Index: doc/cvs.texinfo =================================================================== RCS file: /home/dron/CVS/ccvs-local/doc/cvs.texinfo,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.2.2 diff -u -r1.1.1.1 -r1.1.1.1.2.2 --- doc/cvs.texinfo 2002/08/15 08:59:38 1.1.1.1 +++ doc/cvs.texinfo 2002/08/16 15:58:51 1.1.1.1.2.2 @@ -1,4 +1,4 @@ -\input texinfo @c -*-texinfo-*- +input texinfo @c -*-texinfo-*- @comment Documentation for CVS. @comment Copyright (C) 1992, 1993, 1999 Signum Support AB @comment Copyright (C) 1993 Free Software Foundation, Inc. @@ -1906,6 +1906,14 @@ cvs -d /usr/local/cvsroot init @end example +@code{cvs init} will automatically create user @code{admin} in +@file{$CVSROOT/CVSROOT/passwd} and display password for this account. +(@pxref{admin user}). For example, the command mentioned above will +produce the following output: +@example +cvs init: Creating administrator account 'admin': password is 'admin1224'. +@end example + @code{cvs init} is careful to never overwrite any existing files in the repository, so no harm is done if you run @code{cvs init} on an already set-up @@ -7623,6 +7631,7 @@ * history:: Show status of files and users * import:: Import sources into CVS, using vendor branches * log:: Show log messages for files +* password:: Change password of current @sc{cvs} user * rdiff:: 'patch' format diffs between releases * release:: Indicate that a directory is no longer in use * update:: Bring work tree in sync with repository @@ -8335,6 +8344,7 @@ @menu * admin options:: admin options +* admin user:: managing @sc{cvs} users @end menu @c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . @@ -8659,6 +8669,139 @@ @c never been documented as a cvs admin option. @end table +@c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . +@node admin user +@appendixsubsec admin user---Managing @sc{cvs} users + +@itemize @bullet +@item +Synopsis: admin user +@item +Requires: repository. +@item +Changes: repository. +@end itemize + +This subcommand is intended to simplify user management within CVS +repository. It allows to add, modify or delete users in CVS repository. The +global idea of this subcommand is to consistently modify both +@file{$CVSROOT/CVSROOT/passwd} and @file{$CVSROOT/CVSROOT/users} +administrative files (@pxref{Intro administrative files}). + +To execute this subcommand (in local or client/server mode) you must know +@pxref{CVS administrative user} password. In @code{local} mode password is +verified using @file{$CVSROOT/CVSROOT/passwd} file entry and in @code{server} mode +using @file{$HOME/.cvspass} file entry. Thus you must be logged in as @code{admin} +user to execute @command{admin user} in @code{server} mode. + +@menu +* admin user options:: User management options +* CVS administrative user:: CVS administrative user +* admin user examples:: User management examples +@end menu + +@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +@node admin user options, CVS administrative user, ,admin user +@appendixsubsec admin user options + +@table @code +The following options are supported. +@item -a username +Specify this option to add new user to a repository. The command failes if user +@code{username} already exists in @file{$CVSROOT/CVSROOT/passwd} file. +For example: +@example +prompt> cvs admin user -a jsmith +@end example +command will add new user with name @code{jsmith} and empty password to +@file{$CVSROOT/CVSROOT/passwd} file. The newly created user will not have a system user alias assosiated with too. + +@item -m username +Use this option to modify existing entry in @file{$CVSROOT/CVSROOT/passwd} file. +This option is used jointly with @code{-p}, @code{-P} and @code{-u} options. +The user specified in @code{username} argument must exist in +@file{$CVSROOT/CVSROOT/passwd} file, otherwise command files. + +@item -d username +This option deletes user specifyed by @code{username} argument from +@file{$CVSROOT/CVSROOT/passwd} file. All other options to @code{admin user} +command will be ignored. +For example, command: +@example +prompt> cvs user -d jsmith +@end example +will delete user @code{jsmith} from @sc{cvs}' user database. + +Options @code{-a, -m and -d} are mutually exclusive as you can guess. +@emph{Remember, that @code{admin user} command does deal with system's user database.