[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] Map all pserver users to a given user
|
From: |
Larry Jones |
|
Subject: |
Re: [PATCH] Map all pserver users to a given user |
|
Date: |
Fri, 15 Mar 2002 12:29:31 -0500 (EST) |
Philippe Troin writes:
>
> The enclosed patch adds a new keyword 'MapAllUsersTo' to the
> CVSROOT/config repository file. The behavior is:
>
> users connecting via the pserver will get mapped to this system
> user unless they are present in the CVSROOT/passwd file and the
> CVSROOT/passwd file contains a third field giving another system
> user to map to.
>
> This is particularly useful when one wants to avoid duplicating the
> password information from /etc/passwd to CVSROOT/passwd, yet still map
> all connecting users to a single system user for easier repository
> management.
A while back, I wrote a patch that provided similar functionality and
more. I'm interested to hear opinions on which, if either, should be
included in CVS.
My patch allowed specifying "*" for the username and/or the password in
the CVSROOT/passwd file. A "*" for a username would match any username.
If the password was also "*" or the third field (system user) was
omitted, only valid system users would be able to log on; if you
specified an explicit passwords and a system user, anyone knowing the
password could log on with any username. A "*" in the password field
meant to use the user's system password. That system eliminated the
need for SystemAuth= in CVSROOT/config since you could do the equivalent
of SystemAuth=yes by specifying "*:*" and the end of CVSROOT/passwd and
SystemAuth=no by specifying "*:?" ("?" is an invalid encrypted password,
so nothing the user specifies can ever match).
-Larry Jones
I suppose if I had two X chromosomes, I'd feel hostile too. -- Calvin