From faf7e6f1513d2582f4a6eed04aaf8ec97028e27b Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Sat, 2 May 2009 20:31:43 +0000 Subject: sync, OpenCVS --- README | 33 ++++++++++++++++++++- anoncvs.shar | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++++------ anoncvssh.c | 61 +++++++++++++++++++++++++++++++++----- 3 files changed, 171 insertions(+), 18 deletions(-) diff --git a/README b/README index cb729c1..74c51d9 100644 --- a/README +++ b/README @@ -34,10 +34,12 @@ 8) Once you get the distribution in, set up a cron job to run sup periodically to keep your server up to date. +9) Enabling OpenCVS anoncvs. + ********************************************************************** STEP 1) find enough disk space. You need roughly 2GB. - Mount it on /open. + Mount it on /open, make sure it doesn't have nosuid and nodev flags. If you are not able to mount it as /open, substitute it's location throughout the rest of this description. @@ -230,6 +232,35 @@ weekly 'sup -vo supfile' .. because sup is not reliable .. anoncvs5.usa.openbsd.org uses this particular set of entries. A `sup -o' is done every few days because sup is not very robust. +********************************************************************** +STEP 9): Enabling OpenCVS anoncvs. + +The next step is to enable OpenCVS, which will run on your system next +to the normal GNU cvs server. This will become the default in the +future. + +First off, create a new user account "opencvs" like you did for your +normal anoncvs user: + +opencvs::32766:32766::0:0:Anonymous OpenCVS User:/open/anoncvs:/open/anoncvssh + +Be sure that the uid and gid are unique for your system, if the ones +above aren't, pick different values. + +#define OPENCVS_USER "opencvs" + +Recompile anoncvssh.c and install the binary setuid-root in /open/anoncvssh. + +Compile and install a current /usr/bin/opencvs. + +Copy /usr/bin/opencvs to /open/anoncvs/usr/bin/opencvs + +You can now use OpenCVS anoncvs by using the correct CVSROOT: + + opencvs@anoncvs.openbsd.org:/cvs + +If you encounter bugs, send them to joris@openbsd.org + ********************************************************************** EXAMPLE LAYOUT diff --git a/anoncvs.shar b/anoncvs.shar index 35e372b..2be7832 100644 --- a/anoncvs.shar +++ b/anoncvs.shar @@ -5,6 +5,7 @@ # # This archive contains: # +# anoncvs.shar # Makefile # README # anoncvssh.c @@ -59,10 +60,12 @@ X X8) Once you get the distribution in, set up a cron job to run sup X periodically to keep your server up to date. X +X9) Enabling OpenCVS anoncvs. +X X********************************************************************** XSTEP 1) find enough disk space. X You need roughly 2GB. -X Mount it on /open. +X Mount it on /open, make sure it doesn't have nosuid and nodev flags. X If you are not able to mount it as /open, substitute it's location X throughout the rest of this description. X @@ -256,6 +259,35 @@ Xanoncvs5.usa.openbsd.org uses this particular set of entries. A `sup X-o' is done every few days because sup is not very robust. X X********************************************************************** +XSTEP 9): Enabling OpenCVS anoncvs. +X +XThe next step is to enable OpenCVS, which will run on your system next +Xto the normal GNU cvs server. This will become the default in the +Xfuture. +X +XFirst off, create a new user account "opencvs" like you did for your +Xnormal anoncvs user: +X +Xopencvs::32766:32766::0:0:Anonymous OpenCVS User:/open/anoncvs:/open/anoncvssh +X +XBe sure that the uid and gid are unique for your system, if the ones +Xabove aren't, pick different values. +X +X#define OPENCVS_USER "opencvs" +X +XRecompile anoncvssh.c and install the binary setuid-root in /open/anoncvssh. +X +XCompile and install a current /usr/bin/opencvs. +X +XCopy /usr/bin/opencvs to /open/anoncvs/usr/bin/opencvs +X +XYou can now use OpenCVS anoncvs by using the correct CVSROOT: +X +X opencvs@anoncvs.openbsd.org:/cvs +X +XIf you encounter bugs, send them to joris@openbsd.org +X +X********************************************************************** XEXAMPLE LAYOUT X XExample layout for OpenBSD. In this example "deraadt" is the $SUPUSER. @@ -457,18 +489,24 @@ X#define LOCALROOT "/cvs" X#endif X X/* -X * Account and host name to be used when accessing the -X * CVS repository remotely +X * Hostname to be used when accessing the remote repository. X */ X#ifndef HOSTNAME -X#define HOSTNAME "anoncvs@anoncvs1.usa.openbsd.org" +X#define HOSTNAME "anoncvs1.usa.openbsd.org" +X#endif +X +X/* +X * Username to be used when accessing the remote repository. +X */ +X#ifndef USERNAME +X#define USERNAME "anoncvs" X#endif X X/* -X * $CVSROOT is