NAME
App::adminguide::cvs - Administration Guide for CVS
DESCRIPTION
The following is a list of installation stories for installing CVS correctly.
REFERENCES
CVS Home Page
- https://www.cvshome.org/
Configuration of xinetd
- http://www.sugoi.org/bits/index.php?bit_id=32
CVS INSTALLATION : 2004-08-06 : REDHAT LINUX
I wanted to move a CVS installation from a server we were decommissioning to a new server, and I wanted to get two things right this time (which I had neglected the first time around).
* cvspserver not running as root
* cvs using a CVS passwd file, not /etc/passwdFurthermore, the old installation was on Solaris 2.7 which used an inetd configuration. My new installation would by on RedHat Linux 9 (2.4.21 kernel).
CVS software installation
I checked the version of CVS installed on the system.
cvs --version
rpm -q cvsand found I had version 1.11.2 installed. I checked the CVS home page, and it alerted me to a vulnerability in CVS if this were exposed to the internet (which I had some sense I might do).
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396So I had to install 1.11.16 or greater (1.11 series) or 1.12.8 or greater (1.12 series). The latest releases are 1.12.9 and 1.11.17. I decided to go with an rpm installation rather than a source-based installation. I decided to go with the 1.11 series, which cvshome.org says is the "stable" version rather than the 1.12 version which cvshome.org says is an incremental feature version.
su -
cd /root
mkdir rpm
cd rpm
wget ftp://rpmfind.net/linux/fedora/core/updates/2/i386/cvs-1.11.17-2.i386.rpm
rpm --upgrade cvs-1.11.17-2.i386.rpmBut then "cvs --version" caused the following error.
cvs: relocation error: cvs: undefined symbol: GSS_C_NT_HOSTBASED_SERVICESo I decided to go with the RPM from cvshome.org rather than from Fedora.
wget https://ccvs.cvshome.org/files/documents/19/360/cvs-1.11.17-1.i386.rpm
rpm --upgrade cvs-1.11.17-1.i386.rpmThis gave me the following error.
package cvs-1.11.17-2 (which is newer than cvs-1.11.17-1) is already installedSo I did
rpm --upgrade --force cvs-1.11.17-1.i386.rpmand that did the trick, as verified by
rpm -q cvs
cvs --versionIf that had not worked, I would have compiled my own version from sources, but I would have to be sure to use ./configure --prefix=/usr so that the binaries would overwrite the installed binaries rather than creating another version in /usr/local.
Somewhere else I read that I need to set the setgid bit on the cvs binary.
chmod 2755 /usr/bin/cvsUsers and Groups
We use NIS, so I verified that we have both the cvs user and group defined.
ypcat passwd | grep cvs
ypcat group | grep cvsOtherwise, I would have verified that in the /etc/passwd and /etc/group files and created them if necessary.
CVSROOT
I chose /usr/mycompany/cvs (where "mycompany" is replaced with a name for our company) for all CVS files (i.e. CVSROOT).
cd /usr/mycompany
mkdir cvs
chown cvs cvs
chgrp cvs cvs
chmod 775 cvs
chmod g+s cvsWe use Bash and Korn shell, so I added the following lines to "/etc/profile" so that the CVSROOT variable is available to all users.
CVSROOT=/usr/mycompany/cvs
export CVSROOTThen I ran the same commands in my current shell to set CVSROOT for the current session.
Initializing the CVS Repository
I initialized the CVS Repository (/usr/mycompany/cvs).
su - cvs
cvs initThen I created the CVS password file.
cd ~
mkdir src
cd src
cvs co CVSROOT
cd CVSROOT
touch passwd
cvs add passwd
cvs update
cvs commit -m "new" passwd
vi checkoutlist
# add "passwd" as the last line
cvs commit -m "added passwd to list of CVSROOT files" checkoutlistThen exit as the "cvs" user.
exitInstalling cvspasswd and adding users
I got it from here.
http://www.sugoi.org/bits/download/cvspasswdBut I put it in a distribution on CPAN called App-admin. So you can install it this way.
perl -MCPAN -e "install App-admin"In any case, make sure it is in your path (i.e. /usr/local/bin). Then add users.
cvspasswd joe joespw7
cvspasswd mike m1k31sgr3a7
cvspasswd nellie whoa_Configure xinetd
On Solaris, I just needed to add a line to /etc/inetd.conf which looked like this. (This configures "inetd", the internetworking daemon.)
cvspserver stream tcp nowait root /usr/bin/cvs cvs --allow-root=/usr/mycompany/cvs pserverHowever, on Linux I have to configure xinetd (an enhanced version of "inetd").
cd /etc/xinetd.d
vi cvsI put the following in the file, with my server's actual IP address instead of "10.10.10.10".
service cvspserver
{
disable = no
socket_type = stream
wait = no
user = cvs
group = cvs
log_type = FILE /var/log/cvspserver
protocol = tcp
env = '$HOME=/usr/mycompany/cvs'
bind = 10.10.10.10
log_on_failure += USERID
port = 2401
server = /usr/bin/cvs
server_args = -f --allow-root=/usr/mycompany/cvs pserver
}Then I restart xinetd.
pkill -HUP xinetdVerification
Then I went to another server on the network.
cd ~
mkdir src
cd src
cvs -d :pserver:mike@cvshost:/usr/mycompany/cvs login
cvs -d :pserver:mike@cvshost:/usr/mycompany/cvs co CVSROOT
# it worked great, so I can remove it ...
rm -rf CVSROOTMoving the CVS data
I now had to move the data from my old CVS server.
ssh oldcvshost
su -
cd /usr/mycompany/cvs
find project1 project2 project3 -print | cpio -ocv | gzip > cvs.cpio.gz
scp cvs.cpio.gz mike@cvshost:.
ssh mike@cvshost
su -
cd /usr/mycompany/cvs
mv ~mike/cvs.cpio.gz .
gunzip < cvs.cpio.gz | cpio -idcuvm