info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suggestions to figure out why permissions are not working on new rep


From: Sadia Tahseen
Subject: Re: suggestions to figure out why permissions are not working on new repo. was:Re: CVS help needed urgently
Date: Wed, 12 Mar 2008 08:18:55 -0700 (PDT)

Hi Todd,
   I had done the way you asked me to do.I want to try the first method before I try the second.This is what I have done:

Root on cvs_server
edited /etc/group and added
sadiacvsgroup:x:800:sadia,user1,user2,user3,userN
chown sadia:sadiascvsgroup /appl/src/cvs/

Then as sadia on cvs_server:
cd /appl/src/cvs/
mkdir JavaAppl
pwd #assumption it returns /appl/src/cvs/
export CVSROOT=/appl/src/cvs/JavaAppl
cvs init
mkdir JavaAppl/projectdir
chown :sadiascvsgroup JavaAppl/projectdir
chmod g+rws JavaAppl/projectdir

ERROR:
 
chmod: changing permissions of `JavaAppl/CVSROOT': Operation not permitted

<Todd said>
#you'll want to tighten up security on the following directory later.
chown :sadiascvsgroup JavaAppl/CVSROOT
chmod g+rws JavaAppl/CVSROOT
</todd said>

ERROR:
address@hidden chmod g+rws JavaAppl/CVSROOT
chmod: changing permissions of `JavaAppl/CVSROOT': Operation not permitted




<todd said>
There are only two reasons I can think of for that to fail.
try (on cvs_server, as sadia)
`ls -ld /appl/src/cvs/JavaAppl \
/appl/src/cvs/JavaAppl/CVSROOT \
/appl/src/cvs/JavaAppl/projectdir`

I TRIED TYPING THE ABOVE STATEMENTS AND IT SHOWED
>
>
>

The reasons are:

1) sadia does not own those directories.:YES ONLY ROOT OWNS THESE DIRECTORIES AND ALL USERS CAN ACCESS /appl/src/cvs

2) those directories are on an nfs server/NAS which is being very pedantic
about WHO can set those things.

Did the `chmod g+rws JavaAppl/projectdir` work or give the same error?
YES IT GAVE SAME ERROR

<todd said>
then as sadia on a_workstation:
export CVSROOT=:ext:cvs_server:/appl/src/cvs/JavaAppl
export CVS_RSH=ssh
cvs checkout projectdir
date > projectdir/mydate
cvs add projectdir/mydate
cvs commit -m"a comment" projectdir/mydate
</todd said>


ERRORS:
address@hidden ~]$ cvs checkout projectdir
address@hidden's password:
? projectdir/mydate
cvs checkout: Updating projectdir

<todd said>
Looks like you have a repository that already contains the mydate file, that should be a good thing, except I was about to have you create the file.
</todd said>


address@hidden ~]$ cvs add projectdir/mydate
address@hidden's password:
cvs add: in directory .:
cvs [add aborted]: there is no version here; do 'cvs checkout' first


<todd said>
on workstation as sadia, please provide:
`ls -ld ~/projectdir/; ls -l ~/projectdir/`
</todd said>

<Sadia said>
Yes I did as you said it showed

address@hidden  ls -ld ~/projectdir/;
drwxr-xr-x  3 sadia users 4096 Mar 10 15:49 /users/sadia/projectdir/
address@hidden ~]$ ls -l ~/projectdir/'
>
>
>

address@hidden date > projectdir/mydate
address@hidden ~]$ cvs add projectdir/mydate
address@hidden's password:
cvs add: in directory .:
cvs [add aborted]: there is no version here; do 'cvs checkout' first
address@hidden cvs commit -m "a comment" projectdir/mydate
cvs commit: use `cvs add' to create an entry for projectdir/mydate
cvs [commit aborted]: correct above errors first!

<Sadia said
>

<todd said>
Are you sure you are feeding me the errors in the order you got them, I expected a DIFFERENT error at this point????
something is highly amiss at this point.
You probably have leftovers from several attempts of getting setup at this point, some of which probably have permission/ownership problems. (probably something owned by root that should be owned by sadia.)
There are two ways out that I can think of.
1) remove the repository and sandboxes that you have created so far and start following the email with the description again fresh, if this fails go to method 2, while indicating this one failed and how.
I HAVE TRIED REMOVING  projectdir from cvs.Am I suppposed to remove CVSROOT from cvs
ONLY ROOT ON SERVER HAS ALL PERMISSIONS .AND USERS CAN ACCESS THE COMMONLY SHARED DIRECTORIES .what are the sandboxes you are talking about ?how do we set permissions /ownership of everything in CVSROOT
2) we have to look at the permission/ownership of everything in $CVSROOT and the sandboxes, and then determine what changes have to be made.

Please suggest.

