Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
Hi everybody,
I'm trying to limit the access to certain files for some users, but didn't
succeed so far.
First I tried on the following on the server (in some dir within the
repository): cvs chacl -u john -a nowrite bla.h
Hoping this would allow john to checkout/update "bla.h" but not commit it.
(first got an error about CVSROOT not being set - I never did any cvs
things on the server yet, only created a repository there using the gui and
used TortoiseCvs on client machines...)
Then it said:
>cvs chacl: in directory .:
>cvs [chacl aborted]: CVS directory without administration files
>present. Cannot continue until this directory is deleted or renamed.
When I tried "cvs lsacl", same thing. Is changing ACL stuff not supposed to
happen on the server?
I also tried on a client PC (where I use the cvs account "rogier"), and it
seemed to work now, when doing "cvs lsacl" afterwards I get this:
>Directory: .
>Owner: peter
>
><default>
> read
> write
> create
> tag
>File: bla.h
>
>user=john
> write(deny)
However... john can still commit changes to bla.h :(
Since all cvs users in our repository map to the same single Windows guest
account on the server ("CvsDummyUser"), I though maybe the rights refer to
real windows users rather than the 'virtual' cvs users in the passwd file..
so I did the same chacl command with CvsDummyUser instead of "john", but
still no difference.
On the server, the cvs\fileattr.xml file looked ok though (see also lsacl
result above which seemed all right)
Two questions:
- What am I doing wrong? :)
- Isn't it scary that clients can change the ACL rights, i.e. what prevents
a user from increasing his own rights to certain files?
Thanks a lot,
Rogier