1 2 CVS Access Control List Extension Patch 3 4 http://cvsacl.sourceforge.net/ 5 sbaris (a] users.sourceforge.net 6 7 CVSACL is a patch for CVS. It adds two new subcommands 8 (acl & racl) to cvs for access control list management. It 9 provides advanced ACL definitions per modules, directories, 10 and files on branch/tag for remote cvs repository connections. 11 Execution of all CVS subcommands can be controlled with eight 12 different permissions. 13 ACL definitions works for only remote connections, local users 14 can access and modify repository, if unix file system permissions 15 allow. If you want all users to make remote connections to 16 repository, and not allow local users to access repository, you 17 have to set CVSServerRunAsUser keyword in aclconfig file 18 (explained below). 19 Still local users can use acl and racl subcommands to set 20 permissions on directories or files if they have acl admin rights (p) 21 on related directories or files. 22 So, in order to control all access to repository with this ACL 23 extension, you should use CVSServerRunAsUser keyword and force all 24 users to make remote connections. CVS repository administrator or 25 project managers have to use acl and racl subcommands to manage 26 permissions. But there is no gui client supporting these subcommands, 27 so you have to use cvs client itself either locally or remotely. 28 29 30 31 32 Permission Types 33 34 - no access 35 Command line character: n 36 If a user given n permission, it is not allowed for any action on repository. 37 - read 38 Command line character: r 39 r permission gives only read access on repository. 40 With r permission you are allowed to run cvs subcommands: annotate, 41 checkout, diff, export, log, rannotate, rdiff, rlog, status. 42 - write 43 Command line character: w 44 w permission allows only cvs commit/checkin action. 45 With w permission, you are not allowed to add/remove any file to/from 46 repository, other permissions should be defines for that. 47 - tag 48 Command line character: t 49 t permission allows cvs tag and rtag subcommands to run, so you may 50 control tagging and untagging operations. t permission includes r 51 permission, since without reading you can not tag/untag a file. 52 However t permission does not include write permission, you can not 53 commit a file with only t permission. 54 - create 55 Command line character: c 56 c permission allows cvs add and import subcommands to run. To add or 57 import a file/directory to repository, you have to given a c 58 permission. Again, c permission does not include write permission, 59 thus you may only add or import files, but you can not modify any 60 existing file. After issuing add subcommand, you have to commit the file 61 to complete adding. This commit subcommand is allowed because you are 62 adding file and not modifying existing one. 63 - delete 64 Command line character: d 65 d permission allows cvs remove command to run. To remove a file/directory 66 from repository, d permission have to set. It does not include write 67 permission, so you can not modify contents of an existing file on repository. 68 - full access except admin rights 69 Command line character: a 70 a permission gives all access (above permissions) to repository, but it 71 can not modify permissions. Only acl admins may modify the acl definitions. 72 - acl admin 73 Command line character: p 74 p permission means that user is an acl admin, so it is allowed to make anything on repository. 75 76 77 ACL Config Keywords 78 The administrative file aclconfig contains miscellaneous settings which 79 affect the behaviour of ACL extension. Currently defined keywords are: 80 81 UseCVSACL=value 82 Use ACL definitions if set to yes. If you do not want to use ACLs for 83 some repositories in a patched CVS server, set this keyword to no. The default is no. 84 85 UseCVSACLDefaultPermissions=value 86 Value can be any combination of valid permission types (w,r,t,c,d,t,a,p). 