Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Greg A. Woods
[ On Monday, January 19, 2004 at 15:43:35 (-0800), Mark wrote: ]
 Subject: Re: what's to stop a developer from nuking the repository?

 have unix command line users use :pserver:

That's really Really REALLY _B_A_D_ advice

There is absolutely _NO_ accountabilty or any other form of security in
pserver.  DO NOT _EVER_ USE PSERVER FOR NON-ANONYMOUS ACCESS

The right solution is to continue to follow good systems security
practices and to make sure all your users are aware of _all_ of your
security practices.

Backups are part of that solution.

Good solid authentication, authorisation, and accountability are also
part of that solution.

-- 
Greg A. Woods

+1 416 218-0098  VE3TCPRoboHack [EMAIL PROTECTED]
Planix, Inc. [EMAIL PROTECTED]  Secrets of the Weird [EMAIL PROTECTED]


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Claus Henriksen
Tirsdag den 20. januar 2004 09:33 skrev Greg A. Woods:
 [ On Monday, January 19, 2004 at 15:43:35 (-0800), Mark wrote: ]

  Subject: Re: what's to stop a developer from nuking the repository?
 
  have unix command line users use :pserver:

 That's really Really REALLY _B_A_D_ advice

 There is absolutely _NO_ accountabilty or any other form of security in
 pserver.  DO NOT _EVER_ USE PSERVER FOR NON-ANONYMOUS ACCESS

Has anybody made a long wishlist of things to be changed in pserver? 
I think the idea behind pserver is ok, but when I see these uppercase letters 
above I wonder what we could/should do about it if it should work properly. 

Or maybe just give the message DO NOT _EVER_ USE PSERVER FOR NON-ANONYMOUS 
ACCESS when you do a 'cvs login' ?  ;-)

Best regards,
  Claus GĂ„rde Henriksen



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Replacing the head revision

2004-01-20 Thread Alexander von Below
Hello,

this may be a newbie Q, so I apologize, but my reading of the 
Cederqvist did not help me...

I got a modified copy of my source back.

Now I want to replace me head revision with this code.

As I had troubles understanding versioning, my current code is in the 
branch VER_1-bt. I have (manually) updated this branch to the new 
source.

I would like to either:

1) Force update -j VER_1-bt to just replace, not merge, the branch or

2) Force import (as described on Cederqvist p. 79) not to merge.

Any ideas?

Thanks for your help!

Alex



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Frederic Brehm
At 04:15 AM 1/20/2004, Andy Jones wrote:
am I right in thinking that Greg's opinion does not reflect the majority 
view?
No.

And besides, Greg is one of the resident experts on CVS. Listen to him.

Fred

___
Frederic W. Brehm, Sarnoff Corporation, http://www.sarnoff.com/


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Geoff Beier
Andy Jones wrote:

Tirsdag den 20. januar 2004 09:33 skrev Greg A. Woods:

[ On Monday, January 19, 2004 at 15:43:35 (-0800), Mark wrote: ]


Subject: Re: what's to stop a developer from nuking the repository?

have unix command line users use :pserver:
That's really Really REALLY _B_A_D_ advice

There is absolutely _NO_ accountabilty or any other form of security in
pserver.  DO NOT _EVER_ USE PSERVER FOR NON-ANONYMOUS ACCESS
snip

Please forgive me if I am mistaken, and in any case I certainly don't want 
 to start a flame war, but am I right in thinking that Greg's opinion 
does not
 reflect the majority view?

I refuse to make any claims vis-a-vis a majority view, but I would say 
that his statement reflects a common opinion among folks who are 
concerned with security. pserver is unsuitable for anything other than 
anonymous, read-only access. Really. If you are using it for anything 
else, you are trusting your users to just be nice, in effect.

Regards,

Geoff

___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


CVS with SMB/Winbind Authentication

2004-01-20 Thread Dave Morrow

 Hi, I am not sure if this is the appropriate forum to post this message,
 and, if it is not, hopefully someone can point me in the right direction,
 I have been trying to find the generic users mailing list for CVS
 
 Anyhow, to my question.  I am attempting to use CVS with system
 authentication being handled by Winbind/Samba.  I know that Winbind and
 Samba are functioning correctly since I use this service for other things.
 Is there something special that must be done with CVS to make this
 function?
 
David Morrow
Systems Technical Lead, IT Operations
P: (519) 951-6079
F: (519) 451-6615
mailto: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 
 
..poor planning on your part does not make an emergency on my
part

 This message has originated from Autodata Solutions.  The attached material
is the Confidential and Proprietary Information of Autodata Solutions. This
email and any files transmitted with it are confidential and intended solely
for the use of the individual or entity to whom they are addressed. If you
have received this email in error please delete this message and notify the
Autodata system administrator at  [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] 





___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Andy Jones

At 04:15 AM 1/20/2004, Andy Jones wrote:
am I right in thinking that Greg's opinion does not reflect the majority view?

No.

And besides, Greg is one of the resident experts on CVS. Listen to him.

I didn't say that his point of view was not valid.  
I didn't say that he was wrong.
Please do not jump to conclusions.




___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: CVS with SMB/Winbind Authentication

2004-01-20 Thread Scott Moynes
Dave Morrow wrote:
Hi, I am not sure if this is the appropriate forum to post this message,
and, if it is not, hopefully someone can point me in the right direction,
I have been trying to find the generic users mailing list for CVS
Anyhow, to my question.  I am attempting to use CVS with system
authentication being handled by Winbind/Samba.  I know that Winbind and
Samba are functioning correctly since I use this service for other things.
Is there something special that must be done with CVS to make this
function?
There is a pam_winbind module from samba, but I think CVS will only use 
pam for authentication if run through ssh or rsh tunnels.

Hope that helps,
--
Scott Moynes


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


RE: what's to stop a developer from nuking the repository?

2004-01-20 Thread Jim.Hyslop
Andy Jones [mailto:[EMAIL PROTECTED] wrote:
 At 04:15 AM 1/20/2004, Andy Jones wrote:
 am I right in thinking that Greg's opinion does not reflect 
 the majority view?
It seems to me that the more one learns about computer security, the more
one tends to agree with Greg on this issue.

 No.
 
 And besides, Greg is one of the resident experts on CVS. 
  Listen to him.
 
 I didn't say that his point of view was not valid.  
 I didn't say that he was wrong.
 Please do not jump to conclusions.
Now you're the one jumping to conclusions ;=) Nobody accused you of saying
that Greg was wrong, or that his point of view was not valid.

-- 
Jim Hyslop 
Senior Software Designer 
Leitch Technology International Inc. (http://www.leitch.com/) 
Columnist, C/C++ Users Journal (http://www.cuj.com/experts) 



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Mike Echlin
[EMAIL PROTECTED] wrote:

Please forgive me if I am mistaken, and in any case I certainly don't want 
to start a flame war, but am I right in thinking that Greg's opinion does 
not reflect the majority view? 

   

I can't speak for the majority, but I pretty much agree with Greg.

Quibble time:  *if* you run cvs on a network you're sure is secure
and everybody on it can be absolutely trusted (to the point where you'd
be perfectly comfortable giving the root password to anybody who had an
actual need for it), pserver is usable.  It serves to prevent mistakes.
It may be slightly easier to set up than rsh, or it may not be.
However, if there is any shadow of doubt, then all pserver gives you
is anonymous access, since anybody who wants to do anything not directly
traceable to themselves can easily use somebody else's identity.
Given a valuable code base, and employees, I'd figure that the danger
of having a disgruntled employee is there, and I'd want to use something
more traceable than pserver.
 