Thank you
Sadia


----- Original Message ----
From: Todd Denniston <address@hidden>
To: Sadia Tahseen <address@hidden>
Cc: cvs <address@hidden>
Sent: Tuesday, March 11, 2008 8:40:32 PM
Subject: suggestions to figure out why permissions are not working on new repo. was:Re: CVS help needed urgently

Sadia Tahseen wrote, On 03/11/2008 06:21 PM:
> Hi ,
>
> <todd said>
> something is highly amiss at this point.
>
> You probably have leftovers from several attempts of getting setup at this point, some of which probably have permission/ownership problems. (probably something owned by root that should be owned by sadia.)
> There are two ways out that I can think of.
> 1) remove the repository and sandboxes that you have created so far and start following the email with the description again fresh, if this fails go to method 2, while indicating this one failed and how.
> 2) we have to look at the permission/ownership of everything in $CVSROOT and the sandboxes, and then determine what changes have to be made.
>
> The second method is significantly more pain in my book, but it is you who gets to pick the method.
> </todd said>
> <Sadia said>
> How are we supposed to do the second method>
> <Sadia said>
>
>

<todd said>
To begin second method:
take attached files,
as sadia, copy wereareweserver.txt to the server
export CVSROOT and CVS_RSH as appropriate
chmod +x wereareweserver.txt
execute wereareweserver.txt

as sadia, copy wereareweworksta.txt to the workstation
export CVSROOT and CVS_RSH as appropriate
chmod +x wereareweworksta.txt
execute wereareweworksta.txt

get server:/tmp/serverlog.txt and workstation:/tmp/workstationlog.txt into one
  directory.
review serverlog.txt and workstationlog.txt make sure that anything sensitive,
like passwords, either are not present or sanitize them.
attach serverlog.txt and workstationlog.txt to an email to info-cvs with the
subject line: "Re: suggestions to figure out why permissions are not working
on new repo."
</todd said>

<todd said>
you are executing the attached scripts at your own risk.
you should probably review them and understand them before executing them.
</todd said>
--
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter


-----Inline Attachment Follows-----

#purpose: to figure out what permissions are on cvs things in the server.
#it should be ran as the normal user...sadia

LOGFILE=/tmp/serverlog.txt

echo "CVSROOT ($CVSROOT)" > $LOGFILE
echo "CVS_RSH ($CVS_RSH)" >> $LOGFILE
echo " " >> $LOGFILE
echo " checking perms on Repo dirs" >> $LOGFILE
ls -ld /appl/src/cvs/JavaAppl \
    /appl/src/cvs/JavaAppl/CVSROOT \
    /appl/src/cvs/JavaAppl/projectdir >> $LOGFILE
echo " " >> $LOGFILE
echo " who am i" >> $LOGFILE
whoami >> $LOGFILE
echo " " >> $LOGFILE
echo " checking sadia perms" >> $LOGFILE
groups  >> $LOGFILE
echo " " >> $LOGFILE
echo " find out what kind of device we are on " >> $LOGFILE
CVSMNTPT=`df /appl/src/cvs/JavaAppl|tail -1 |awk '{print $6}'`
mount |grep $CVSMNTPT >> $LOGFILE
echo " " >> $LOGFILE
echo " " >> $LOGFILE
echo " " >> $LOGFILE
echo " "
echo " "
echo " "
echo " "
cat $LOGFILE
echo "send $LOGFILE to info-cvs"


-----Inline Attachment Follows-----

#purpose: to figure out what permissions are on cvs things in the workstation.
#it should be ran as the normal user...sadia

LOGFILE=/tmp/workstationlog.txt

echo "CVSROOT ($CVSROOT)" > $LOGFILE
echo "CVS_RSH ($CVS_RSH)" >> $LOGFILE
echo " " >> $LOGFILE
echo " checking perms on sandbox dirs" >> $LOGFILE
ls -ld ~/projectdir/ >> $LOGFILE
ls -l ~/projectdir/ >> $LOGFILE
echo " " >> $LOGFILE
echo " who am i" >> $LOGFILE
whoami >> $LOGFILE
echo " " >> $LOGFILE
echo " checking sadia perms" >> $LOGFILE
groups  >> $LOGFILE
echo " " >> $LOGFILE
echo " test checkout" >> $LOGFILE
cd
mv projectdir projectdir.old
echo "going to need your ssh password"
cvs checkout projectdir 2>&1 | tee -a $LOGFILE
echo " " >> $LOGFILE
echo " checking perms on sandbox dirs again" >> $LOGFILE
ls -ld ~/projectdir/ >> $LOGFILE
ls -l ~/projectdir/ >> $LOGFILE
echo " " >> $LOGFILE
echo " " >> $LOGFILE
echo " " >> $LOGFILE
echo " "
echo " "
echo " "
echo " "
cat $LOGFILE
echo "send $LOGFILE to info-cvs"


-----Inline Attachment Follows-----

Even when this disclaimer is not here,
the opinions expressed by me are not necessarily sanctioned by and
do not necessarily represent those of my employer.
Also even when this disclaimer is not here, I DO NOT have authority to
direct you in any way to alter your contractual obligation
and my email can NOT be used as direction to modify a contract.



Looking for last minute shopping deals? Find them fast with Yahoo! Search.
reply via email to

[Prev in Thread] Current Thread [Next in Thread]