[cvsnt-dev] Re: root commits: acls vs. CVS_BADROOT
Tony Hoyle
tony.hoyle at march-hare.com
Thu Jun 8 15:04:25 UTC 2006
David Somers wrote:
> Tony,
>
> There is a some weirdness with CVSROOT and root doing commits in there.
>
> The default acl on CVSROOT when a repo is created gives root full access...
> but because CVS_BADROOT is defined by default in config.h.in the commit
> process will refuse to allow root to do any commits because of this.
>
> Does it make sense to simply undefine CVS_BADROOT in config.h.in and let
> root's ability to commit be determined by cvsnt's ACLs?
>
Having root commit is dangerous - the commit scripts could do basically
anthing.
Listing the administrator users (or groups - you could put 'wheel' on
there for example) in CVSROOT/admin is sufficient to give them access...
it should be a standard part of the initial configuration to do this.
Tony
More information about the cvsnt-dev
mailing list