Context Navigation

-              r08254fc
+              r0931098
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
+   "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd" [
+  <!ENTITY % general-entities SYSTEM "../../general.ent">
+  %general-entities;
+]>
 <sect1 id="cvsserver" xreflabel="cvsserver">
 <?dbhtml filename="cvsserver.html"?>
 <title>Running a CVS server</title>
+&cvsserver-intro;
+&cvsserver-inst;
+&cvsserver-exp;
+<sect2>
+<title>Running a <acronym>CVS</acronym> server</title>
+<para>This section will describe how to set up, administer and secure
+a <acronym>CVS</acronym> server.</para>
+<sect3><title><application>CVS server</application> dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="cvs"/> and <xref linkend="openssh"/></para></sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Setting up a <acronym>CVS</acronym> server.</title>
+<para>A <acronym>CVS</acronym> server will be set up using OpenSSH
+as the remote access method.  Other access methods, including :pserver: and
+:server: will not be used for write access to the <acronym>CVS</acronym>
+repository.  The :pserver: method sends clear text passwords over the network
+and the :server: method is not supported in all <acronym>CVS</acronym> ports.
+Instructions for anonymous, read only <acronym>CVS</acronym> access using
+:pserver: can be found at the end of this section.</para>
+<para>Configuration of the <acronym>CVS</acronym> server consists of four
+steps:</para>
+<sect3><title>1. Create a repository.</title>
+<para>Create a new <acronym>CVS</acronym> repository with the following
+commands:</para>
+<screen><userinput><command>mkdir /home/cvsroot &amp;&amp;
+chmod 1777 /home/cvsroot &amp;&amp;
+export CVSROOT=/home//cvsroot &amp;&amp;
+cvs init</command></userinput></screen></sect3>
+<sect3><title>2. Import source code into the repository.</title>
+<para>Import a source module into the repository with the following
+commands, issued from a user account on the same machine as the
+<acronym>CVS</acronym> repository:</para>
+<screen><userinput><command>export CVSROOT=/home/cvsroot &amp;&amp;
+cd <replaceable>[sourcedir]</replaceable> &amp;&amp;
+cvs import -m <replaceable>["repository test"] [cvstest] [vendortag] [releasetag]</replaceable></command></userinput></screen></sect3>
+<sect3><title>3. Verify local repository access.</title>
+<para>Test access to the <acronym>CVS</acronym> repository from the same user
+account with the following command:</para>
+<screen><userinput><command>cvs co cvstest</command></userinput></screen></sect3>
+<sect3><title>4. Verify remote repository access.</title>
+<para>Test access to the <acronym>CVS</acronym> repository from a remote
+machine using a user account that has <command>ssh</command> access to the
+<acronym>CVS</acronym> server with the following commands:</para>
+<note><para>Replace <replaceable>[servername]</replaceable> with the
+<acronym>IP</acronym> address or host name of the <acronym>CVS</acronym>
+repository machine.  You will be prompted for the user's shell account password
+before <acronym>CVS</acronym> checkout can continue.</para></note>
+<screen><userinput><command>export CVS_RSH=/usr/bin/ssh &amp;&amp;
+cvs -d:ext:<replaceable>[servername]</replaceable>:/cvsroot co cvstest</command></userinput></screen></sect3>
+</sect2>
+<sect2>
+<title>Configuring <acronym>CVS</acronym> for anonymous read only access.</title>
+<para><acronym>CVS</acronym> can be set up to allow anonymous read only access
+using the :pserver: method by logging on as root and executing the following
+commands:</para>
+<screen><userinput><command>(grep anonymous /etc/passwd || useradd anonymous -s /bin/false) &amp;&amp;
+echo anonymous: &gt; /home/cvsroot/CVSROOT/passwd &amp;&amp;
+echo anonymous &gt; /home/cvsroot/CVSROOT/readers</command></userinput></screen>
+<para>If you use <command>inetd</command>, the following command will add the
+pserver entry to <filename>/etc/inetd.conf</filename>:</para>
+<screen><userinput><command>echo "2401  stream  tcp  nowait  root  /usr/bin/cvs cvs -f \
+        --allow-root=/home/cvsroot pserver" &gt;&gt; /etc/inetd.conf</command></userinput></screen>
+<para>Issue a <command>killall -HUP inetd</command> to reread the changed
+<filename>inetd.conf</filename> file.</para>
+<para>If you use <command>xinetd</command>, the following command will add the
+pserver entry to <filename>/etc/xinetd.conf</filename>:</para>
+<screen><userinput><command>cat &gt;&gt; /etc/xinetd.conf &lt;&lt; "EOF"</command>
+     service cvspserver
+     {
+          port        = 2401
+          socket_type = stream
+          protocol    = tcp
+          wait        = no
+          user        = root
+          passenv     = PATH
+          server      = /usr/bin/cvs
+         server_args = -f --allow-root=/home/cvsroot pserver
+     }
+<command>EOF</command></userinput></screen>
+<para>Issue a <command>/etc/rc.d/init.d/xinetd reload</command> to reread the changed
+<filename>xinetd.conf</filename> file.</para>
+<para>Testing anonymous access to the new repository requires an account
+on another machine that can reach the <acronym>CVS</acronym> server via
+network.  No account on the <acronym>CVS</acronym> repository is needed.  To
+test anonymous access to the <acronym>CVS</acronym> repository, log in to
+another machine as an unprivileged user and execute the following command:
+</para>
+<screen><userinput><command>cvs -d:pserver:anonymous@<replaceable>[servername]</replaceable>:/home/cvsroot co cvstest</command></userinput></screen>
+<note><para>Replace <replaceable>[servername]</replaceable> with the <acronym>IP</acronym> address or
+hostname of the <acronym>CVS</acronym> server</para></note>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><command>mkdir /home/cvsroot</command>: Create the <acronym>CVS</acronym>
+repository directory.</para>
+<para><command>chmod 1777 /home/cvsroot</command>: Set sticky bit permissions for
+<envar>CVSROOT</envar>.</para>
+<para><command>export CVSROOT=/home/cvsroot</command>: Specify new <envar>CVSROOT
+</envar> for all <command>cvs</command> commands.</para>
+<para><command>cvs init</command>: Initialize the new <acronym>CVS</acronym>
+repository.</para>
+<para><command>cvs import -m "repository test" cvstest vendortag
+releasetag</command>: All source code modules must be imported
+into the <acronym>CVS</acronym> repository before use, with the
+<command>cvs import</command> command.  The <userinput>-m</userinput>
+flags specifies an initial descriptive entry for the new module.
+The "cvstest" parameter is the name used for the module in all
+subsequent <command>cvs</command> commands.  The "vendortag" and "releasetag"
+parameters are used to further identify each <acronym>CVS</acronym> module and
+are mandatory whether used or not.</para>
+<para><command>(grep anonymous /etc/passwd || useradd anonymous -s
+/bin/false)</command>: Check for an existing anonymous user and
+create one if not found.</para>
+<para><command>echo anonymous: &gt; /home/cvsroot/CVSROOT/passwd
+</command>: Add the anonymous user to the <acronym>CVS</acronym> passwd file,
+which is unused for anything else in this configuration.</para>
+<para><command>echo anonymous &gt; /home/cvsroot/CVSROOT/readers</command>: Add the
+anonymous user to the <acronym>CVS</acronym> readers file, a list of
+users who have read only access to the repository.</para>
+</sect2>
 </sect1>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 0931098 for server/other/cvsserver.xml

Legend:

server/other/cvsserver.xml

Download in other formats: