[cvsnt] problem with checkout / permissions?

Gerhard Fiedler lists at connectionbrazil.com
Fri May 28 15:55:04 BST 2004

Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.

I have a system with some restricted permissions, and I'm getting this
result (using the sspi protocol with cvsnt 2.0.41a):

e:\test>cvs -t checkout Module/Test
D:\Programs\CVS\CVSNT\cvs.exe -t checkout Module/Test
  -> Tracelevel set to 1.  PID is 3992
  -> Session ID is f9840b74b8b0000
  -> main loop with CVSROOT=:sspi:user at gedesk:/projects
  -> Encryption enabled
  -> Requesting server cvsignore
  -> Requesting server cvswrappers
  -> Requesting server cvsrc (read-cvsrc2)
S -> do_module(Module/Test, Updating, , )
cvs [server aborted]: Cannot check out files into the repository itself

When I do the same as me myself, it works. But I am the admin on the
server. When I login as any of the restricted users, I get the above. The
odd thing is that it used to work; I don't know what has changed. (I did
update cvsnt on both client and server, but it's been a while since I last
tested this so I don't know whether this is related to it.)

The weird thing is that user can update a previously checked out sandbox of
the same module, he just cannot check out a new sandbox.

Needless to say that my repository is not anywhere near e:\test\. So I'm a
bit lost with that error message. A few search results seem to indicate
that it may be related to a permission issue. But it used to work... :(

Here is a quick run down on the permissions I have set on the server
- RepositoryRoot: Full Control for admins, service and system only
(inherited throughout the repository)
- RepositoryRoot/CVSROOT: added Read for all other users
- RepositoryRoot/CVSROOT/history and val-tags: added Modify for all other
- traversal access to a module (that is if I want a user to have access to
a sub-module): add Read access for that user
- read-only access to a module: add Read and List Folder Contents access
for that user
- normal read-write access to a module: add Full Control for that user
- the temp directory is outside the repository root, and Everyone has Full
- in the CVSROOT/config file I have a line with LockServer=localhost:2402
and also one with LockDir=... (also with Everyone having Full Control to
the lock dir). Do I need the LockDir entry at all, using LockServer?

This setup used to work, with only one quirk: If a user did a checkout or
update, he would see the directory contents of directories for which he
only is supposed to have traversal access. For example Module/Private and
Module/Project. Module would be set up as traversal access, Private as no
access and Project as full access. The user runs a checkout or update on
Module, and gets the error message that Private is not accessible. I'd
rather have them not even know that there is a Private in there. Anybody
knows how to do that?

I also never found a good description what the .perms files do, and how to
use them. Does anybody have a pointer to a description of them?

Sorry for the long post, but I thought that might help to see what's wrong
with my setup...

Thanks for any help,

More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook