[cvsnt] Re: cvs repository folder permission

Tony Hoyle tony.hoyle at march-hare.com
Wed Mar 22 10:13:27 GMT 2006

Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.

Cheok Yan Cheng wrote:
> When I setup CVSNT server, 2 objectives in my mind:
> (1) Users (except root) should not have read/ write
> permission to the CVS repository through remote
> control (for example, telnet)
> (2) However, users can checkout/ checkin the files to
> CVS repository through CVS pserver. (by using tortoise
> cvs)
> For (1), I can just simply set the CVS folder to chmod
> 700. However, by setting the CVS respository to 700,
> this will break (2). User can no longer checkout/
> checkin files to CVS repository through CVS pserver
> The simplest solution is to disable telnet feature.
> However, we do not want to do so. We want the user to
> have the ability to remote control, in order to
> perform other operations.
> Any advice for achieve (1) and (2) at the same time?
Create a user (and group, possibly) for cvs.  chown the repository to 
this user, and chmod 700 the directories (and 600 for the files).

Then in the PServer file set RunAsUser to this user.  The server will 
always setuid to that user to access the repository, so remote users 
will be able to work, but local users will have no access.

The downside is this breaks local access to the repository and (by 
extension) ssh access, since ssh doesn't have a mechanism for changing 
the user it impersonates...  since ssh and telnet are equivalent, 
permissions wise, you can't have one without the other.


More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook