%general-entities; ]> $LastChangedBy: randy $ $Date: 2013-02-11 13:51:17 -0500 (Mon, 11 Feb 2013) $ This section will describe how to set up, administer and secure a CVS server. CVS Server Dependencies Required and A CVS server will be set up using OpenSSH as the remote access method. Other access methods, including :pserver: and :server: will not be used for write access to the CVS repository. The :pserver: method sends clear text passwords over the network and the :server: method is not supported in all CVS ports. Instructions for anonymous, read only CVS access using :pserver: can be found at the end of this section. Configuration of the CVS server consists of four steps: Create a new CVS repository with the following commands: mkdir /srv/cvsroot && chmod 1777 /srv/cvsroot && export CVSROOT=/srv/cvsroot && cvs init Import a source module into the repository with the following commands, issued from a user account on the same machine as the CVS repository: cd <sourcedir> && cvs import -m "<repository test>" <cvstest> <vendortag> <releasetag> Test access to the CVS repository from the same user account with the following command: cvs co cvstest Test access to the CVS repository from a remote machine using a user account that has ssh access to the CVS server with the following commands: Replace <servername> with the IP address or host name of the CVS repository machine. You will be prompted for the user's shell account password before CVS checkout can continue. export CVS_RSH=/usr/bin/ssh && cvs -d:ext:<servername>:/srv/cvsroot co cvstest CVS can be set up to allow anonymous read only access using the :pserver: method by logging on as root and executing the following commands: (grep anonymous /etc/passwd || useradd anonymous -s /bin/false -u 98) && echo anonymous: > /srv/cvsroot/CVSROOT/passwd && echo anonymous > /srv/cvsroot/CVSROOT/readers Testing anonymous access to the new repository requires an account on another machine that can reach the CVS server via network. No account on the CVS repository is needed. To test anonymous access to the CVS repository, log in to another machine as an unprivileged user and execute the following command: cvs -d:pserver:anonymous@<servername>:/srv/cvsroot co cvstest Replace <servername> with the IP address or hostname of the CVS server. mkdir /srv/cvsroot: Create the CVS repository directory. chmod 1777 /srv/cvsroot: Set sticky bit permissions for CVSROOT. export CVSROOT=/srv/cvsroot: Specify new CVSROOT for all cvs commands. cvs init: Initialize the new CVS repository. cvs import -m "repository test" cvstest vendortag releasetag: All source code modules must be imported into the CVS repository before use, with the cvs import command. The -m flags specifies an initial descriptive entry for the new module. The cvstest parameter is the name used for the module in all subsequent cvs commands. The vendortag and releasetag parameters are used to further identify each CVS module and are mandatory whether used or not. (grep anonymous /etc/passwd || useradd anonymous -s /bin/false -u 98): Check for an existing anonymous user and create one if not found. echo anonymous: > /srv/cvsroot/CVSROOT/passwd: Add the anonymous user to the CVS passwd file, which is unused for anything else in this configuration. echo anonymous > /srv/cvsroot/CVSROOT/readers: Add the anonymous user to the CVS readers file, a list of users who have read only access to the repository. Installed Programs Installed Libraries Installed Directories None None /srv/cvsroot