From a59ad5c2114d7f6e01a4a6c5fafb007ae7f8e4a1 Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Sun, 8 Jun 2003 05:09:07 +0000 Subject: anonymous CVS server from OpenBSD --- anoncvs.shar | 634 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 634 insertions(+) create mode 100644 anoncvs.shar diff --git a/anoncvs.shar b/anoncvs.shar new file mode 100644 index 0000000..d7fb7a0 --- /dev/null +++ b/anoncvs.shar @@ -0,0 +1,634 @@ +# This is a shell archive. Save it in a file, remove anything before +# this line, and then unpack it by entering "sh file". Note, it may +# create directories; files and directories will be owned by you and +# have default permissions. +# +# This archive contains: +# +# Makefile +# README +# anoncvssh.c +# +echo x - Makefile +sed 's/^X//' >Makefile << 'END-of-Makefile' +X#CVSROOT=anoncvs@anoncvs1.usa.openbsd.org:/cvs +XPROG= anoncvssh +XBINOWN= root +XBINMODE=4111 +XBINDIR=/open +XNOMAN= +X +X.include +X +END-of-Makefile +echo x - README +sed 's/^X//' >README << 'END-of-README' +X +X So, you want to run an anoncvs server. +X +X A summary of the steps you'll need to do is: +X +X1) Find enough disk space to hold the anoncvs tree, and mount it in an +X appropriate place. +X +X2) Compile and install anoncvssh, the shell used for the anoncvs user. +X ( If you aren't using OpenBSD you'll probably need to compile a sup +X client as well. The easier path is to use OpenBSD ;) +X +X3) Add the anoncvs user to the password file, with no password, and +X anoncvssh as it's shell. Decide on a user that will run sup to maintain +X the archive (this is a different user, NOT the anoncvs user) +X +X4) Make a home directory for the anoncvs user. The anoncvs user's +X home directory is a chroot jail in which the anoncvssh processes +X run when servicing anoncvs requests. The jail must contain the +X cvs binary as well as whatever shared libraries and support files +X are needed to run them unless you compile and link everything +X staticly. This example shows what is needed for OpenBSD. If you +X use another platform you'll need to be familiar with what needs +X to go in a chroot jail for your platform. +X +X5) Get permission to use sup to obtain the cvs tree from a server. +X +X6) Set up sup to retrieve the cvs tree from an appropriate place. +X (If you aren't using OpenBSD you will need to compile and install +X a sup client). +X +X7) Run sup to retrieve the distribution from the server +X +X8) Once you get the distribution in, set up a cron job to run sup +X periodically to keep your server up to date. +X +X********************************************************************** +XSTEP 1) find enough disk space. +X You need roughly 1.6GB. +X Mount it on /open. +X If you are not able to mount it as /open, substitute it's location +X throughout the rest of this description. +X +X********************************************************************** +XSTEP 2) compile the anoncvssh binary +X In the Makefile, change the variable CVSROOT +X Install the binary setuid-root in /open/anoncvssh. +X +X********************************************************************** +XSTEP 3) Create the anoncvs account. and decide who will run "sup" +X to maintain the archive. The anoncvs account should *NOT* be the one +X running sup to maintain the archive. +X +Xcreate an account similar to: +X +X anoncvs::32766:32766:Anonymous CVS User:/open/anoncvs:/open/anoncvssh +X +XYes, that is right. the account has no password. Be sure that the +Xuid and gid are unique for your system, if the ones above aren't, +Xpick different values. +X +XDecide who will run sup to maintain the archive. call that user +X$SUPUSER. Oh, and in case it hasn't been previously mentioned, +X$SUPUSER should *NOT* be the anoncvs user :) +X +X********************************************************************** +XSTEP 4) Build the anoncvs user's home directory chroot jail. This +X example assumes that you're using OpenBSD. If you're not you +X may need different files in the chroot. +X +Xmkdir /open/anoncvs +Xmkdir /open/anoncvs/cvs +Xmkdir /open/anoncvs/sup +Xchown -R $SUPUSER /open/anoncvs/cvs /open/anoncvs/sup /open/anoncvs +X +XStart filling the account up with nice stuff. You are building a chroot +Xjail for anoncvs in /open/anoncvs. +X +X cd /open/anoncvs +X touch .hushlogin +X touch .profile +X +XPut a message like the following in .plan: +X To use anonymous CVS install the latest version of CVS on your local +X machine. +X Then set your CVSROOT environment variable to the following value: +X anoncvs@anoncvs.openbsd.org:/cvs +X +X chown root:wheel .hushlogin .profile .plan +X +X mkdir bin dev tmp usr var etc +X cp /bin/{cat,pwd,rm,sh} bin/ +X +XUsing mknod, make a dev/null that has the same major/minor numbers as +X your /dev/null, and make it mode 666. +X +XSome shared library systems require a dev/zero created in the same way +X +XFill etc space for the account +X cp /etc/{group,hosts,passwd,protocols} etc/ +X cp /etc/{pwd.db,resolv.conf,services,ttys} etc/ +X modify these files to suit your idea of system security +X +Xanoncvssh (by setting the environment variable CVSREADONLYFS) uses +Xan tiny extension provided in the openbsd cvs server code which +Xpermits the use of read-only cvs repositories. therefore you MUST +Xcompile the openbsd version of cvs. luckily this is not a problem +Xon a non-openbsd machine since the cvs sources are imported verbatim +Xinto the openbsd tree. they are in gnu/usr.bin/cvs. The sources +Xare integrated such that Makefile.bsd-wrapper knows how to build +Xthe sources on an OpenBSD machine, using obj directories. +X +XCreate tmp space for the account +X # cd var; ln -s ../tmp tmp +X # chmod a+rwx tmp +X +X # mkdir usr/{bin,lib} +X # cp /usr/bin/cvs usr/bin/ +X +XIf your system has ld.so in /usr/libexec, +X # mkdir usr/libexec +X # cp /usr/libexec/ld.so usr/libexec/ +X +XIf using shared libraries, use ldd to find out which shared libs you need: +X # ldd /usr/bin/cvs +X /usr/bin/cvs: +X -lz.1 => /usr/lib/libz.so.1.4 (0x40097000) +X -lgssapi.1 => /usr/lib/libgssapi.so.1.0 (0x400a4000) +X -lkrb.10 => /usr/lib/libkrb.so.10.0 (0x400ae000) +X -lkrb5.4 => /usr/lib/libkrb5.so.4.0 (0x400c8000) +X -lasn1.2 => /usr/lib/libasn1.so.2.0 (0x400ff000) +X -lcrypto.6 => /usr/lib/libcrypto.so.6.0 (0x4011d000) +X -ldes.7 => /usr/lib/libdes.so.7.0 (0x40203000) +X -lkafs.10 => /usr/lib/libkafs.so.10.0 (0x4020d000) +X -lc.28 => /usr/lib/libc.so.28.5 (0x40210000) +X +X and then copy the required libraries to usr/lib/ +X +XAs a final pass, make sure that all the files you have just created are +Xnot world writable (except dev/null). +X +XFor :pserver: support (optional) +X - Create an entry in /etc/services +X cvspserver 2401/tcp # CVS client/server operations +X - Create an entry in /etc/inetd.conf +X cvspserver stream tcp nowait anoncvs /open/anoncvssh anoncvssh pserver +X - Create a file /open/anoncvs/cvs/CVSROOT/passwd with the following entry +X anoncvs:AHDysQkJIubEc +X which would be a password of "anoncvs" (as per anoncvs.html) +X - Create a file /open/anoncvs/cvs/CVSROOT/readers with a single entry: +X anoncvs +X which tells cvs that user "anoncvs" is allowed readonly access. +X - Create a zero-length file /open/anoncvs/cvs/CVSROOT/writers since you don't +X want anyone to be able to write to the mirror. +X % cp /dev/null /open/anoncvs/cvs/CVSROOT/writers +X +XSee the example layout below for full details. +X +X********************************************************************** +XSTEP 5): Get sup permission. +Xsend mail to sup@openbsd.org +X1) to have sup permissions granted on an appropriate machine for you +X to sup from. We will need to know your host's real hostname and +X IP address. +X2) to have an anoncvsN.COUNTRY.openbsd.org alias created +X3) to have your site mentioned in the http://www.openbsd.org page. +X +X********************************************************************** +XSTEP 6): Configure sup +X +XIf you're running OpenBSD, you already have a sup client in +X/usr/bin/sup. If not you may need to build it. On an IRIX or other +XSYSV machine, ensure that your kernel does not allow a user to chown +Xa file to another user (You may have heard of this particular brand +Xof evil referred to as "chown giveaway"). this will cause sup to +Xgive away the files to root before chmod'ing them readable. +Xmichaels@openbsd.org knows how to fix this. +X +XThe file /open/anoncvs/sup/ss contains a line that tells sup where +Xto get the cvs tree from. it will normally contain: +X +X cvs host=anoncvs.ca.openbsd.org hostbase=/usr/OpenBSD base=/open/anoncvs delete +X +XThe file /open/anoncvs/sup/cvs/refuse tells sup what files it should not get. +XIt should contain the following lines: +X +X cvs/CVSROOT/history +X cvs/CVSROOT/readers +X cvs/CVSROOT/writers +X cvs/CVSROOT/passwd +X +Xif you ever fetch the file cvs/CVSROOT/history, delete it. it will +Xcause you problems. +X +X********************************************************************** +XSTEP 7): Run sup to retrieve the tree for the first time +X +XLog in as or become the $SUPUSER, and run +X +Xsup -v /open/anoncvs/sup/ss > /tmp/suplog &; tail -f /tmp/suplog +X +XIf you have sup permission, and have specified the correct host and +Xhostbase in /open/anoncvs/sup/ss you should see a list of files start +Xcoming in after a short while. Don't panic if nothing happens +Ximmediately. Watch for errors (sup can timeout or die). If you can't +Xaccess files contact the sup server maintainer, If you get a timeout +Xor if sup dies you can restart and it should continue where it left off. +X +XIt can take a good while (and a couple of restarts) to obtain the +Xwhole tree for the first time. +X +X********************************************************************** +XSTEP 8): Set up cron to keep the tree up to date. +X +XYou run sup periodically from the cron by setting up the crontab file +Xof the $SUPUSER. +X +XFor example: To run every three hours 'sup -v supfile', and thrice +Xweekly 'sup -vo supfile' .. because sup is not reliable .. +X +X0 0,3,6,9,12,15,18,21 * * 0,2,4,5 sup -v /open/anoncvs/sup/ss > /dev/null +X0 0,12,15,18,21 * * 1,3,6 sup -v /open/anoncvs/sup/ss > /dev/null +X0 3 * * 1,3,6 sup -vo /open/anoncvs/sup/ss > /dev/null +X +Xanoncvs5.usa.openbsd.org uses this particular set of entries. A `sup +X-o' is done every few days because sup is not very robust. +X +X********************************************************************** +XEXAMPLE LAYOUT +X +XExample layout for OpenBSD. In this example "deraadt" is the $SUPUSER. +X +X[eap open 5 ]> cd /open +X[eap open 6 ]> ls -alF +Xtotal 46 +Xdrwxr-xr-x 7 root wheel 512 Feb 20 09:58 ./ +Xdrwxr-xr-x 17 root wheel 512 Jun 14 14:05 ../ +Xdrwxr-xr-x 9 root wheel 512 Jan 3 21:55 anoncvs/ +X---s--x--x 1 root bin 16384 Nov 30 1995 anoncvssh* +Xlrwxr-xr-x 1 root wheel 11 Jan 3 21:52 cvs@ -> anoncvs/cvs +Xdrwxr-xr-x 5 root wheel 512 Feb 22 13:22 ftp/ +Xdrwxrwxrwt 2 anoncvs wheel 1024 Jan 1 13:18 lost+found/ +Xdrwxr-xr-x 4 root wheel 512 Nov 30 1995 src/ +Xdrwxrwxr-x 3 deraadt wheel 512 Dec 4 1995 sup/ +X[eap open 7 ]> cd anoncvs +X[eap anoncvs 8 ]> ls -alF +Xtotal 20 +Xdrwxr-xr-x 9 root wheel 512 Jan 3 21:55 ./ +Xdrwxr-xr-x 7 root wheel 512 Feb 20 09:58 ../ +X-r--r--r-- 1 root wheel 0 Nov 30 1995 .hushlogin +X-r--r--r-- 1 root wheel 188 Nov 30 1995 .plan +X-r--r--r-- 1 root wheel 0 Nov 29 1995 .profile +Xdrwxrwxr-x 2 deraadt wheel 512 Nov 29 1995 bin/ +Xdrwxrwxr-x 6 deraadt cvs 512 Jun 16 20:28 cvs/ +Xdrwxr-xr-x 2 root wheel 512 Nov 30 1995 dev/ +Xdrwxr-xr-x 2 root wheel 512 Nov 29 1995 etc/ +Xdrwxrwxrwx 3 root wheel 512 Jun 22 07:42 tmp/ +Xdrwxr-xr-x 5 deraadt wheel 512 Nov 30 1995 usr/ +Xdrwxr-xr-x 2 root wheel 512 Jan 3 21:55 var/ +X[eap anoncvs 8 ]> ls -alFR bin usr tmp etc dev +Xbin: +Xtotal 948 +Xdrwxrwxr-x 2 deraadt wheel 512 Nov 29 1995 ./ +Xdrwxr-xr-x 9 root wheel 512 Jan 3 21:55 ../ +X--wx--x--x 1 deraadt wheel 40960 Jun 18 09:45 cat* +X--wx--x--x 1 deraadt wheel 40960 Jun 18 09:45 pwd* +X--wx--x--x 1 deraadt wheel 122880 Jun 18 09:45 rm* +X--wx--x--x 1 deraadt wheel 262144 Jun 18 09:45 sh* +X +Xdev: +Xtotal 4 +Xdrwxr-xr-x 