87 if there is no defined ACL and default permission in access file, or no 88 access file at all, this permissions are used. The default is p (admin rights), 89 if aclconfig file is created with cvs init. 90 91 UseCVSGroups=value 92 CVS does not have a CVSROOT/passwd file. However it can be created manually 93 (format should be same as /etc/group). If value set to yes, CVS checks for 94 groups in file $CVSROOT/CVSROOT/group The default value is no. 95 96 UseSystemGroups=value 97 Group memberships for users are checked in file /etc/group, if value is set 98 to yes. The default value is no. 99 100 CVSACLFileLocation=value 101 Originally access file is put under CVSROOT/CVSROOT, if you want a different 102 location, set value to a valid path. The default value is $CVSROOT/CVSROOT/access. 103 104 CVSGroupsFileLocation=value 105 IF UseCVSGroups is set to yes, CVS looks for a group file under $CVSROOT/CVSROOT. 106 To use a different location for group file set value to a valid path to group. 107 The default value is $CVSROOT/CVSROOT/group. 108 109 UseSeparateACLFileForEachDir=value 110 If value is set to yes, a separate ACL file (access) is created for each 111 directory in repository. If you have a really big repository 112 (directories>10,000 and files>100,000), performance may drop due to a big 113 acl file, access. Setting the value to yes, may increase performance. Normally, 114 you will not need this. The default value is no. 115 116 StopAtFirstPermissionDenied=value 117 If StopAtFirstPermissionDenied is set to yes 118 operation will stop at first permission denied message. 119 e.g. when you send commit command for a directory, if you dont 120 have write permission for just one file under the directory, 121 by default you will have a warning and commit will continue 122 on the other files. If you set this keyword to 'no', then 123 commit operation will be stopped when inaccassable file found. 124 Default is no. 125 126 CVSServerRunAsUser=value 127 Set CVSServerRunAsUser keyword to a valid system user. 128 When a user make a remote connection to CVS, after successfull authentication 129 cvs process switch to run as that user, or defined system user in 130 $CVSROOT/CVSROOT/passwd. So, you also have to set unix file permissions accordingly. 131 A better solution: 132 Add a user and group such as both cvsadm. 133 Set CVSServerRunAsUser keyword to cvsadm. 134 Change unix file system permissions for your repository, 135 make cvsadm user and group owner, and read,write,execute permissions and setgid. 136 (chown cvsadm -R /path/to/your/repository) 137 (chgrp cvsadm -R /path/to/your/repository) 138 (chmod 2770 -R /path/to/your/repository) 139 Add yourself to cvsadm group (since you are ACL administrator). 140 Therefore, only users making remote connections will have access to repository 141 if you give rights. Local users can not access to repository via a cvs client or directly. 142 143 144 Command Line Usage Information 145 acl command is used on checked out files or directories. racl command is 146 used on repository without a working copy. Usage information can be obtained 147 with standard cvs --help command. 148 Output of cvs --help acl and cvs --help racl: 149 150 Usage: cvs racl [user||group:permissions] [-Rl] [-r tag] 151 -R Process directories recursively. 152 -r rev Existing revision/tag. 153 -l List defined ACLs. 154 155 Usage: cvs acl [user||group:permissions] [-Rl] [-r tag] 156 -R Process directories recursively. 157 -r rev Existing revision/tag. 158 -l List defined ACLs. 159 160 NOTICE: there is no more -d -f options for directory and file, acl/racl 161 subcommands works just like other cvs subcommands. 162 163 You may directly set permissions for a user or group or add/remove 164 permissions with + and - signs to/from existing permissions. 165 If you do not give the branch/tag information, default value of HEAD 166 (main branch) will be used. You have to give branch/tag name with -r option. 167 You may type ALL for branch/tag field. 168 169 While checking for permissions, it goes thorough the list below. So the highest 170 significant permission is the first item in list. 171 172 - permissions assigned to username for specific directory or file. 173 - permissions assigned to group name for specific directory or file. 174 - permissions as defaults for specific directory or file. 175 - permissions assigned to parent folders (inherits from the first parent 176 which permissions are assigned). 177 - permissions as repository defaults. 178 - permissions in aclconfig file. 179 180 181 182 183 Examples 184 /cvs/ 185 | 186 | 187 +--projectA/ 188 | | 189 | +---CVSROOT/ 190 | | 191 | +---lib/ 192 | | | 193 | | +---gnulib/ 194 | | | 195 | | +---zlib/ 196 | | 197 | +---src/ 198 | | | 199 | | +---main.c 200 | | | 201 | | +---server.c 202 | | | 203 | | +---client.c 204 | | 205 | +---gui/ 206 | 207 +--projectB/ 208 We have above directory structure for a cvs repository, and no defined permissions. 209 210 Setting main default permissions: 211 212 $ cvs -d /cvs/projectA racl cvsadmin:p -r ALL ALL 213 $ cvs -d /cvs/projectA racl ALL:r -r ALL ALL 214 User cvsadmin will be an acl admin, and all other users will have only read 215 rights on all branches/tags in projectA repository. This is the default acl 216 definition and it overwrites default permissions in $CVSROOT/CVSROOT/aclconfig file. 217 218 $ cvs -d /cvs/projectA racl ALL:r -r ALL ALL 219 $ cvs -d /cvs/projectA racl ALL:n -r ALL gui 220 After executing these two commands, all users will have read access on all 221 directories and files except gui directory. Everyone will be denied to access to gui 222 directory becase no access, n, permissions is set. 223 224 Setting permissions directly on a file or directory: 225 226 $ cvs -d /cvs/projectA racl userX:wcd lib 227 $ cvs -d /cvs/projectA racl group1:w lib 228 First command will set write, create, and delete permissions for userX on directory 229 lib with branch HEAD (since no branch/tag information given, branch defaults to HEAD). 230 Second command will set only write permission for group1 on directory lib with branch HEAD. 231 Members of group1 will have only commit rights on lib directory, branch HEAD, they can 232 not add or remove any file, just modify existing files. 233 If userX is also a member of group1, userX will have write, create, and delete permissions 234 because it is specifically given these permissions. 235 236 $ cvs -d /cvs/projectA racl userY:wcd -r develStream lib 237 $ cvs -d /cvs/projectA racl userY:r -r integStream lib 238 These commands will give wcd permissions to userY on lib directory with tag develstream, 239 and r permissions on lib directory with tag integStream. 240 241 $ cvs -d /cvs/projectA racl userZ:wcd src 242 $ cvs -d /cvs/projectA racl userZ:r src/main.c 243 First command will give wcd permissions to userZ on src directory, but only read 244 permission on file main.c in src directory. 245 246 Using + and - signs to set permissions on a file or directory: 247 248 $ cvs -d /cvs/projectA racl userZ:+t src 249 $ cvs -d /cvs/projectA racl userZ:-cd src 250 $ cvs -d /cvs/projectA racl userZ:-wt src 251 Before the first command, userZ has wcd permissions on src directory, after issuing 252 command it will have wcdt permissions. Tag permission will be added. UserZ has wcdt 253 permissions, and we execute the second command to remove create and delete permissions. 254 So userZ has wt permissions. In the last command we also remove wt permissions, finally 255 userZ has no defined permissions left, and it will use the default permissions if set. 256 257 Listing permissions on a file or directory: 258 259 $ cvs -d /cvs/projectA racl -l src 260 $ cvs -d /cvs/projectA racl -l src 261 $ cvs -d /cvs/projectA racl -l src/main.c 262 263 First command will list the permissions for src directory. 264 Example output: 265 d src HEAD | userX:wcd group1:r | defaults:r 266 userX and group1 has assigned permissions, all other users will have default 267 permissions, which is only read. 268 269 Second command will list the permissions for files in src directory. 270 Example output: 271 f src/main.c HEAD | userX:wcd group1:r | defaults:r 272 f src/server.c HEAD | userX:wcd group1:r | defaults:r 273 f src/client.c HEAD | userX:wcd group1:r | defaults:r 274 275 Third command will list the permissions for main.c file in src directory. 276 Example output: 277 f src/main.c HEAD | userX:wcd group1:r | defaults:r 278 279 280
Indexes created Wed Apr 29 00:23:26 UTC 2026