Edward Peschko wrote: >On Sun, Jun 29, 2003 at 09:42:11PM -0500, Corey Minyard wrote: > > >>Have you looked at my patch, at http://home.attbi.com/~minyard/? It's >>been around for a while and is well tested, and implements full ACLs >>(per directory, per file, and per branch) within CVS, and has a lot of >>users. >> >> >> > >well I wasn't aware of it before I started coding, but yeah I looked at it, it looked >a >little bit more complicated/'batched up' than I wanted (ie: you've got other changes >that don't relate to acl.) Also I wanted something simple, wasn't sure how easy to >use >your solution was. > Yes, it has a few other things, too. It's not terribly difficult to use, but it may be difficult to use it to achieve what you want.
> >Anyways, I'm not against your patches (ie: if they are the standard acl for cvs, I'd >be >more than happy to use them), but I had a couple of questions: > > 1) is your acl mechanism backwards compatible with existing cvs > clients/servers? > Yes. You can't do ACL operations, obviously, but the ACLs are enforced. > 2) how do you use your acl? > Each directory has an owner and a set of permissions. The owner (or an admin) can set the permissions for directory/files/branches or assign a new owner for the directory. Permissions can also propigate directories (you can assign them at a base directory and with a command-line option to the server have the propigate to subdirectories. propigation can also be blocked). Maintenance of ACLs is through new CVS commands. It is not centralized, though. > >#1 is key for me - I need something where I don't need to download a new client for >everyone who wants to use ACL. #2 is pretty important too - I want something >centralized, >one file that I can check and see at a glance who has access to what. If #1 and #2 >holds >for your patch, then like I said I'd be more than happy to use it. > For single file centralized access that the users don't have control over, I believe you could easily set up a shell script to handle that. No need to modify CVS. I've never done it, but if that's what you want, I'd recommend trying the shell-script approach. It will be easier to maintain in the long-term. -Corey _______________________________________________ Info-cvs mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/info-cvs
