CVS Server

From Gentoo Linux Wiki

Jump to: navigation, search

Contents

[edit] Introduction

If you've ever had some sort of programming project where you didn't want to turn your code into a disorganized soup of text files, you probably have had the idea of setting up a CVS server. While I will not explain what CVS "is" (you can read all about it here), what I will try to do here is tell you how to set up a CVS server from start to finish. A more modern orientated program which does virtually the same is Subversion, also known as svn.

Remark, that this HOWTO describes how to access a CVS using the pserver protocol. This protocol is insecure, as it transfers passwords in plain text. A more secure approach is to access CVS via SSH with public key authorization.

[edit] Installation

USE="server" emerge cvs emerge cvsd

That took care of the installation part. You have a nice and operable CVS client ("cvs"), and the CVS daemon that will be running on your system in order to make it a functional CVS server. CVS must be built with the "server" USE flag or else CVSD will not work properly. Whenever someone attempts to connect, you will get this error:

cvs [login aborted]: unrecognized auth response from <host> cvs: unrecognized option `--allow-root=/root'

[edit] Create a CVS Jailroot

Now, you have to decide where you would like to place your CVS jailroot. This jailroot is a directory where the CVS repository will be held, and other things like configuration, (encrypted) CVS user passwords, etc. A good location to put your jailroot in is /var/lib/cvsd, which hereafter will be the meaning of "jailroot" in this document.

Let us set it up the CVS jailroot:

mkdir /var/lib/cvsd cvs -d /var/lib/cvsd/root init cvsd-buildroot /var/lib/cvsd cd /var/lib/cvsd mkdir -p var/lock

Now our CVS jailroot is done. Our next task is to configure cvsd to run properly, and here is how it's done:

Note: cvsd doesn't work correctly if its jail is on filesystem with nodev

Fire up your favourite editor (I like nano, very Gentoo-ish. And yes, still as root!):

nano -w /etc/cvsd/cvsd.conf

Here is what you have to look for in the config and modify accordingly so the lines you modify look like this (Note - just modify the lines that look like the ones in the box to say exactly what they say in the box; do not make your whole file look like that! Also, make sure that the whole file ends in a newline):

File: /etc/cvsd/cvsd.conf
RootJail /var/lib/cvsd
Uid cvsd
Gid cvsd
Listen * 2401 # or whatever port you'd like it to listen on, up to you
Repos /root

When you're done modifying, press CTRL+O, then <ENTER>, and finally CTRL+X to quit nano.

[edit] Add Users

There is one more thing you need to set up - users. CVS obviously has to have users, otherwise you will never know who is responsible for the various source files! So here it is:

cvsd-passwd /var/lib/cvsd/root YOUR_USER_HERE

You will be prompted for a password, where I'm sure you know what to do. If you are extra-clever, you might realize that making the user name "anonymous" and not entering a password (just pressing ENTER will do) will create an anonymous CVS user. Woohoo!

  • NOTE: To create a user that has only read rights follow the next steps:
touch /var/lib/cvsd/root/CVSROOT/readers chown cvsd:cvsd /var/lib/cvsd/root/CVSROOT/readers nano /var/lib/cvsd/root/CVSROOT/readers

Add the users you just created to this file, each user seperated by a new line. Do not forget to put a new line after the last user. This setting only allows readers to the repository, to allow writers, create a file writers on same path.

  • If a user is in the readers file the user is only allowed to read, regardless of whether or not they are in the writers file. If the user is in the writers file and not the readers file they can both read and write.

[edit] Apply Correct Permissions

Once you're done setting up your various users, there are three more things to do:

  1. Change the permissions/ownership of your cvs directory
  2. Restart cvsd
  3. Add cvsd to your runlevel (if you want to)

1. Changing permissions and ownership. As root:

cd /var/lib chown -R cvsd:cvsd cvsd chmod -R 775 /var/lib/cvsd/root

2. (Re)starting cvsd, your CVS daemon. As root:

/etc/init.d/cvsd restart

3. If you'd like to, we can set it up so your CVS daemon starts up whenever your system does:

rc-update add cvsd default

And now you are done. Read up on how to use the CVS client ("man cvs"), and keep your code organized.

