[cvsnt] Re: PAM Winbind linux cvsnt

Tony Hoyle tony.hoyle at march-hare.com
Fri May 12 13:09:29 BST 2006


Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.


Unbehagen, Bret Earl (SD) wrote:
  6. Created the /etc/cvsnt/PServer enabling the Repository options,
> LockServerLocal=0; Compat0_HideStatus=0,
> WinbindWapper=/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp,
> ServerName=<fqdn> 

It's better to just copy the example file.  I asume you didn't literally 
type the commas etc.

LockServerLocal=0 is almost never used except for certain advanced 
configurations (failover servers generally).

> Remotely I:
> $ CVSROOT=:pserver:<username>@<fqdn>:/<repo>
> $ cvs login
> Logging in to :pserver:<username>@<fqdn>:2401/<repo>
> CVS password:
> cvs login: authorization failed: server <fqdn> rejected access to
> /<repo> for user <username>

Hmm?  Why go through all that if you are not using SSPI?

The Winbind wrapper *only* enables a limited SSPI server functaionality 
on the cvsnt server (and even then I'm not sure I'd recommend it unless 
you had no choice.. use Unix native authentication where you can).

PAM configuration is entirely separate, and is up to your admins to get 
right (they probably already have done) - aside from copying a working 
PAM configuration file to /etc/pam.d/cvsnt there really isn't anything 
cvsnt specific to it at all.

Tony




More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook