[PD-dev] ACLs are in and ready to go
Hans-Christoph Steiner
hans at eds.org
Sat May 17 18:34:41 CEST 2003
So after a little suspense of installing a feature that has the power
to lock everyone out of the CVS, I am happy to say that cvs_acls is now
configured and working with a minimal set of ACLs (one really, just to
test it out).
Right now, cvs_acls defaults to 'avail', meaning default write access
for everything. Then we can lock down individual directories as
requested. I made an access list that restricts 'gem' to the GEM devs
to test this out (this directory is defunct anyway, no?). So if you
aren't cclepper, dheck, ggeiger, tigital, or zmoelnig then you should
see
"**** Access denied: Insufficient Karma (eighthave|gem)"
Here's an example session:
hans at sla:/<1>gem>cat > test
testing commitimg to gem. should be blocked
hans at sla:/<1>gem>cvs add test
cvs server: scheduling file `test' for addition
cvs server: use 'cvs commit' to add this file permanently
hans at sla:/<1>gem>cvs ci -m "testing ACLs" test
**** Access denied: Insufficient Karma (eighthave|gem)
cvs server: Pre-commit check failed
cvs [server aborted]: correct above errors first!
The next thing to do once we get used to the idea is to restrict access
to the ACL file to only the sourceforge admins, so people can't go in
and add themselves to the ACLs. I just wanted to make sure its working
fine before attempting something that has a decent likelyhood of
locking us out permanently if the right mistakes were made. (It would
require a SourceForge support request to fix it if we did get locked
out).
So send your ACL requests to me, and I'll start putting them in.
.hc
More information about the Pd-dev
mailing list