machine as an unprivileged user and execute
|
---|
| 161 | the following command:</para>
|
---|
| 162 |
|
---|
[3cb0c57] | 163 | <screen><userinput>cvs -d:pserver:anonymous@<replaceable><servername></replaceable>:/srv/cvsroot co cvstest</userinput></screen>
|
---|
[59bfedf5] | 164 |
|
---|
| 165 | <note>
|
---|
[3cb0c57] | 166 | <para>Replace <replaceable><servername></replaceable> with the
|
---|
[59bfedf5] | 167 | IP address or hostname of the CVS server.</para>
|
---|
| 168 | </note>
|
---|
| 169 |
|
---|
| 170 | </sect2>
|
---|
| 171 |
|
---|
| 172 | <sect2 role="commands">
|
---|
| 173 | <title>Command Explanations</title>
|
---|
| 174 |
|
---|
| 175 | <para><command>mkdir /srv/cvsroot</command>: Create the CVS
|
---|
| 176 | repository directory.</para>
|
---|
| 177 |
|
---|
| 178 | <para><command>chmod 1777 /srv/cvsroot</command>: Set sticky bit
|
---|
| 179 | permissions for <envar>CVSROOT</envar>.</para>
|
---|
| 180 |
|
---|
| 181 | <para><command>export CVSROOT=/srv/cvsroot</command>: Specify new
|
---|
| 182 | <envar>CVSROOT</envar> for all <command>cvs</command> commands.</para>
|
---|
| 183 |
|
---|
| 184 | <para><command>cvs init</command>: Initialize the new CVS
|
---|
| 185 | repository.</para>
|
---|
| 186 |
|
---|
| 187 | <para><command>cvs import -m "repository test" cvstest vendortag
|
---|
| 188 | releasetag</command>: All source code modules must be imported into the
|
---|
| 189 | CVS repository before use, with the <command>cvs import</command> command.
|
---|
| 190 | The <option>-m</option> flags specifies an initial descriptive entry for
|
---|
| 191 | the new module. The <option>cvstest</option> parameter is the name used
|
---|
| 192 | for the module in all subsequent <command>cvs</command> commands. The
|
---|
| 193 | <option>vendortag</option> and <option>releasetag</option> parameters are
|
---|
| 194 | used to further identify each CVS module and are mandatory whether used
|
---|
| 195 | or not.</para>
|
---|
| 196 |
|
---|
| 197 | <para><command>(grep anonymous /etc/passwd || useradd anonymous -s
|
---|
[b785ab29] | 198 | /bin/false -u 98)</command>: Check for an existing <systemitem
|
---|
[59bfedf5] | 199 | class="username">anonymous</systemitem> user and create one if not
|
---|
| 200 | found.</para>
|
---|
| 201 |
|
---|
| 202 | <para><command>echo anonymous: > /srv/cvsroot/CVSROOT/passwd</command>:
|
---|
| 203 | Add the <systemitem class="username">anonymous</systemitem> user to the
|
---|
| 204 | CVS passwd file, which is unused for anything else in this
|
---|
| 205 | configuration.</para>
|
---|
| 206 |
|
---|
| 207 | <para><command>echo anonymous > /srv/cvsroot/CVSROOT/readers</command>:
|
---|
| 208 | Add the <systemitem class="username">anonymous</systemitem> user to the
|
---|
| 209 | CVS readers file, a list of users who have read only access to the
|
---|
| 210 | repository.</para>
|
---|
| 211 |
|
---|
| 212 | </sect2>
|
---|
| 213 |
|
---|
| 214 | <sect2 role="content">
|
---|
| 215 | <title>Contents</title>
|
---|
| 216 |
|
---|
| 217 | <segmentedlist>
|
---|
| 218 | <segtitle>Installed Programs</segtitle>
|
---|
| 219 | <segtitle>Installed Libraries</segtitle>
|
---|
| 220 | <segtitle>Installed Directories</segtitle>
|
---|
| 221 |
|
---|
| 222 | <seglistitem>
|
---|
| 223 | <seg>None</seg>
|
---|
| 224 | <seg>None</seg>
|
---|
| 225 | <seg>/srv/cvsroot</seg>
|
---|
| 226 | </seglistitem>
|
---|
| 227 | </segmentedlist>
|
---|
| 228 |
|
---|
| 229 | </sect2>
|
---|
| 230 |
|
---|
[f45b1953] | 231 | </sect1>
|
---|