90% of security risks are people inside your firewall. Either by 
accident or design the people you work with will cause the most loss of 
data or files from your repository (Mostly by accident.)
The only real way to protect your repository is by use of secure 
connections with ssh-tunneling and good backups.



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Larry Jones
[EMAIL PROTECTED] writes:
 
 Quibble time:  *if* you run cvs on a network you're sure is secure
 and everybody on it can be absolutely trusted (to the point where you'd
 be perfectly comfortable giving the root password to anybody who had an
 actual need for it), pserver is usable.  It serves to prevent mistakes.

I think that's still overstating the case.  If you run CVS on a network
where you can trust people enough that you're confortable running
telnet or rlogin, then pserver is fine.

-Larry Jones

It COULD'VE happened by accident! -- Calvin


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: CVS with SMB/Winbind Authentication

2004-01-20 Thread Steve McIntyre
On Tue, Jan 20, 2004 at 10:38:55AM -0500, Scott Moynes wrote:
Dave Morrow wrote:
Hi, I am not sure if this is the appropriate forum to post this message,
and, if it is not, hopefully someone can point me in the right direction,
I have been trying to find the generic users mailing list for CVS

Anyhow, to my question.  I am attempting to use CVS with system
authentication being handled by Winbind/Samba.  I know that Winbind and
Samba are functioning correctly since I use this service for other things.
Is there something special that must be done with CVS to make this
function?

There is a pam_winbind module from samba, but I think CVS will only use 
pam for authentication if run through ssh or rsh tunnels.

No, not at all. PAM support has been added to CVS in the 1.12
series. Check the docs for how to use it.

-- 
Steve McIntyre, Cambridge, UK.[EMAIL PROTECTED]
  Getting a SCSI chain working is perfectly simple if you remember that there
  must be exactly three terminations: one on one end of the cable, one on the
  far end, and the goat, terminated over the SCSI chain with a silver-handled
  knife whilst burning *black* candles. --- Anthony DeBoer


pgp0.pgp
Description: PGP signature
___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


RE: Ignore dirs/no-ext-files

2004-01-20 Thread Jim.Hyslop
Fabian Cenedese [mailto:[EMAIL PROTECTED] wrote:
 Is it possible with .cvsignore/CVSIGNORE/cvswrapper to ignore 
 a directory?
Yes, just put the directory name in a .cvsignore file, in the parent
directory of the directory you want to ignore.

 And as other variant: Can I make a rule for files without 
 extension? *. or
 just * didn't work.
Hmmm... I'm not sure how fancy the wildcard recognition is for .cvsignore. I
don't think it can handle this.

-- 
Jim Hyslop 
Senior Software Designer 
Leitch Technology International Inc. (http://www.leitch.com/) 
Columnist, C/C++ Users Journal (http://www.cuj.com/experts) 



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


RE: what's to stop a developer from nuking the repository?

2004-01-20 Thread Jim.Hyslop
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] wrote:
 *if* you run cvs on a network you're sure is secure
 and everybody on it can be absolutely trusted (to the point 
 where you'd
 be perfectly comfortable giving the root password to anybody 
 who had an
 actual need for it), pserver is usable.
That kind of secured network is becoming more and more rare, though. 

Even if you could trust all your users with the root password, these days
most corporate networks are connected to the Big Bad Internet.
Unfortunately, many companies use the Crunchy on the outside, soft and
chewy on the inside security model. All it takes is a single Trojan Horse
or a virus to get into a single computer inside your firewall, and your
entire network can be compromised.

