From: Jouni Malinen (jkmaline_at_cc.hut.fi)
Date: 2002-07-23 21:31:52 UTC
On Tue, Jul 23, 2002 at 05:05:05PM -0400, Pavel Roskin wrote:
> I have the same problem with kernel-patches and pcmcia-cs-patches.
Fixed. The repository at hostap.epitest.fi is just a copy of my real CVS repository and the updating script did not fix permissions for new directories.
> Running "cvs -n update" shows what cvs wants to do. There is also another
> directory "inject" that is ignored for some other reason that cvs fails to
> report properly, but tracing shows that something is seriously wrong:
> cvs update: dying gasps from hostap.epitest.fi unexpected
inject directory is empty and that dying gasps is not nice.. I do not know why it happens, but it could be related to the problem that hangs all cvs commands if compression is used (the hang happens only after all files are transferred).
> My guess is that permissions are wrong on those directories. I believe
> that it's much better to use a separate lock directory with relaxed
> permissions by setting LockDir in CVSROOT/config - this is recommended if
> read-only access needs to be supported.
Yes, separate lock directory would probably be better. Although, in this case there is not that much problems in giving more privileges to cvs since the repository is just a copy.
I haven't had time to debug the other problem though. Being paranoid, I use chrooted environment that does not contain even shell or any libraries, only staticly compiled cvs. This apparently breaks something. If I remember correctly, it worked when running as root in chrooted environment, but not when it is set to another uid.. So, if anyone
happens to know an easy to install, secure (as in non-root user in extremely restricted chrooted env), and working configuration for providing anonymous pserver access, please let me know. -- Jouni Malinen PGP id EFC895FA