[edit] Quick local test

[edit] Common method

1. Set your CVSROOT environment var (:pserver:<username>@<host>:/cvsdirectory)

CVSROOT=:pserver:YOUR_USER_HERE:PASSWORD@localhost:/root; export CVSROOT

2. Login

cvs login

3. Import/Checkout something (See below)

4. Logout

cvs logout

[edit] Import/Checkout something

1. (Optional) Import your first project into cvs

cvs import -m 'Example01 project' example01 vendor start
Note: Make sure your cvs user name is in .../CVSROOT/writers and not in .../CVSROOT/readers. example01 is the name of the project, vendor is the vendor tag (can be anything), start is the release tag (can be anything which identifies the release)

all 3 fields must be included

Also note that this command will import everything in your current working directory, so if you wanted to import all the files in ~/example1/, you should cd into that directory, then execute the cvs import command. When you check out the files later, cvs will create a directory with the same name as the project to keep things neat.

2. (Optional) Checkout your first project from cvs

cvs -d myExmp01 co -A example01

[edit] Tips and Tricks

Delete all CVS Folders:

find ./* -type d | grep CVS | sed "s/^/rm -rf /" | sh

This variation will handle properly folders with spaces in their names and will handle hidden folders.

find -type d | grep CVS | sed "s/^/rm -rf \"/"|sed "s/$/\"/" | sh

[edit] Finally

Don't forget to route the port 2401 into your firewall

[edit] Potential Errors

The cvsd-1.0.2 build has a problem running the cvsd-buildroot command in which it does not copy all the libraries that are needed for the server to run correctly. If you are experiencing this error

cvs [login aborted]: reading from server: Connection reset by peer

Then use the following commands to fix this problem.

cp /lib/ld-* /path/to/cvsdir/lib/ cp /lib/libdl.so.2 /path/to/cvsdir/lib/ cp /lib/ld.so.1 /path/to/cvsdir/lib/

(note: with the above setup /path/to/cvsdir/lib/ is /var/lib/cvs/lib/)

Related Bug Report: Bug 87124

Related Forum Discussion: CVSD help

[edit] SSH Mode

[edit] Access on a local server

You can very easily use cvsd in the more secure ssh mode if you already have sshd set up. You may want to skip the step where you create pserver users:

cvsd-passwd /var/lib/cvsd/root YOUR_USER_HERE

If you already did that, you can reverse it by simply editing the file CVSROOT/passwd so that it is blank. This disables the pserver mode.

To give users on your server access to the cvs repository, issue the following commands:

chmod -R 775 /var/lib/cvsd/root gpasswd -a USERNAME cvsd

Repeat the second line for each user who needs access to cvs. Now any user that can access your server via ssh who also belongs to the cvsd group can access the cvs repository by setting CVSROOT as follows:

CVSROOT=:ext:YOUR_USER_HERE@YOUR_HOST_NAME:/var/lib/cvsd/root; export CVSROOT

Note: You cannot try ssh with command:

cvs login

because login command is enabled only for pserver protocol, you can try to list files in repository with command

cvs rls

(you have to have CVSROOT variable set)

If your client is not running a recent Gentoo version, you may also have to set CVS_RSH as follows:

CVS_RSH=ssh;export CVS_RSH

[edit] Access through a gateway

In theory you can define CVS_RSH to be any valid command which gives you a remote command interpreter. Namely as long as this scheme works, then CVS can use this particular CVS_RSH as a means to perform the neccesary tasks:

$CVS_RSH YOUR_USER_HERE@YOUR_HOST_NAME SOME_COMMAND

Now suppose your cvs server is on a machine called INTERNAL, and you have to login to an ssh gateway machine called GATEWAY first. Then you can define CVS_RSH:

export CVS_RSH=gateway_ssh

Now fireup your favorite editor, put these lines in your gateway_ssh file:

File: gateway_ssh
#!/bin/sh
ssh -t user@gateway ssh "$@"

Now let's save it in a directory which is in your $PATH, and conduct a basic test:

gateway_ssh YOUR_USER_HERE@INTERNAL ls

You should see a list of files on INTERNAL.

Now edit your CVSROOT variable:

export CVSROOT=":ext:INTERNAL:/var/lib/cvsd/root"

And you should be able to use cvs from your home computer now!

[edit] Combining pserver and SSH Mode

It is possible to use pserver mode and ssh mode at the same time. Just setup your server to use pserver. Create all pserver users with

cvsd-passwd /var/lib/cvsd/root YOUR_USER_HERE

and setup ssh like above:

chmod -R 775 /var/lib/cvsd/root gpasswd -a USERNAME cvsd


Please note that the path to the repository is different for pserver and ssh.

CVSROOT=:pserver:YOUR_USER_HERE@YOUR_HOST_NAME:/root; export CVSROOT #pserver
CVSROOT=:ext:YOUR_USER_HERE@YOUR_HOST_NAME:/var/lib/cvsd/root; export CVSROOT #ssh
Retrieved from "http://en.gentoo-wiki.com/wiki/CVS_Server"
Personal tools