| Greg's How to set up a CVS server |
| Greg's diary |
| Greg's home page |
| HOWTO index |
|
|
|
|
This file has not been updated since 2006. Much of the information might still be relevant, but I haven't checked.
There are lots of tutorials on how to set up CVS, some much better than this one. The purpose of this page is mainly to remind me what I need to do. If it helps you, all the better.
In August 2006 I set up a CVS server for our “Black box” project. It was the first time I ever looked at the issue. A quick Google brought up Dan Langille's HOWTO, which pointed at a more detailed book on the subject, Open Source Development with CVS. That's probably a little more detail than is needed. The main problem is that there's no tool to create the CVSROOT/passwd file. The links recommend a perl script, but I'm not into perl, and it seems a bit over the top anyway.
The setup's pretty straightforward, but many descriptions blur the distinction between the client side and the server side. In many cases, of course, both are the same machine, but they don't have to be.
For each user, do the following:
Using passwd, give the user a password intended for use logging in to the remote server. This should not be the normal password.
As root, get the corresponding entry out of /etc/master.passwd and trim it to the first two fields: Before:
foo:$1$NV3PwGak$RGqhE8OQSO7iQbLxeG48e.:1006:1006::0:0:CVS Test User:/home/foo:/usr/local/bin/bash
After:
foo:$1$NV3PwGak$RGqhE8OQSO7iQbLxeG48e.:
Send this information to the server side.
Reset the password the normal value.
If using ssh (which is a very good idea), set up public keys if necessary. Send the contents of .ssh/id_dsa.pub and .ssh/id_rsa.pub to the server side along with the password information.
Enable the entry for CVS pserver in /etc/inet.d. Specify a path to a repo or series of repos (the actual repo is specified by cvs login; the path is just to restrict access to that hierarchy). In this example I've used repos in /src/cvs:
cvspserver stream tcp nowait root /usr/bin/cvs cvs --allow-root=/src/cvs pserver
HUP inetd to enable the entry.
Create a CVS repo under /src/cvs.
Add a user cvs to the system password file /etc/master.passwd (using adduser or whatever). Give it /usr/bin/cvs as the shell.
Create a file CVSROOT/password and add the password information from the clients to it. Add the name of the server CVS user account to the end of each line. For example, the client password line above would become:
foo:$1$NV3PwGak$RGqhE8OQSO7iQbLxeG48e.:cvs
Create an entry in CVSROOT/password and copy in the password for cvs from /etc/master.passwd:
foo:$1$0fNgUo0H$cqxxmfFLGYJKttv1gwO5b1:cvs
This enables foo to connect using the password you've assigned, and to run the CVS checkout operation as cvs.
If using ssh, add the public key information to ~cvs/.ssh/authorized_keys. Note that the client user name does not need to be on this server.
Once the passwords and public keys are in place, you should be able to log in to the remove system like this:
$ eval `ssh-agent` Agent pid 8196 $ ssh-add Identity added: /home/foo/.ssh/id_rsa
(/home/foo/.ssh/id_rsa) Identity added: /home/foo/.ssh/id_dsa (/home/foo/.ssh/id_dsa)
This user doesn't have a passphrase; otherwise there would be a prompt
$ ssh cvs@echunga.lemis.com
Last login: Tue Sep 26 11:05:19 2006 from 203-173-54-38.d
...
The Concurrent Versions System (CVS) is a tool for version control.
For CVS updates and additional information, see
the CVS home page at http://www.cvshome.org/ or
Pascal Molli's CVS site at http://www.loria.fr/~molli/cvs-index.html
Connection to echunga.lemis.com closed.
(etc)
Since the “shell” for cvs is /usr/bin/cvs, you just get a usage message, and then it disconnects.
Before you can check out, you need to log in to the server. cvs saves the information in a file called .cvspass.
$ cvs -d :pserver:echunga.lemis.com:/src/cvs login Logging in to :pserver:foo@echunga.lemis.com:2401/src/cvs CVS password: cvs login: warning: failed to open /home/foo/.cvspass for reading: No such file or directory $ ls -al .cvspass -rw------- 1 foo foo 69 Sep 26 11:53 .cvspass
The final message is really just a warning; cvs creates the file.
To check out, first decide on a location. In my case, I choose blackbox. Then specify the name of the server:
$ mkdir blackbox $ cd blackbox $ cvs -d :pserver:echunga.lemis.com:/src/cvs co src cvs checkout: Updating src U src/Makefile U src/Makefile.in (etc)
<Mavvie> how euhm... how do I again disable people from getting a shell with ssh, but still able to run cvs? [15:42] <Mavvie> how euhm... how do I again disable people from getting a shell with ssh, but still able to run cvs over ssh? <grOogle> Mavvie: Give them a dummy user name. [15:43] <grOogle> Mavvie: I have a writeup somewhere. <grOogle> Mavvie: http://www.lemis.com/grog/HOWTO/cvs.html. Corrections welcome. [15:44] <Mavvie> grOogle: that is over pserver, this is over ssh. [15:49] <Mavvie> this is how to do it via ssh: <Mavvie> set the shell to /usr/local/bin/cvsshell <Mavvie> create cvsshell: <grOogle> Mavvie: That's pserver over ssh :-) <Mavvie> #!/bin/sh <Mavvie> if [ "$1 $2 $3" = "-c cvs server " ]; then <Mavvie> /bin/sh "$@" <Mavvie> else <Mavvie> echo "CVS only account" <Mavvie> exit <Mavvie> fi ERC>
| Greg's home page | Greg's diary | Greg's photos | Copyright |