} + +@item -u alias +This option specifies a system user alias for @sc{cvs} user. (@pxref{Password authentication server}). For example, +@example +prompt> cvs admin user -a jsmith -u pubcvs +@end example +will add the following entry to @file{$CVSROOT/CVSROOT/passwd} file: +@example +jsmith:*:pubcvs +@end example + +@item -P password +This option allow to specify user password in a command line. Of course, it's +possible security violation, because passwords could be stolen (for example, +from shell hostory file). But the main purpose of this option is a possibility +to simplify usage of @command{admin user} inside scripting languages +(CGI, for instance). + +@strong{We strongly do not recommend to use it in an interactive mode} + +@item -p +Unlike @code{-P} option this one allows to specify user password interactively. +@example +prompt> cvs admin user -a jsmith -u pubcvs -p +@end example + +@end table + +You can find examples in @ref{admin user examples}. + +@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +@node CVS administrative user, admin user examples, admin user options,admin user +@appendixsubsec CVS administrative user +@cindex CVS administrative user + +In addition to stadard security restrictions (@pxref{admin}) @command{admin user} +there must be user @code{admin} defined in @file{$CVSROOT/CVSROOT/passwd} file. +Current version of @sc{cvs} creates this user automatically while executing +@command{init} command (@pxref{Creating a repository}). User @var{admin} can't have empty password, +otherwise execution of @pxref{admin user} will be denied. + +@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +@node admin user examples, ,CVS administrative user,admin user +@appendixsubsec admin user---User management samples +@cindex admin user examples + +Add user @code{jsmith} without password: +@example +prompt> cvs admin user -a jsmith +@end example + +Add user @code{jsmith} with alias @code{javabu} and password: +@example +@c Should be an complete example of cvs admin user execution +prompt> cvs admin user -a jsmith -u javabu -p +@end example + +@cindex password +@cindex forgotten password +Modify password for user @code{jsmith}: +@example +prompt> cvs admin user -m jsmith -p +@end example + +Delete use @code{jsmith}: +@example +prompt> cvs admin user -d jsmith +@end example @c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @node checkout @@ -10383,6 +10526,39 @@ @appendixsubsec log examples Contributed examples are gratefully accepted. + +@c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +@node password +@appendixsec password---Changing password for current @sc{cvs} user +@cindex password (subcommand) + +@itemize @bullet +@item +Synopsis: password +@item +Requires: repository. +@item +Changes: repository. +@item +Symonym: pass +@end itemize + +This command allow remote users to change thier passwords to @sc{cvs} +respository. Current user must be logged on to @sc{cvs} server to execute +this command. + +First @command{password} checks current user password stored in +@file{$HOME/.cvspass} file. It you gave wrong password command will be aborted. +If the current given password is correct you will be asked (twice) for new +password to @sc{cvs} repository. + +User can change password of it's own only. For example, if you are logged in +as @code{jsmith} you will not be able to change password for user @code{mriam}. +There is no way to "remind" your password, because passwords are cryped with +crypt() UNIX function. If you've forgotten you password contact your @sc{cvs} +administrator or use @pxref{admin user} subcommand to change password. + +Command @code{password} is supported only in @code{pserver} mode. @c - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @node rdiff Index: src/cvs.h =================================================================== RCS file: /home/dron/CVS/ccvs-local/src/cvs.h,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.2.1 diff -u -r1.1.1.1 -r1.1.1.1.2.1 --- src/cvs.h 2002/08/15 08:59:45 1.1.1.1 +++ src/cvs.h 2002/08/16 08:43:13 1.1.1.1.2.1 @@ -90,6 +90,8 @@ #include "root.h" +#include "user.h" + #if defined(SERVER_SUPPORT) || defined(CLIENT_SUPPORT) # include "client.h" #endif Index: src/main.c =================================================================== RCS file: /home/dron/CVS/ccvs-local/src/main.