2 root wheel 512 Nov 30 1995 ./ +Xdrwxr-xr-x 9 root wheel 512 Jan 3 21:55 ../ +Xcrw-rw-rw- 1 root wheel 2, 2 Nov 30 1995 null +X +Xetc: +Xtotal 112 +Xdrwxr-xr-x 2 root wheel 512 Nov 29 1995 ./ +Xdrwxr-xr-x 9 root wheel 512 Jan 3 21:55 ../ +X-rw-r--r-- 1 root wheel 252 Nov 29 1995 group +X-rw-r--r-- 1 root wheel 296 Nov 29 1995 hosts +X-rw-r--r-- 1 root wheel 540 Nov 29 1995 passwd +X-rw-r--r-- 1 root wheel 1094 Nov 29 1995 protocols +X-rw-r--r-- 1 root wheel 40960 Nov 29 1995 pwd.db +X-rw-r--r-- 1 root wheel 89 Nov 29 1995 resolv.conf +X-rw-r--r-- 1 root wheel 5529 Nov 29 1995 services +X-rw-r--r-- 1 root wheel 1361 Nov 29 1995 ttys +X +Xusr: +Xtotal 10 +Xdrwxr-xr-x 5 deraadt wheel 512 Nov 30 1995 ./ +Xdrwxr-xr-x 9 root wheel 512 Jan 3 21:55 ../ +Xdrwxr-xr-x 2 deraadt wheel 512 Nov 30 1995 bin/ +Xdrwxr-xr-x 2 deraadt wheel 1024 Jun 18 09:50 lib/ +Xdrwxr-xr-x 2 deraadt wheel 512 Nov 29 1995 libexec/ +X +Xusr/bin: +Xtotal 1968 +Xdrwxr-xr-x 2 deraadt wheel 512 Nov 30 1995 ./ +Xdrwxr-xr-x 5 deraadt wheel 512 Nov 30 1995 ../ +X--wx--x--x 1 deraadt wheel 317787 Jun 18 09:46 cvs* +X +Xusr/lib: +Xtotal 5594 +Xdrwxr-xr-x 2 deraadt wheel 1024 Jun 18 09:50 ./ +Xdrwxr-xr-x 5 deraadt wheel 512 Nov 30 1995 ../ +X-rw-r--r-- 1 deraadt wheel 351730 Jun 18 09:50 libasn1.so.2.0 +X-rw-r--r-- 1 deraadt wheel 351730 Jun 18 09:50 libc.so.28.5 +X-rw-r--r-- 1 deraadt wheel 16608 Jun 18 09:50 libcrypto.so.6.0 +X-rw-r--r-- 1 deraadt wheel 44424 Jun 18 09:50 libdes.so.7.0 +X-rw-r--r-- 1 deraadt wheel 16665 Jun 18 09:50 libgssapi.so.1.0 +X-rw-r--r-- 1 deraadt wheel 86198 Jun 18 09:50 libkafs.so.10.0 +X-rw-r--r-- 1 deraadt wheel 42254 Jun 18 09:50 libkrb.so.10.0 +X-rw-r--r-- 1 deraadt wheel 66099 Jun 18 09:50 libkrb5.so.4.0 +X-rw-r--r-- 1 deraadt wheel 387976 Jun 18 09:50 libz.so.1.4 +X +Xusr/libexec: +Xtotal 100 +Xdrwxr-xr-x 2 deraadt wheel 512 Nov 29 1995 ./ +Xdrwxr-xr-x 5 deraadt wheel 512 Nov 30 1995 ../ +X-rwxr-xr-x 1 deraadt wheel 49152 Jun 18 09:47 ld.so* +X +X[eap anoncvs 14 ]> ls cvs +XCVSROOT/ src/ sup/ www/ +X[eap anoncvs 15 ]> cd /open +X[eap anoncvs 16 ]> ls -alF sup +Xtotal 8 +Xdrwxrwxr-x 3 deraadt wheel 512 Dec 4 1995 ./ +Xdrwxr-xr-x 7 root wheel 512 Feb 20 09:58 ../ +Xdrwxr-xr-x 2 deraadt wheel 512 Jun 22 06:05 cvs/ +X-rw-rw-r-- 1 deraadt wheel 54 Dec 4 1995 ss +X +X +X*************************************************************** +XNOTES FOR OTHER PLATFORMS: +X +XIf you're not that familiar with your other platform (i.e. you haven't +Xbuilt a chroot jail for a server on it) you may be better off +Xfinding an OpenBSD machine to use. (and duplicating the example above) +X +X**SunOS 5) +XBob Beck has done this. E-mail for +Xhelp if you need it. +X +X**OSF 1) +XFrom Todd Fries to the adventurous. +XA note for those installing anoncvs on non-OpenBSD operating systems. +XYou are in for some fun. +X +XFor OSF1, on a DEC alpha, I had to do the following in addition to the +Xabove: +X +X- I do not know how to setup dynamic libraries on osf1 and as a result +X everything had to be compiled