Validating virtual cvs users
login at istop.com
login at istop.com
Tue Sep 14 12:06:41 PDT 2004
Something unique .... trying to describe the best I can.
Please reply back if it is not clear or need additional
Environment ( On cvs server side):
# uname -a
FreeBSD host.domain.com 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0:
Mon Feb 23 20:45:55 GMT 2004 root at wv1u.btc.adaptec.com
# cvsd -V
Written by Chris Black, Philippe Kehl and Arthur de Jong.
# ps auxw | grep cvsd
cvsd 541 0.0 0.0 1300 704 ?? INs 2Sep04 0:00.06
/usr/local/sbin/cvsd -f /usr/local/etc/cvsd/cvsd.conf
# id cvsd
uid=1010(cvsd) gid=1010(cvsd) groups=1010(cvsd)
# id john
id: john: no such user
I have setup cvs server and working as expected with one problem
as described down. The cvs remote user authentication is based on
$CVSROOT/CVSROOT/passwd file located on cvs server.
The format of the passwd file is john:tkdUrXsqy9r5A:cvsd
Here john is virtual user to cvs server and his password is encrypted
using crypt.pl script and cvsd is a user with cvsd group on the
cvs server which is running cvsd process. So all the repositories
are chowned to cvsd:cvsd with 775 permissions. I guess 755 may be needed
The problem is that in the past, we used to validate the remote
"cvs login" user against a local account on the cvs server and all accounts
who are member of that group (for example cvsd) can do "cvs checkout"
and "cvs commit" successfully. Prior to "cvs commit", we were calling
a script/watchdog called "commitcheck" which was validating a "cvs login"
user against a system's local account on the cvs server.
Now since john is not a user account physically on the cvs server system
in my current situation, I have problem validating him since the cvsd is
actual who is writing to repositories. Yes, the logs are still have john
in the headers indicating him initiate "cvs commint" to distinguish him from
other cvs users.
How do I validate this virtual user so that he can "cvs commit" successfully.
When I stick "john" in the "commitcheck" script, he is being rejected
since "cvsd" is a user who can write to repositories via cvsd process.
Anyone has done such type of validation before. I am sure there is out one.
I wish, I have a small email. Thank you!
S. Mohammad [ login at istop.com ]
More information about the freebsd-questions