[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: cvs passwd management

From: Rudy Zung
Subject: RE: cvs passwd management
Date: Wed, 12 Apr 2006 16:08:48 -0400

The name of the file mentioned below should be cvsuseradmins,
and not cvsadminusers. My bad :-(

-----Original Message-----
From: address@hidden
[mailto:address@hidden On Behalf
Of Rudy Zung
Sent: Wednesday, April 12, 2006 3:57 PM
To: Troubled User; address@hidden
Subject: RE: cvs passwd management

Two scripts supplied gratis and as is. Written specifically for my
needs, and I am unlikely to entertain any maintenance requests for it.

Idiosyncracies: call cvsuser script with arguments (see below); cvsuser
will call, so you generally won't need to deal with cryptout
directly. You must be in the CVSROOT directory where the cvs passwd (NOT
the /etc/passwd) file is located when you invoke cvsuser. My
implementation of cvsuser also requires your Unix login name be present
in a file called cvsadminusers, which should be in the same directory as
the CVSROOT/passwd file. It really doesn't give you much protection,
just enough to prevent my people from accidentally running the script;
you can probably comment out that whole block from cvsuser.

Add user to CVSROOT:
   cvsuser <username> <password>
Remove user from CVSROOT:
   cvsuser <username>
Copy password from another CVSROOT:
   cvsuser <username> /<rootName>
This last one has been hardcoded to my intallation where all my roots
are under /cvs; so to copy joeuser from /cvs/someOtherProject, you use:
   cvsuser joeuser /someOtherProject
This also precludes people from having a password that starts with an
initial forward slash.


First script: /usr/local/bin/
======= start script =======

# take from fogel CVS book page 114
srand (time());
my $randletter = "(int rand(2) + 0.5) % 2 ? (int rand(10) + 48) : (int
(rand(26)) + (int (rand(1) + .5) % 2 ? 65 : 97))";
my $salt = sprintf("%c%c",
                   eval $randletter, eval $randletter);
my $plaintext = shift;
my $crypttext = crypt($plaintext, $salt);

print "${crypttext}\n";
======= end script =======

Second script: /usr/local/bin/cvsuser:
======= start script =======


if (( ($# < 1) || ($# > 3) )) ; then
   $ECHO "usage: $0 username [ password | /cvsrootname ]"
   $ECHO "       blank password deletes user"
   exit 1

if [[ ( `/bin/pwd | cut -c 1-9` != /usr/cvs/ ) && \
      ( `/bin/pwd | cut -c 1-5` != /cvs/ ) ]] ; then
   $ECHO Can only be run under /cvs tree
   exit 2

if [[ ! -e cvsuseradmins ]] ; then
   $ECHO No cvsuseradmins file found
   exit 3

if [ `/usr/bin/id -u` -ne 0 ] ; then
   if ( ! { $GREP `/usr/bin/whoami` cvsuseradmins > /dev/null ; } ) ;
      $ECHO You are not a CVS user administrator for this CVSROOT
      exit 4

if [[ ! -e passwd ]] ; then
   $ECHO No passwd file found
   exit 5

#if [[ ! -O passwd ]] ; then
#   echo Unwilling to modify passwd file owned by \
#        `/bin/ls -l passwd | cut -d " " -f 5`
#   exit 9

if [ -e passwd.tmp ] ; then
   $RM -f passwd.tmp

$GREP -v ^$1: passwd | $GREP -v ^\$ > passwd.tmp
$CHGRP cvs passwd.tmp
$CHMOD ug=rw,o-rwx passwd.tmp

if [ -z $2 ] ; then
   if ( { /usr/bin/diff passwd passwd.tmp > /dev/null ; } ) ; then
      $ECHO No $1 to remove
      $ECHO Removed $1
   if [[ `$ECHO $2 | cut -c 1` == '/' ]] ; then
#      /bin/grep ^$1: $2 >> passwd.tmp
      $GREP ^$1: ../../${2}/CVSROOT/passwd >> passwd.tmp
      if ( ! { $GREP $1: passwd.tmp > /dev/null ; } ) ; then
         $ECHO User $1 failed to appear in the passwd file
         $RM passwd.tmp
         exit 10
      $ECHO $1:`/usr/local/bin/ $2`:${3:-cvs} >> passwd.tmp
      if ( ! { $GREP $1: passwd.tmp > /dev/null ; } ) ; then
         $ECHO User $1 failed to appear in the passwd file\; reverting
         $RM passwd.tmp
         exit 11

# lossless operation to hardlink a backup, then hardlink passwd to the
/$LN -f passwd     passwd.bak
/$LN -f passwd.tmp passwd

# this is correct: if we have a good passwd file, we can rm the tmp
if [ -e passwd ] ; then
   $RM -f passwd.tmp
======= end script =======


-----Original Message-----
From: address@hidden
[mailto:address@hidden On Behalf Of
Troubled User
Sent: Wednesday, April 12, 2006 12:42 PM
To: address@hidden
Subject: cvs passwd management

Im trying to find a tool that will help me edit the cvsroot/passwd file.
(there are multiple cvsroots / passwd files  involved)

I'm in the middle of writing a perl script, but i don't like the way it
works.  It basically does the following:

1. copy passwd to passwd.tmp
2. read passwd.tmp. 
   2a.  (for each line) if the user on the current line is Not the user
im trying to edit, then print the current line to passwd.
           If it is the user im editing, then print a variable
containing the new value to passwd instead of what was in passwd.tmp
   2b. If the user was not in passwd.tmp, add an entry for the new user
to the end of passwd
3. delete passwd.tmp

this will work, but i just think it's sloppy, and would rather use a
tool that is already been developed.
info-cvs mailing list

info-cvs mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]