| CVSPermissions | ||
CVSPermissions is a group of shell scripts and configuration files. The shell scripts can be broken into two categories
Configuration Scripts: Scripts that will help the CVS administrator add users, modify directories etc.,. These scripts in turn add or change information in the configuration files that will be used by the Control scripts during CVS operations.
Control Scripts: Control scripts are executed by CVS server automatically when a particular action occurs. For example during file commits, tagging files etc., These scripts read information from the configuration files to determine whether the particular action is permitted. If the action is not permitted, it exits with return code 1 to indicate to the CVS server to abort the operation. The server in turn would communicate back to the client the error message returned by the control script.
CVSROOT/writers and
CVSROOT/readers: These files are part of base CVS
configuration. They control all the read/write accesses to the repository.
User IDs present in these files are allowed to have read/write access to the
repository. CVSPermissions uses these files extensively to control access to the
repository. Further, it builds on top of this capability to provide
directory level permissions.
CVSROOT/users.restricted: This file is
used by CVSPermissions to determine the list of users who have restricted access
in the system. The control script uses this list of users to determine
whether further permission verification is required
CVSROOT/$USER.permission: Each user
listed in CVSROOT/users.restrictedshould have a
corresponding file that tracks specific permissions for that user. User
level access permission is maintained in the
CVSROOT/$USER.permission file.
In the CVS toolkit collection of scripts, the script
cvspermissions.sh and
cvspermtagcheck.share control scripts that will be
triggered each time a file is committed or tagged to the CVS database
respectively. These scripts get information from the various configuration
files to determine whether the particular commit operation is valid. If the
operation is invalid due to access permissions setup for the particular user in
a folder, the script will exit with a return code of 1. This will cause CVS to
fail the current process and return an error message to the person changing the
file.
The configuration scripts will modify the information stored in the configuration files for the control scripts to work. These configuration files are in turned stored in the “CVSROOT” module of the repository. Further, these files are setup in such a way that any changes to them will cause CVS to rebuild its administrative database.
The shell script cvspermsetup.sh performs the initial
setup of the repository including association of the control files with CVS
commit operations and adding the configuration files to the CVSROOT module.