CVS Source Server Setup

Setting Up A Source Server

One nice advantage of CVS is that the source code on a server can be made available across the net to all and sundry. This, of course, introduces security concerns, but most of those can be alleviated by using something like ssh which uses encryption for authentication and also encrypts the traffic using the connection.

Remote operation involves starting a remote shell to execute commands on the server machine. When CVS operations take place, a remote login is initiated, and the commands are sent to server machine to execute. Typically this involves using the cvs program on the server machine to perform the desired operations. But this is all hidden from the user. See below for details.

Creating A Source Server

The following steps are a guide to creating a source server. This is how I did it - you may or may not want to do all of these operations as described. These instructions also assume you are using Linux 2.0.x. Some of the features used may not be available on other platforms.

Create cvs Group
Create a new user to be the owner of the CVS repository. In my case, this was cvs, and this id will be used throughout. This account is not used, and so the password should be made invalid. Specifically, only the group ID is used anyway. This group will be used to provide access to the CVS repository, and will be the GID for all the files in there.

Create Source Repository Directory
Decide where the CVS repository will be located, for instance /usr/src/CVS. Set the owner of this directory to cvs, then set the directory to propgate the group ID when adding files or directories. This is required to ensure access to all. The above is performed using the following steps (in this order!):

mkdir /usr/src/CVS
chown cvs.cvs /usr/src/CVS
chmod 2770 /usr/src/CVS

Create CVSROOT Directory
CVS requires a directory to contain various files. It seems to be unable to create this file, so do it now.

mkdir /usr/src/CVS/CVSROOT
chown cvs /usr/src/CVS/CVSROOT
chmod 2775 /usr/src/CVS/CVSROOT

User Access
To allow access to these files for remote users, you must ensure that they can login (via ssh or rsh, for instance). This requires they have an account on the machine. And for ssh, there are some other steps also required. In the user's home directory, there must be a .rhosts file, and the home directory itself must not allow any access to others, including the group!

For instance, to let user fred have access to the CVS repository, the following steps would suffice. Assume that fred will have access from the machine fred.company.org.

cd /home/fred
chmod 700 .
echo "fred.company.org fred" >> .rhosts
chmod 400 .rhosts

And (important) add user fred to the cvs entry in the file /etc/group. This is an important step, otherwise the user will not have access to the repository. Thus, the /etc/group file would have an entry like

cvs::1234:cvs,fred