Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
On Wed, 7 Mar 2007 21:53:06 +0100, jurgen.depicker at let.be wrote: >Dear all, >Is there anyone out there who knows how to solve this problem: >I set up security on my ubuntu cvs server using cvsnt's acls. But of >course (or at least: of course to me...) viewvc (or viewcvs) doesn't care >about my ACLs. Anyone any ideas about how to solve this? >I read something about an apache module authenticating against >/etc/shadow. But then I would need to set up everywhere .htaccess files >based on the fileatr.xml files of cvsnt. So it must be possible to do >this with a script ruinning via a cron job. But it seems like a big >headache. Maybe one of you knows about a more elegant solution? >Thanks!! >Jürgen. ViewCVS (or as it is now named ViewVC) works by reading the RCS repository files directly on the server. It uses the RCS functions in CVSNT to do so in order to parse the new stuff that CVSNT has added to the RCS files and which the GNU RCS tools are unable to parse. BUT, when doing so it is not acting as any particular user and it does not go through the CVSNT service with a particular protocol that would authenticate a user to CVSNT. Therfore the built-in ACL system in CVSNT is totally bypassed. I don't know if the ViewVC project works towards fixing this now, but I doubt it very much since they switched their focus towards SubVersion about 1.5 years ago. That is when I stopped following their activities. I am now using ViewCVS from mid-2005, which works as described above and is OK for our needs. BTW is there any special gotchas to install CVSNT into Ubuntu? If I remember correctly it does not respect rpm packages.... HTH /Bo (Bo Berglund, developer in Sweden)