-- 
Jim Hyslop 
Senior Software Designer 
Leitch Technology International Inc. (http://www.leitch.com/) 
Columnist, C/C++ Users Journal (http://www.cuj.com/experts) 



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Johnny Fulcrum
On Tue, 20 Jan 2004 11:03:38 -0500 (EST), Larry Jones 
[EMAIL PROTECTED] wrote:

[EMAIL PROTECTED] writes:
Quibble time:  *if* you run cvs on a network you're sure is secure
and everybody on it can be absolutely trusted (to the point where you'd
be perfectly comfortable giving the root password to anybody who had an
actual need for it), pserver is usable.  It serves to prevent mistakes.
I think that's still overstating the case.  If you run CVS on a network
where you can trust people enough that you're confortable running
telnet or rlogin, then pserver is fine.
I'd agree.  I'm not on the network/admin team at my place of employment, 
but I do admin cvs and other source code control utilities.  EVERYONE here 
uses telnet,rlogin and rsh, so it didn't really make sense for me to 
tighten up the pserver (over ssh) connections.

-Larry Jones

It COULD'VE happened by accident! -- Calvin

___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs




___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


RE: CVS with SMB/Winbind Authentication

2004-01-20 Thread Dave Morrow
Been there done that.  All the manual says it requires is pam_unix.so, I
have added lines to include winbind

My /etc/pam.d/cvs

auth   required /lib/security/$ISA/pam_unix.so
accountrequired /lib/security/$ISA/pam_unix.so
auth   required /lib/security/pam_winbind.so
accountrequired /lib/security/pam_winbind.so 


David Morrow
Systems Technical Lead, IT Operations
P: (519) 951-6079
F: (519) 451-6615
mailto: [EMAIL PROTECTED]
 
..poor planning on your part does not make an emergency on my
part

 This message has originated from Autodata Solutions.  The attached material
is the Confidential and Proprietary Information of Autodata Solutions. This
email and any files transmitted with it are confidential and intended solely
for the use of the individual or entity to whom they are addressed. If you
have received this email in error please delete this message and notify the
Autodata system administrator at  [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]



-Original Message-
From: Steve McIntyre [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, January 20, 2004 11:18 AM
To: Scott Moynes
Cc: Dave Morrow; '[EMAIL PROTECTED]'
Subject: Re: CVS with SMB/Winbind Authentication

On Tue, Jan 20, 2004 at 10:38:55AM -0500, Scott Moynes wrote:
Dave Morrow wrote:
Hi, I am not sure if this is the appropriate forum to post this 
message, and, if it is not, hopefully someone can point me in the 
right direction, I have been trying to find the generic users 
mailing list for CVS

Anyhow, to my question.  I am attempting to use CVS with system 
authentication being handled by Winbind/Samba.  I know that Winbind 
and Samba are functioning correctly since I use this service for other
things.
Is there something special that must be done with CVS to make this 
function?

There is a pam_winbind module from samba, but I think CVS will only use 
pam for authentication if run through ssh or rsh tunnels.

No, not at all. PAM support has been added to CVS in the 1.12 series. Check
the docs for how to use it.

-- 
Steve McIntyre, Cambridge, UK.
[EMAIL PROTECTED]
  Getting a SCSI chain working is perfectly simple if you remember that
there
  must be exactly three terminations: one on one end of the cable, one on
the
  far end, and the goat, terminated over the SCSI chain with a
silver-handled
  knife whilst burning *black* candles. --- Anthony DeBoer


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Adrian Crossley
Title: Re: what's to stop a developer from nuking the repository?





You should be making this choice (pserver or not) based on what security you want/need. Realistically this is going to be somewhere between perfection and better_than_I_had_already. Lets face it if you were using a shared writeable filestore before then CVS with pserver is a million times better.

Ade




__

This outgoing email was virus scanned for HESA by MessageLabs.
__

___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: What's to stop a developer from ...

2004-01-20 Thread Kaz Kylheku
hacking the CVS server with an axe, then setting fire to the whole
building?

You see, I'm evaluating the advantages and disadvantages of various
version control systems, so I'd like to know how secure CVS is.

:)



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Greg A. Woods
[ On Tuesday, January 20, 2004 at 10:06:32 (+0100), Claus Henriksen wrote: ]
 Subject: Re: what's to stop a developer from nuking the repository?