statically. +X- Therefore, everything but /bin/sh I had to recmpile in order to +X get the chroot setup. In order that there be no guesswork +X involved, the following packages' binaries must exist in the chroot +X environment: +X +X GNU +X cvs (from the OpenBSD source tree) +X +XSome notes on compiling. +X +X cvs fails to install if you don't have makeinfo ... just search for the +X string ' install-info$' with regex and remove it from the Makefile for the +X install and you'll be fine, or install 'texinfo', your choice. +END-of-README +echo x - anoncvssh.c +sed 's/^X//' >anoncvssh.c << 'END-of-anoncvssh.c' +X/* +X * anoncvssh +X */ +X +X#include +X#include +X#if defined(__OpenBSD__) || defined(__NetBSD__) || defined(__FreeBSD__) +X#include +X#endif +X#include +X#include +X#include +X +X#ifndef __CONCAT +X#if defined(__STDC__) || defined(__cplusplus) +X#define __CONCAT(x,y) x ## y +X#else +X#define __CONCAT(x,y) x/**/y +X#endif +X#endif +X +X#ifndef __CONCAT3 +X#if defined(__STDC__) || defined(__cplusplus) +X#define __CONCAT3(x,y,z) x ## y ## z +X#else +X#define __CONCAT3(x,y,z) x/**/y/**/z +X#endif +X#endif +X +X#ifndef __P +X#if defined(__STDC__) || defined(__cplusplus) +X#define __P(protos) protos /* full-blown ANSI C */ +X#else +X#define __P(protos) () /* traditional C preprocessor */ +X#endif +X#endif +X +X/* +X * You may need to change this path to ensure that RCS, CVS and diff +X * can be found +X */ +X#ifndef _PATH_DEFPATH +X#define _PATH_DEFPATH "/bin:/usr/bin" +X#endif +X +X/* +X * This should not normally have to be changed +X */ +X#ifndef _PATH_BSHELL +X#define _PATH_BSHELL "/bin/sh" +X#endif +X +X/* +X * Location of CVS tree, relative to the anonymous CVS user's +X * home directory +X */ +X#ifndef LOCALROOT +X#define LOCALROOT "/cvs" +X#endif +X +X/* +X * Account and host name to be used when accessing the +X * CVS repository remotely +X */ +X#ifndef HOSTNAME +X#define HOSTNAME "anoncvs@anoncvs1.usa.openbsd.org" +X#endif +X +X/* +X * $CVSROOT is created based on HOSTNAME and LOCALROOT above +X */ +X#ifndef CVSROOT +X#define CVSROOT __CONCAT3(HOSTNAME,":",LOCALROOT) +X#endif +X +X/* +X * We define PSERVER_SUPPORT to allow anoncvssh to spawn a "cvs pserver". +X * You may undefine this if you aren't going to be running pserver. +X */ +X#ifndef PSERVER_SUPPORT +X#define PSERVER_SUPPORT +X#endif +X +X/* +X * Define USE_SYSLOG if you want anoncvssh to log pserver connections +X * using syslog() +X */ +X#define USE_SYSLOG +X +X#ifdef USE_SYSLOG +X#include +X#include +X#include +X#include +X#include +X#define LOG_FACILITY LOG_DAEMON +X#define LOG_PRIO LOG_INFO +X#endif +X +X/* Define ANONCVS_USER if you want anoncvssh to complain if invoked by +X * anyone other than root or ANONCVS_USER. +X */ +X/* #define ANONCVS_USER "anoncvs" */ +X +Xint main __P((int, char *[])); +X +Xchar * const env[] = { +X __CONCAT("PATH=",_PATH_DEFPATH), +X __CONCAT("SHELL=",_PATH_BSHELL), +X __CONCAT("CVSROOT=",LOCALROOT), +X "HOME=/", +X "CVSREADONLYFS=1", +X NULL +X}; +X +Xint +Xmain(argc, argv) +Xint