New feature: Restricted admin command for CVS server
Patch available: YES
Hi,
This email describes a new feature and patch I did for admin command
of CVS. Comments are welcome whether this could be useful to other
users also. If there is interest then I'll post a patch. Or if this
patch is unnecessary and there is already a way to do this then
please let me know.
CVS server has admin command, which has couple of useful options and
couple of dangerous one too. If we need only lock and unlock commands
then current CVS implementation forces us to enable all other admin
options also.
We could allow all users to run lock and unlock by listing all users
in CVSAdmin user group, but then they could run those dangerous admin
commands also.
The solution was to create a server side configuration option, which
allows us to define certain admin options public (ie. all users can
use them) and leave rest of the options only to CVSAdmin users.
CVSROOT/config file has a new option called PublicAdminCommands. This
feature does not change the default behaviour of CVS. Repository
administrator must explicitly add this option in config file and list
public command options.
#-------------------------
# FILE: CVSROOT/config
# Set this to "no" if pserver shouldn't check system users/passwords
#SystemAuth=no
# Set `PublicAdminCommands' to list admin command options,
# which are available to all users even when a user is not part
# of CVSAdmin group.
#
# Example: Following entry would enable lock (l) and unlock (u)
# commands to all users.
PublicAdminCommands=lu
#-------------------------
The patch is only couple of code lines in ADMIN.C and PARSEINFO.C
files and it should not break any existing functionality (famouse
last words).
Best regards,
Mika Nieminen