 Has anybody made a long wishlist of things to be changed in pserver? 

There is only one thing that can be changed:  the PSERVER code should be
entirely removed from CVS.

The the only sane alternative is to simplify it to the point that it
refuses to work unless the client is doing a read-only operation.

 I think the idea behind pserver is ok

No, it's not even a tiny bit OK.  It is the most lame excuse one can
imagine for any client/server protocol on a public network, especially
in this day.

CVS pserver shouldn't even be used for anonymous read-only access, at
least not if you care about the integrity of the data you send or
receive, though that particular issue is really more a matter of finger
pointing.  One can use RSH over a public network, but at least if a CVS
user uses RSH and then suffers as a result it's not the fault of CVS,
but rather the fault of the user having used RSH.

-- 
Greg A. Woods

+1 416 218-0098  VE3TCPRoboHack [EMAIL PROTECTED]
Planix, Inc. [EMAIL PROTECTED]  Secrets of the Weird [EMAIL PROTECTED]


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Greg A. Woods
[ On Tuesday, January 20, 2004 at 11:03:38 (-0500), Larry Jones wrote: ]
 Subject: Re: what's to stop a developer from nuking the repository?

 I think that's still overstating the case.  If you run CVS on a network
 where you can trust people enough that you're confortable running
 telnet or rlogin, then pserver is fine.

Telnet and rlogin and similar still provide on heck of a lot more
accountability (over a trusted network) than pserver could ever possibly
do.

If you have a trusted network and you do feel comfortable with telnet
and rlogin then USE THEM -- DO NOT USE PSERVER.

-- 
Greg A. Woods

+1 416 218-0098  VE3TCPRoboHack [EMAIL PROTECTED]
Planix, Inc. [EMAIL PROTECTED]  Secrets of the Weird [EMAIL PROTECTED]


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Greg A. Woods
[ On Tuesday, January 20, 2004 at 10:58:32 (-0500), Mike Echlin wrote: ]
 Subject: Re: what's to stop a developer from nuking the repository?

 90% of security risks are people inside your firewall.

Well, yes, though it depends on your threat models and exactly what
you're doing and how you're doing it.

In any case the biggest problem with pserver is that it precludes the
very possibility of having any real accountability.

There are very basic and fundamental reasons why every user _MUST_ have
a unique identity inside a computing system.

While pserver can maintain that uniqueness, it does nothing to prevent
users from forging their identity -- indeed it makes it trivial for
users to forge their identity.  Worse though pserver can just as easily
be configured to have no uniqueness of identity (which of course is no
big loss given its other failings, but still...).

 The only real way to protect your repository is by use of secure 
 connections with ssh-tunneling and good backups.

Those are part of the picture -- there's also a whole world of other
things that should be done to maintain a good secure computing
environment.

-- 
Greg A. Woods

+1 416 218-0098  VE3TCPRoboHack [EMAIL PROTECTED]
Planix, Inc. [EMAIL PROTECTED]  Secrets of the Weird [EMAIL PROTECTED]


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


CVS server running on NT

2004-01-20 Thread Sam Talebbeik
I need to install CVS on an NT box. According to the FAQ page on
cvshome.com the NT version of the CVS server is available at
http://www.cvsnt.org/ .

I have a few questions and I hope someone can help me answer them.

1) I have worked with Apache and all versions of the Apache can be obtrained
   from a single web site. Why is the CVS on NT offered through a different 
   web site? Are these folks the same team or a different development team
   than the cvshome.com ?

2) Is CVS NT from cvsnt.org a subset,a superset, or a very different version
   of the CVS offered on Linux and Unix ?

3) Is the email list [EMAIL PROTECTED] dedicated to mostly CVS on Linux/Unix ?
   I noticed that the cvsnt.org folks have their own separate email list.