argc; +Xchar *argv[]; +X{ +X struct passwd *pw; +X#ifdef DEBUG +X int i; +X#endif /* DEBUG */ +X +X pw = getpwuid(getuid()); +X if (pw == NULL) { +X fprintf(stderr, "no user for uid %d\n", getuid()); +X exit(1); +X } +X if (pw->pw_dir == NULL) { +X fprintf(stderr, "no directory\n"); +X exit(1); +X } +X +X#ifdef USE_SYSLOG +X openlog("anoncvssh", LOG_PID | LOG_NDELAY, LOG_FACILITY); +X#endif /* USE_SYSLOG */ +X +X#ifdef ANONCVS_USER +X /* +X * I love lusers who have to test every setuid binary on my machine. +X */ +X if (getuid() != 0 && (strcmp (pw->pw_name, ANONCVS_USER) != 0)) { +X fprintf(stderr, "You're not supposed to be running me!\n"); +X#ifdef USE_SYSLOG +X syslog(LOG_NOTICE, +X "User %s(%d) invoked anoncvssh - Possible twink?", +X pw->pw_name, pw->pw_uid); +X#endif /* USE_SYSLOG */ +X exit(1); +X } +X#endif /* ANONCVS_USER */ +X +X +X setuid(0); +X if (chroot(pw->pw_dir) == -1) { +X perror("chroot"); +X exit (1); +X } +X chdir("/"); +X setuid(pw->pw_uid); +X +X /* +X * program now "safe" +X */ +X +X#ifdef PSERVER_SUPPORT +X /* If we want pserver functionality */ +X if ((argc == 2) && (strcmp("pserver", argv[1]) == 0)) { +X#ifdef USE_SYSLOG +X int slen; +X struct sockaddr_in my_sa, peer_sa; +X char *us, *them; +X +X slen = sizeof(my_sa); +X if (getsockname(0, (struct sockaddr *) &my_sa, &slen) +X != 0) { +X perror("getsockname"); +X exit(1); +X } +X us = strdup(inet_ntoa(my_sa.sin_addr)); +X if (us == NULL) { +X fprintf(stderr, "malloc failed\n"); +X exit(1); +X } +X slen = sizeof(peer_sa); +X if (getpeername(0, (struct sockaddr *) &peer_sa, &slen) +X != 0) { +X perror("getpeername"); +X exit(1); +X } +X them=strdup(inet_ntoa(peer_sa.sin_addr)); +X if (them == NULL) { +X fprintf(stderr, "malloc failed\n"); +X exit(1); +X } +X syslog(LOG_PRIO, +X "pserver connection from %s:%d to %s:%d\n", +X them, ntohs(peer_sa.sin_port), +X us, ntohs(my_sa.sin_port)); +X#endif /* USE_SYSLOG */ +X execle("/usr/bin/cvs", "cvs", +X __CONCAT("--allow-root=",LOCALROOT), "pserver", NULL, env); +X perror("execle: cvs"); +X fprintf(stderr, "unable to exec CVS pserver!\n"); +X exit(1); +X /* NOTREACHED */ +X } +X#endif +X +X if (argc != 3 || +X strcmp("anoncvssh", argv[0]) != 0 || +X strcmp("-c", argv[1]) != 0 || +X (strcmp("cvs server", argv[2]) != 0 && +X strcmp(__CONCAT3("cvs -d ",LOCALROOT," server"), argv[2]) != 0)) { +X fprintf(stderr, "\nTo use anonymous CVS install the latest "); +X fprintf(stderr,"version of CVS on your local machine.\n"); +X fprintf(stderr,"Then set your CVSROOT environment variable "); +X fprintf(stderr,"to the following value:\n"); +X fprintf(stderr,"\t%s\n\n", CVSROOT); +X#ifdef DEBUG +X fprintf(stderr, "argc = %d\n", argc); +X for (i = 0 ; i < argc ; i++) +X fprintf(stderr, "argv[%d] = \"%s\"\n", i, argv[i]); +X#endif /* DEBUG */ +X sleep(10); +X exit(0); +X } +X execle("/usr/bin/cvs", "cvs", "server", NULL, env); +X perror("execle: cvs"); +X fprintf(stderr, "unable to exec CVS server!\n"); +X exit(1); +X /* NOTREACHED */ +X} +X +END-of-anoncvssh.c +exit + -- cgit v1.2.3