-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Grand Poohbah <[EMAIL PROTECTED]> writes:
> I am setting up a FreeBSD 5.x machine with cvs 1.11.17. > > My goal is to have a "guest" style read-only access to a cvs repository > under a strict chroot environment. I have setup my repository with file > permissions similar to those found in the how-to > http://www.idealx.org/doc/chrooted-ssh-cvs-server.en.html However, instead > of using a rssh or a smrsh type of shell, I am attempting to do a classic > chroot. > > The cvs user logs into the server with ssh and get dropped into a chroot > directory. I have place what I believe to be all the necessary files (cvs > binary, permission/group files and repository files) for cvs to work inside > this chroot environment and it *seems* to be working as intended as a chroot > environment. However, when my remote system attempts a "cvs update -Ad" (or > diff or other client command) I get the following errors. > > Root: not found > Valid-responses: not found > valid-requests: not found > > Then the process just hangs until a ^C > > > Question: is there a debug or verbose mode I can use to get more output? I > have the mirrored repository file structure and permissions set up > correctly, my only binaries I have are the following > > /bin/sh > /bin/chroot.sh > /bin/ls > /dev/null > /usr/bin/rsync > /usr/bin/cvs You will likely also need some libraries. A stock version of FreeBSD comes with a patched version of cvs 1.11.5-FreeBSD and needs a number of libraries: % uname -a FreeBSD test52 5.2-RELEASE FreeBSD 5.2-RELEASE #0: Sun Jan 11 04:21:45 GMT 2004 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 % /usr/bin/cvs -v Concurrent Versions System (CVS) 1.11.5-FreeBSD (client/server) Copyright (c) 1989-2002 Brian Berliner, david d `zoo' zuhn, Jeff Polk, and other authors CVS may be copied only under the terms of the GNU General Public License, a copy of which can be found with the CVS distribution kit. Specify the --help option for further information about CVS % ldd /usr/bin/cvs /usr/bin/cvs: libgnuregex.so.2 => /usr/lib/libgnuregex.so.2 (0x280f3000) libmd.so.2 => /lib/libmd.so.2 (0x280fb000) libcrypt.so.2 => /lib/libcrypt.so.2 (0x28105000) libz.so.2 => /lib/libz.so.2 (0x2811e000) libgssapi.so.7 => /usr/lib/libgssapi.so.7 (0x2812c000) libkrb5.so.7 => /usr/lib/libkrb5.so.7 (0x2813a000) libasn1.so.7 => /usr/lib/libasn1.so.7 (0x28177000) libcrypto.so.3 => /lib/libcrypto.so.3 (0x2819d000) libroken.so.7 => /usr/lib/libroken.so.7 (0x282ab000) libcom_err.so.2 => /usr/lib/libcom_err.so.2 (0x282ba000) libc.so.5 => /lib/libc.so.5 (0x282bc000) % Your cvs might be more static, but you should look closely to be sure. > Does cvs server need more binaries to work properly? Is there a way I can > run "cvs server" by hand from the chroot environment to simulate what my > client should be doing? Look at what 'cvs -t' does (for cvs 1.12.x you may use up to three '-t' options at once). Look at what the environment variable CVS_CLIENT_LOG provides (when given a prefix pathname it will create a .in and a .out that contains the conversation that occurs across the client/server connection). Read the doc/cvsclient.text file (or one of the generated output formats of it) to better understand the client/server protocol being used. At a guess, your cvs is not properly getting the 'server' argument right now somehow. If the client is using cvs -t :ext:host.dom.ain/path/to/repository then you should end up seing something like this output $CVS_RSH host.dom.ain $CVS_SERVER server where the values of $CVS_RSH may be replaced with 'ssh' or 'rsh' and $CVS_SERVER is probably replaced with 'cvs' Good luck, -- Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQFB6Bnd3x41pRYZE/gRAtwfAKCkxbZ9Wy81qw9j8hGbCqEOz8M/tACfaFs4 V+ayvTbqvwqZDG8+tkLLB8U= =goUj -----END PGP SIGNATURE----- _______________________________________________ Info-cvs mailing list [email protected] http://lists.gnu.org/mailman/listinfo/info-cvs