   Sam

 


__
Do you Yahoo!?
Yahoo! Hotjobs: Enter the Signing Bonus Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Selectively enable branching rights

2004-01-20 Thread Purushotham Komaravolu
Hello,
 Can somebody tell me how to selectively give rights to a certain
set of users, the rights to branch etc.
Thanks
Puru


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread david
 [ On Tuesday, January 20, 2004 at 11:03:38 (-0500), Larry Jones wrote: ]
  Subject: Re: what's to stop a developer from nuking the repository?
 
  I think that's still overstating the case.  If you run CVS on a network
  where you can trust people enough that you're confortable running
  telnet or rlogin, then pserver is fine.
 
 Telnet and rlogin and similar still provide on heck of a lot more
 accountability (over a trusted network) than pserver could ever possibly
 do.

The key here is accountability, I think.  pserver has effectively no
accountability, and telnet/rlogin have some (as far as I know).
 
 If you have a trusted network and you do feel comfortable with telnet
 and rlogin then USE THEM -- DO NOT USE PSERVER.

The logic for using pserver over ssh would be that it's harder to set
ssh up right.  Not a really compelling reason, but it's all I can think
of.  However, setting rsh up is as trivial as setting pserver up, so
I'd have to agree here.
 
-- 
Now building a CVS reference site at http://www.thornleyware.com
[EMAIL PROTECTED]



___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: Replacing the head revision

2004-01-20 Thread Alexander von Below
Hi Jim, all

thanks for the answer so far, hope I am not getting on everybodys 
nerves here...

First, are you absolutely certain that you do *not* want to merge this 
file?
Copying a file from a branch to a trunk is an unusual action.
I am not completely sure, but this is what happened: Not understanding 
branches as well as I should, I created two branches, VER_1-bt and 
VER_2-bt. VER_2-bt is to be stuff for the next release, at some point, 
I would like to merge that, but not now.

I continued to work not in the head (because I misunderstood branches 
and stuff), but in VER_1-bt.
So what I have in VER_1-bt is, de facto, the current, QA'ed, released 
and shipping version. (A copy of it also resides somewhere else on my 
disk.). What's in the head is pretty irrelevant to me at this point 
(The VER_2-bt branch is a different matter, but it does not get touched 
here)

To me, it looks like I want to replace the head version, especially as 
cvs complains about each and every $Revision$ keyword. Of course they 
differ, but can't vim handle that when I do a merge? If not, which 
revision number should I keep in the file? Or throw them out 
altogether?

I would appreciate any further hints you have. I will read the 
documentation on the commands, and I have read the Cederqvist. But 
links to other tutorials would be appreciated.

Thanks

Alex

Am 20.01.2004 um 17:19 schrieb Jim.Hyslop:

Alexander von Below [mailto:[EMAIL PROTECTED] wrote:
this may be a newbie Q, so I apologize, but my reading of the
Cederqvist did not help me...
I got a modified copy of my source back.

Now I want to replace me head revision with this code.

As I had troubles understanding versioning, my current code is in the
branch VER_1-bt. I have (manually) updated this branch to the new
source.
First, are you absolutely certain that you do *not* want to merge this 
file?
Copying a file from a branch to a trunk is an unusual action.

cvs update -A filename
cvs update -p -r VER_1-bt filename  filename
should do it.

Make sure you understand what the above commands do before you use 
them.

--
Jim Hyslop
Senior Software Designer
Leitch Technology International Inc. (http://www.leitch.com/)
Columnist, C/C++ Users Journal (http://www.cuj.com/experts)


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread johnny fulcrum
On Tue, 20 Jan 2004 14:08:45 -0500 (EST), Greg A. Woods [EMAIL PROTECTED] 
wrote:

[ On Tuesday, January 20, 2004 at 11:03:38 (-0500), Larry Jones wrote: ]
Subject: Re: what's to stop a developer from nuking the repository?

