[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
FW: SETXID_SUPPORT
From: |
Zanabria, Moises |
Subject: |
FW: SETXID_SUPPORT |
Date: |
Thu, 25 Apr 2002 13:41:06 -0500 |
sorry for delay in replay , but I was looking into this, I tried with
cvs.1.11.2 but same result :
Larry Jones wrote:
>You don't say what platform you're running on, but assuming it's Unix-like
Yes it's, is a Unix, Hp11
>If it does, then you probably have a link problem; if not, it's probably a
problem with your changes.
The only change that I made according with the INTALL manual to set setgid:
also modified the Makefile with :
DEFS = -DSETXID_SUPPORT -DHAVE_CONFIG_H
>
> 14. How about using groups and setgid() then?
> Here is a way to run CVS setgid in some environments:
> Stick this near the front of the main() in main.c:
> setgid(getegid());
>
> This will allow "access" to work on systems where it only works on the
> real gid.
> Create a group named "cvsg". (This example uses "cvsg". You can name
it
> as you wish.)
>
> Put *no* users in the "cvsg" group. You can put Repository
> administrators in this group if you want to.
> Set the cvs executable to setgid (not setuid):
> cd /usr/local/bin; chown root.cvsg cvs; chmod 2755 cvs
> Make sure every file in the Repository is in group "cvsg":
> chown -R root.cvsg $CVSROOT
>
> Change all directory permissions to 770. This allows all access to
> the files by the "cvsg" group (which has no members!) and no access at
> all to anyone else.
>
> find $CVSROOT -type d -exec chmod 2770 {} \;
> On some systems you might have to type:
> find $CVSROOT -type d -exec chmod u=rwx,g=rwx,o=,g+s {} \;
>
> I don't know if for the new version 1.11.2 it needs a requirement, like
> libraries or something.
> or for getegid needs an extra change.
>
> Please advise.
> Thanks.
> Moises
>
>
> > Moises Zanabria writes:
> > >
> > > This is a multi-part message in MIME format.
> >
> > Please do not send MIME and/or HTML encrypted messages to this list.
> > Plain text only, please.
> >
> > > I got this :
> > > revision 1.1
> > > date: 2002/03/08 23:08:31; author: uid15364; state: Exp;
> > > branches: 1.1.1;
> > > Initial revision
> > >
> > > and actually if I use my cvs 1.10 (server) I see :
> > > revision 1.2
> > > date: 2002/03/08 23:08:31; author: mzanabri; state: Exp;
> > >
> > > Any ideas what I doing wrong.
> >
> > You don't say what platform you're running on, but assuming it's
> > Unix-like, that implies that the getpwuid() system call with your uid
> > returned NULL. If you're using NIS (nee Yellow Pages) to distribute
> > users and passwords, it may be that you need to link with a special
> > library to get an NIS-enabled version of that routine. Or it could be
> > one of your modifications. You might want to try building an unmodified
> > version of CVS and see if it has the same problem. If it does, then you
> > probably have a link problem; if not, it's probably a problem with your
> > changes.
> >
> > -Larry Jones
> >
> > You should see me when I lose in real life! -- Calvin
> >
>