[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: acl for cvs try II

From: Corey Minyard
Subject: Re: acl for cvs try II
Date: Mon, 30 Jun 2003 14:46:25 -0500
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030313

Edward Peschko wrote:

>On Sun, Jun 29, 2003 at 09:42:11PM -0500, Corey Minyard wrote:
>>Have you looked at my patch, at  It's
>>been around for a while and is well tested, and implements full ACLs
>>(per directory, per file, and per branch) within CVS, and has a lot of
>well I wasn't aware of it before I started coding, but yeah I looked at it, it 
>looked a 
>little bit more complicated/'batched up' than I wanted (ie: you've got other 
>that don't relate to acl.) Also I wanted something simple, wasn't sure how 
>easy to use 
>your solution was. 
Yes, it has a few other things, too.  It's not terribly difficult to
use, but it may be difficult to use it to achieve what you want.

>Anyways, I'm not against your patches (ie: if they are the standard acl for 
>cvs, I'd be
>more than happy to use them), but I had a couple of questions:
>       1) is your acl mechanism backwards compatible with existing cvs 
> clients/servers?
Yes.  You can't do ACL operations, obviously, but the ACLs are enforced.

>       2) how do you use your acl?
Each directory has an owner and a set of permissions.  The owner (or an
admin) can set the permissions for directory/files/branches or assign a
new owner for the directory.  Permissions can also propigate directories
(you can assign them at a base directory and with a command-line option
to the server have the propigate to subdirectories.  propigation can
also be blocked).

Maintenance of ACLs is through new CVS commands.

It is not centralized, though.

>#1 is key for me - I need something where I don't need to download a new 
>client for 
>everyone who wants to use ACL. #2 is pretty important too - I want something 
>one file that I can check and see at a glance who has access to what. If #1 
>and #2 holds
>for your patch, then like I said I'd be more than happy to use it.
For single file centralized access that the users don't have control
over, I believe you could easily set up a shell script to handle that. 
No need to modify CVS.  I've never done it, but if that's what you want,
I'd recommend trying the shell-script approach.  It will be easier to
maintain in the long-term.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]