I think that's still overstating the case.  If you run CVS on a network
where you can trust people enough that you're confortable running
telnet or rlogin, then pserver is fine.
Telnet and rlogin and similar still provide on heck of a lot more
accountability (over a trusted network) than pserver could ever possibly
do.
Is there more than one way to run Pserver?  All my pserver users have 
accounts on the unix box (err unix network) and they have to suplly a 
username and password to cvs login (most of them are wincvs users).

how does this not give the same accountability as telnet or rlogin?  
everything they do has their username/group on it (commits adds etc)

Maybe I missed the boat somewhere, but I don't get how this is different 
than if they werre on the box using local cvs commands and no pserver 
connection.

If you have a trusted network and you do feel comfortable with telnet
and rlogin then USE THEM -- DO NOT USE PSERVER.


--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: CVS server running on NT

2004-01-20 Thread Mark D. Baushke
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Sam Talebbeik [EMAIL PROTECTED] writes:

 I need to install CVS on an NT box. According to the FAQ page on
 cvshome.com the NT version of the CVS server is available at
 http://www.cvsnt.org/ .
 
 I have a few questions and I hope someone can help me answer them.
 
 1) I have worked with Apache and all versions of the Apache can be obtrained
from a single web site. Why is the CVS on NT offered through a different 
web site? 

Because it is a port to NT which does a very good job of working within
the NT framework including a very nice GUI. There is a Windows client
version of cvs (a command-line cvs.exe) available, but most of the
cvshome.org developers do not spend much time doing anything with
windows.

If you need or want a server for NT, then you will want to use the
CvsNT.org version of NT.

Are these folks the same team or a different development team
than the cvshome.com ?

No, they are a different team.

 2) Is CVS NT from cvsnt.org a subset,a superset, or a very different version
of the CVS offered on Linux and Unix ?

The CvsNT.org version of cvs interoperates with the cvshome.org version
of cvs. The cvsnt.org folks have a few extensions that are not (yet)
supported on cvshome.org and are missing a few that have recently been
added.

 3) Is the email list [EMAIL PROTECTED] dedicated to mostly CVS on Linux/Unix ?

Well, some questions get answered for both versions on the
[EMAIL PROTECTED] those that deal with the intersection of features
between the two versions could be answered by either group.

I noticed that the cvsnt.org folks have their own separate email list.

Yes, I believe that is a 'better' place to ask your NT specific questions.

-- Mark
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.3 (FreeBSD)

iD8DBQFADc903x41pRYZE/gRAujjAKCFepyGBCCD5fuRX3foFY9ySrQgMQCgpY7h
Zwr72QOt5LpuRPLiHw/id4g=
=RVAQ
-END PGP SIGNATURE-


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs


Re: what's to stop a developer from nuking the repository?

2004-01-20 Thread Greg A. Woods
[ On Tuesday, January 20, 2004 at 14:18:53 (-0500), Larry Jones wrote: ]
 Subject: Re: what's to stop a developer from nuking the repository?

 Greg A. Woods writes:
  
  Telnet and rlogin and similar still provide on heck of a lot more
  accountability (over a trusted network) than pserver could ever possibly
  do.
 
 I disagree.

Well you're free do disagree of course, but you are _very_ wrong.

Rsh (and telnet, though one can't use telnet as-is for CVS) provide
almost infinitely more accountability (over a trusted network) than CVS
with pserver alone could ever possibly manage.  If this isn't
self-obvious to you then you really need to study basic trusted
computing and how it's been applied and realized (to the extent that it
can be realized) in the traditional Unix environment.

(oh, and of course I mean to imply that this comparison is with normal
Unix-like hosts as both client and server)

(keep in mind that RSH can be trivially used with even more trust over a
host-based IPsec VPN too)

-- 
Greg A. Woods

+1 416 218-0098  VE3TCPRoboHack [EMAIL PROTECTED]
Planix, Inc. [EMAIL PROTECTED]  Secrets of the Weird [EMAIL PROTECTED]


___
Info-cvs mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/info-cvs