[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Questions on pserver authentication
From: |
Jim Hyslop |
Subject: |
Re: Questions on pserver authentication |
Date: |
Fri, 13 May 2005 16:33:36 -0400 |
User-agent: |
Mozilla Thunderbird 1.0.2 (Windows/20050317) |
Todd Foster wrote:
I am trying to determine how pserver authentication works. I understand
when you do a cvs login that it creates ~/.cvspass file. Therefore, I'm
guessing that whenever you are running cvs commands cvs blindly combines
the USER from whichever method wins (either using the pserver info found
in the local working copy or in the $CVSROOT or in the -d) and uses the
password from the ~/.cvspass of whoever is running the commands. Is
this correct?
No, there is nothing "blind" about this. CVS determines the user ID from
the CVSROOT information. It searches for the CVSROOT information in this
order:
1) the global -d option
2) the file ./CVS/Root
3) the CVSROOT environment variable
CVS then parses the CVSROOT information, and if the :pserver: method is
specified, it looks up the CVSROOT in $(HOME)/.cvspass (note that it is
not necessarily ~/.cvspass - $HOME is frequently set to ~).
So, if user1 goes into a cvs directory created by user2 and tries to do
cvs commands in there, it uses the username found in the local working
copy (user2) and combines that with ~user1/.cvspass and authentication
fails.
One way around that is to override the user explicitly to user1 with the
cvs -d option. However, this is a very annoying way to get around the
problem.
You could delete the file CVS/Root, and make sure each user has the
CVSROOT environment variable is set.
If you're using *NIX, you could create an alias:
alias cvs=cvs -d :pserver:address@hidden:/path
on a per-user basis.
Or you could wrap CVS in a script:
# cvs-wrapper.sh
cvs -d :pserver:$(USER)@server:/path $@
(or whatever the syntax is for 'all command line arguments - I'm not
very experienced at shell scripts)
and get everyone to use cvs-wrapper.sh instead of cvs.
What I'm really wondering, is what does the pserver authentication do if
the username is omitted from the pserver CVSROOT, then what happens?
I haven't tried it, but you'll probably get an error, since the CVSROOT
format for :pserver: requires a user name.
--
Jim