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.2.1 diff -u -r1.1.1.1 -r1.1.1.1.2.1 --- src/main.c 2002/08/15 08:59:46 1.1.1.1 +++ src/main.c 2002/08/16 08:36:50 1.1.1.1.2.1 @@ -107,6 +107,7 @@ { "add", "ad", "new", add, CVS_CMD_MODIFIES_REPOSITORY | CVS_CMD_USES_WORK_DIR }, { "admin", "adm", "rcs", admin, CVS_CMD_MODIFIES_REPOSITORY | CVS_CMD_USES_WORK_DIR }, { "annotate", "ann", NULL, annotate, CVS_CMD_USES_WORK_DIR }, + { "password", "pass", NULL, password, 0 }, { "checkout", "co", "get", checkout, 0 }, { "commit", "ci", "com", commit, CVS_CMD_MODIFIES_REPOSITORY | CVS_CMD_USES_WORK_DIR }, { "diff", "di", "dif", diff, CVS_CMD_USES_WORK_DIR }, @@ -214,6 +215,7 @@ #ifdef AUTH_CLIENT_SUPPORT " login Prompt for password for authenticating server\n", " logout Removes entry in .cvspass for remote repository\n", + " password Change user password\n", #endif /* AUTH_CLIENT_SUPPORT */ #if (defined(AUTH_SERVER_SUPPORT) || defined (HAVE_GSSAPI)) && defined(SERVER_SUPPORT) " pserver Password server mode\n", Index: src/Makefile.am =================================================================== RCS file: /home/dron/CVS/ccvs-local/src/Makefile.am,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.2.1 diff -u -r1.1.1.1 -r1.1.1.1.2.1 --- src/Makefile.am 2002/08/15 08:59:44 1.1.1.1 +++ src/Makefile.am 2002/08/16 08:31:29 1.1.1.1.2.1 @@ -75,6 +75,7 @@ subr.c \ tag.c \ update.c \ + user.c \ version.c \ vers_ts.c \ watch.c \ @@ -94,6 +95,7 @@ root.h \ server.h \ update.h \ + user.h \ watch.h cvs_LDADD = \ Index: src/admin.c =================================================================== RCS file: /home/dron/CVS/ccvs-local/src/admin.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.2.1 diff -u -r1.1.1.1 -r1.1.1.1.2.1 --- src/admin.c 2002/08/15 08:59:44 1.1.1.1 +++ src/admin.c 2002/08/16 08:48:02 1.1.1.1.2.1 @@ -158,6 +158,11 @@ usage (admin_usage); wrap_setup (); + if (strcmp(argv[1],"user")==0) { + argc-=1; + argv+=1; + return user(argc,argv); + } memset (&admin_data, 0, sizeof admin_data); Index: src/login.c =================================================================== RCS file: /home/dron/CVS/ccvs-local/src/login.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.2.1 diff -u -r1.1.1.1 -r1.1.1.1.2.1 --- src/login.c 2002/08/15 08:59:46 1.1.1.1 +++ src/login.c 2002/08/16 08:39:05 1.1.1.1.2.1 @@ -12,12 +12,6 @@ #ifdef AUTH_CLIENT_SUPPORT /* This covers the rest of the file. */ -#ifdef HAVE_GETPASSPHRASE -#define GETPASS getpassphrase -#else -#define GETPASS getpass -#endif - /* There seems to be very little agreement on which system header getpass is declared in. With a lot of fancy autoconfiscation, we could perhaps detect this, but for now we'll just rely on Index: src/mkmodules.c =================================================================== RCS file: /home/dron/CVS/ccvs-local/src/mkmodules.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.1.2.1 diff -u -r1.1.1.1 -r1.1.1.1.2.1 --- src/mkmodules.c 2002/08/15 08:59:46 1.1.1.1 +++ src/mkmodules.c 2002/08/16 08:26:34 1.1.1.1.2.1 @@ -978,7 +978,12 @@ free (info_v); mkmodules (adm); - + /* Adding administrator account to repository. Special hook in password(): + * argc must be -2 + * argv[0] holds path to CVSROOT directory + */ + password(-2,&adm); + free (adm); return 0; } Index: src/server.c =================================================================== RCS file: /home/dron/CVS/ccvs-local/src/server.c,v retrieving revision 1.1.1.1 retrieving revision 1.5.2.1 diff -u -r1.1.1.1 -r1.5.2.1 --- src/server.c 2002/08/15 08:59:48 1.1.1.1 +++ src/server.c 2002/08/16 08:53:04 1.5.2.1 @@ -4721,6 +4721,8 @@ } static void serve_valid_requests PROTO((char *arg)); +static void serve_password PROTO((char *arg)); +static void serve_user PROTO((char *arg)); #endif /* SERVER_SUPPORT */ #if defined(SERVER_SUPPORT) || defined(CLIENT_SUPPORT) @@ -4816,6 +4818,8 @@ REQ_LINE("rannotate", serve_rannotate, 0), REQ_LINE("noop", serve_noop, RQ_ROOTLESS), REQ_LINE("version", serve_version, RQ_ROOTLESS), + REQ_LINE("password", serve_password, 0), + REQ_LINE("admin-user", serve_user, 0), REQ_LINE(NULL, NULL, 0) #undef REQ_LINE @@ -5401,8 +5405,8 @@ int found_it = 0; int namelen; - /* We don't use current_parsed_root->directory because it hasn't been - * set yet -- our `repository' argument came from the authentication + /* We don't use current_parsed_root->directory because it hasn't been set yet + * -- our `repository' argument came from the authentication * protocol, not the regular CVS protocol. */ @@ -6633,4 +6637,22 @@ else if (text != NULL) cvs_output (text, 0); } +} +/* + * Password modifications + */ +static void +serve_password (arg) + char *arg; +{ + command_name = "password"; + do_cvs_command ("password", password); +} +static void +serve_user (arg) + char *arg; +{ + /* Actual command is 'admin user' but cvs command is 'admin */ + command_name = "admin user"; + do_cvs_command ("admin", user); }