[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
More locking, sort of
From: |
cvs |
Subject: |
More locking, sort of |
Date: |
Thu, 5 Sep 2002 14:41:06 -0400 |
From: address@hidden
Date: Thu, 5 Sep 2002 13:03:59 -0500 (CDT)
[...]
> Set up a Unix group which has write access to the repository.
> Ensure that everything in the repository is read-only to everyone
> else, and ensure that the directories all have the setuid bit
> so that newly created directories inherit these permissions.
>
There's a step missing here: if you just do this the turkeys will
be unable to check out and update software.
Right. As I was trying to describe previously, the issue is around a
small area of the tree. In fact, it's the common makefile
infrastructure which drives the building of the whole tree; get that
wrong and you can bring everything to a screeching halt for everybody,
rather than just porking one particular subdir.
You need to put a line
like
LockDir=/usr/local/cvslocks
(change the directory as you will, but don't put any spaces in)
in CVSROOT/config, and of course have a /usr/local/cvslocks or whatever
directory that all the turkeys can write to. Assuming a reasonably
up-to-date version of CVS, this will allow the turkeys read-only
access to the repository.
Huh. I suppose one could also play games with putting certain (sets
of) users in or out of certain groups, thus allowing some selectivity.
[...]
I suspect this is not going to fly, given the political problems against
getting decent hackers.
I still have qualms about this, most particularly being that I don't
see that having competent people looking over incompetent code is
a tremendous improvement. Perhaps instituting different processes,
such as early semi-formal reviews, would be more useful, but I know
nothing of the politics at your site.
Yah. The details aren't worth going in to, their effect it to render
the review processes (which we do have, and try to use) less effective
than they should be.
I grant that applying a technical solution to a political problem is
generally not the right thing, but in this case I have some control
over the former, and very little over the latter.
Thanks for the ideas.
- More locking, sort of, cvs, 2002/09/05
- Re: More locking, sort of, Noel Yap, 2002/09/05
- Re: More locking, sort of, Kaz Kylheku, 2002/09/05
- Re: More locking, sort of, Greg A. Woods, 2002/09/05
- Re: More locking, sort of, Matthew Hannigan, 2002/09/06
- Re: More locking, sort of, Greg A. Woods, 2002/09/06
- CVS vs Aegis (Re: More locking, sort of), Matthew Hannigan, 2002/09/07
- Re: CVS vs Aegis (Re: More locking, sort of), Greg A. Woods, 2002/09/07
- Re: CVS vs Aegis (Re: More locking, sort of), Matthew Hannigan, 2002/09/08