Gaurav Chhabra
2009-02-16 12:33:01 UTC
Hi,
We are using CVSNT 2.5.03 Build 2382 as our CVS server on Windows XP Pro
SP2. I am now exploring how to implement CVS server on Linux machine.
I read that in most Linux machines, CVS comes as a pre-installed
application. I verified the same on my Linux machine. I went to the location
‘/etc/xinetd.d‘ & modified the file cvs:
Content of file cvs:
-------------------
service cvspserver
{
disable = no
port = 2401
socket_type = stream
protocol = tcp
wait = no
user = cvs
passenv = PATH
server = /usr/bin/cvs
env = HOME=/var/cvs
server_args = -f --allow-root=/var/cvs/root pserver
# bind = 127.0.0.1
}
-------------------
I changed the ‘user’ field to ‘cvs’. It was root here earlier. Our UNIX
admin was not comfortable to allow it to run as ‘root’ user. He then
restarted the service. He created the passwd file in /var/cvs/root/CVSROOT
and added a user. The content of passwd file is:
----------------------------
testuser:sGENdEgXlOKIw:cvs
----------------------------
What I understood after going through the official doc is that we are
specifying to CVS that the user ‘testuser’ will actually run CVS commands as
user ‘cvs’. Please correct me if I’m wrong.
When I logged in as ‘testuser’ (on the same system on which CVS repository
was initialized), I was able to successfully checkout the CVSROOT directory,
which contains the administrative files.
=========
My concern:
=========
As you can see, CVS will run as user ‘cvs’. If I don’t add the entry ‘:cvs’
at the end of every row that gets created for every new user (in ‘passwd’
file), I am still able to login but I am not able to perform checkout.
---------------------------------------------
gaurav> export CVSROOT=:pserver:***@machine_name:/var/cvs/root
gaurav> cvs login
Logging in to :pserver:***@machine_name:2401/var/cvs/root
CVS password:
gaurav> cvs co CVSROOT
setgid failed: Operation not permitted
---------------------------------------------
Why is this happening? Do I have to add ‘:cvs’ at the end of every new user
entry in ‘passwd’ file? I googled and found a reply:
“A setgid() failure implies that the CVS server isn't running as root.”
Source:
http://groups.google.ca/group/gnu.cvs.help/browse_thread/thread/c88d311738b5de79
(Here the users were not able to access when they tried using SSH)
But I think this is not true; I think it’s all dependent on what’s your
entry in the file ‘cvs’ (present in /etc/xinetd.d). I have ‘user = cvs’ in
that file and I am able to checkout successfully if I append the same
username at the end of every user entry in ‘passwd’ file. Please correct me
if I’m wrong.
Thanks & Regards,
Gaurav Chhabra
We are using CVSNT 2.5.03 Build 2382 as our CVS server on Windows XP Pro
SP2. I am now exploring how to implement CVS server on Linux machine.
I read that in most Linux machines, CVS comes as a pre-installed
application. I verified the same on my Linux machine. I went to the location
‘/etc/xinetd.d‘ & modified the file cvs:
Content of file cvs:
-------------------
service cvspserver
{
disable = no
port = 2401
socket_type = stream
protocol = tcp
wait = no
user = cvs
passenv = PATH
server = /usr/bin/cvs
env = HOME=/var/cvs
server_args = -f --allow-root=/var/cvs/root pserver
# bind = 127.0.0.1
}
-------------------
I changed the ‘user’ field to ‘cvs’. It was root here earlier. Our UNIX
admin was not comfortable to allow it to run as ‘root’ user. He then
restarted the service. He created the passwd file in /var/cvs/root/CVSROOT
and added a user. The content of passwd file is:
----------------------------
testuser:sGENdEgXlOKIw:cvs
----------------------------
What I understood after going through the official doc is that we are
specifying to CVS that the user ‘testuser’ will actually run CVS commands as
user ‘cvs’. Please correct me if I’m wrong.
When I logged in as ‘testuser’ (on the same system on which CVS repository
was initialized), I was able to successfully checkout the CVSROOT directory,
which contains the administrative files.
=========
My concern:
=========
As you can see, CVS will run as user ‘cvs’. If I don’t add the entry ‘:cvs’
at the end of every row that gets created for every new user (in ‘passwd’
file), I am still able to login but I am not able to perform checkout.
---------------------------------------------
gaurav> export CVSROOT=:pserver:***@machine_name:/var/cvs/root
gaurav> cvs login
Logging in to :pserver:***@machine_name:2401/var/cvs/root
CVS password:
gaurav> cvs co CVSROOT
setgid failed: Operation not permitted
---------------------------------------------
Why is this happening? Do I have to add ‘:cvs’ at the end of every new user
entry in ‘passwd’ file? I googled and found a reply:
“A setgid() failure implies that the CVS server isn't running as root.”
Source:
http://groups.google.ca/group/gnu.cvs.help/browse_thread/thread/c88d311738b5de79
(Here the users were not able to access when they tried using SSH)
But I think this is not true; I think it’s all dependent on what’s your
entry in the file ‘cvs’ (present in /etc/xinetd.d). I have ‘user = cvs’ in
that file and I am able to checkout successfully if I append the same
username at the end of every user entry in ‘passwd’ file. Please correct me
if I’m wrong.
Thanks & Regards,
Gaurav Chhabra
--
View this message in context: http://www.nabble.com/Error%3A-%27setgid-failed%3A-Operation-not-permitted%27---CVS-on-Linux-tp22036431p22036431.html
Sent from the Gnu - Cvs - Info mailing list archive at Nabble.com.
View this message in context: http://www.nabble.com/Error%3A-%27setgid-failed%3A-Operation-not-permitted%27---CVS-on-Linux-tp22036431p22036431.html
Sent from the Gnu - Cvs - Info mailing list archive at Nabble.com.