[EMAIL PROTECTED] on 2000.08.09 10:22:00
>The trick is to use them correctly, just as you would have to use
>permissions and ownerships correctly without full ACLs. Any kind of
>access control mechanism, be it traditional unix-style permissions, or
>full ACLs, will only have the desired effect if it is placed on the
>directories in the repository. You won't get what you're looking for if
>you try to use them on the RCS files themselves, particularly because
>CVS does not itself do anything with ACLs (at least for now).
>
>Note that I say CVS doesn't itself do anything with ACLs -- it merely
>honours them, or rather is forced by the system to honour them. This
>means that you'll probably have to either be very careful to set them on
>the top level directories in each module so that only those users who
>are authorised to work in that module are allowed to even descend beyond
>these module roots; or you'll have to periodically check and update the
>ACLs on all directories in your repository.
>
>See the first paragraph of the section on "File Permissions" in the
>manual.
All users (except those who should be denied all access) need read permissions
on the RCS archive files. I've been able to use loginfo to manage the ACL's on
those files (so long as the ACL's on the their directories are properly set).
The gist is:
1. Files should keep the execute bit they've been given originally.
2. Files must be read-only.
3. Aside from the above, files must have the same ACL's as their parent
directories.
4. Directories must get the ACL's of their parent directories.
5. Special permissions must be explicitly set for new top level directories (eg
new modules).
I've enclosed my loginfo script.
Noel
Enc
(See attached file: loginfo.pl)
loginfo.pl