created based on HOSTNAME and LOCALROOT above +X * $CVSROOT is created based on USERNAME HOSTNAME and LOCALROOT above X */ X#ifndef CVSROOT -X#define CVSROOT HOSTNAME ":"LOCALROOT +X#define CVSROOT USERNAME "@" HOSTNAME ":"LOCALROOT X#endif X X/* @@ -498,7 +536,13 @@ X X/* Define ANONCVS_USER if you want anoncvssh to complain if invoked by X * anyone other than root or ANONCVS_USER. X */ -X/* #define ANONCVS_USER "anoncvs" */ +X/* #define ANONCVS_USER USERNAME */ +X +X/* +X * If you want to be able to run an alternate OpenCVS binary on your +X * anoncvs server, define OPENCVS_USER as the user who will invoke it. +X */ +X#define OPENCVS_USER "opencvs" X Xint main __P((int, char *[])); X @@ -520,6 +564,9 @@ X struct passwd *pw; X#ifdef DEBUG X int i; X#endif /* DEBUG */ +X#if defined(OPENCVS_USER) +X int opencvs; +X#endif X X pw = getpwuid(getuid()); X if (pw == NULL) { @@ -559,6 +606,13 @@ X } X chdir("/"); X setuid(pw->pw_uid); X +X#if defined(OPENCVS_USER) +X if (!strcmp(pw->pw_name, OPENCVS_USER)) +X opencvs = 1; +X else +X opencvs = 0; +X#endif +X X /* X * program now "safe" X */ @@ -570,7 +624,15 @@ X#ifdef USE_SYSLOG X int slen; X struct sockaddr_in my_sa, peer_sa; X char *us, *them; -X +X +X#if defined(OPENCVS_USER) +X if (opencvs == 1) { +X fprintf(stderr, "OpenCVS does not support pserver\n"); +X sleep(10); +X exit(1); +X } +X#endif +X X slen = sizeof(my_sa); X if (getsockname(0, (struct sockaddr *) &my_sa, &slen) X != 0) { @@ -616,6 +678,10 @@ X fprintf(stderr, "\nTo use anonymous CVS install the latest "); X fprintf(stderr,"version of CVS on your local machine.\n"); X fprintf(stderr,"Then set your CVSROOT environment variable "); X fprintf(stderr,"to the following value:\n"); +X#if defined(OPENCVS_USER) +X fprintf(stderr, "\t%s@%s:%s for OpenCVS\n", OPENCVS_USER, +X HOSTNAME, LOCALROOT); +X#endif X fprintf(stderr,"\t%s\n\n", CVSROOT); X#ifdef DEBUG X fprintf(stderr, "argc = %d\n", argc); @@ -625,7 +691,18 @@ X#endif /* DEBUG */ X sleep(10); X exit(0); X } -X execle("/usr/bin/cvs", "cvs", "server", (char *)NULL, env); +X +X#if defined(OPENCVS_USER) +X if (opencvs == 1) { +X execle("/usr/bin/opencvs", "opencvs", +X "server", (char *)NULL, env); +X } else { +X#endif +X execle("/usr/bin/cvs", "cvs", "server", (char *)NULL, env); +X#if defined(OPENCVS_USER) +X } +X#endif +X X perror("execle: cvs"); X fprintf(stderr, "unable to exec CVS server!\n"); X exit(1); diff --git a/anoncvssh.c b/anoncvssh.c index 62af922..0832b8c 100644 --- a/anoncvssh.c +++ b/anoncvssh.c @@ -57,18 +57,24 @@ #endif /* - * Account and host name to be used when accessing the - * CVS repository remotely + * Hostname to be used when accessing the remote repository. */ #ifndef HOSTNAME -#define HOSTNAME "anoncvs@anoncvs1.usa.openbsd.org" +#define HOSTNAME "anoncvs1.usa.openbsd.org" #endif /* - * $CVSROOT is created based on HOSTNAME and LOCALROOT above + * Username to be used when accessing the remote repository. + */ +#ifndef USERNAME +#define USERNAME "anoncvs" +#endif + +/* + * $CVSROOT is created based on USERNAME HOSTNAME and LOCALROOT above */ #ifndef CVSROOT -#define CVSROOT HOSTNAME ":"LOCALROOT +#define CVSROOT USERNAME "@" HOSTNAME ":"LOCALROOT #endif /* @@ -98,7 +104,13 @@ /* Define ANONCVS_USER if you want anoncvssh to complain if invoked by * anyone other than root or ANONCVS_USER. */ -/* #define ANONCVS_USER "anoncvs" */ +/* #define ANONCVS_USER USERNAME */ + +/* + * If you want to be able to run an alternate OpenCVS binary on your + * anoncvs server, define OPENCVS_USER as the user who will invoke it. + */ +#define OPENCVS_USER "opencvs" int main __P((int, char *[])); @@ -120,6 +132,9 @@ char *argv[]; #ifdef DEBUG int i; #endif /* DEBUG */ +#if defined(OPENCVS_USER) + int opencvs; +#endif pw = getpwuid(getuid()); if (pw == NULL) { @@ -159,6 +174,13 @@ char *argv[]; chdir("/"); setuid(pw->pw_uid); +#if defined(OPENCVS_USER) + if (!strcmp(pw->pw_name, OPENCVS_USER)) + opencvs = 1; + else + opencvs = 0; +#endif + /* * program now "safe" */ @@ -170,7 +192,15 @@ char *argv[]; int slen; struct sockaddr_in my_sa, peer_sa; char *us, *them; - + +#if defined(OPENCVS_USER) + if (opencvs == 1) { + fprintf(stderr, "OpenCVS does not support pserver\n"); + sleep(10); + exit(1); + } +#endif + slen = sizeof(my_sa); if (getsockname(0, (struct sockaddr *) &my_sa, &slen) != 0) { @@ -216,6 +246,10 @@ char *argv[]; fprintf(stderr,"version of CVS on your local machine.\n"); fprintf(stderr,"Then set your CVSROOT environment variable "); fprintf(stderr,"to the following value:\n"); +#if defined(OPENCVS_USER) + fprintf(stderr, "\t%s@%s:%s for OpenCVS\n", OPENCVS_USER, + HOSTNAME, LOCALROOT); +#endif fprintf(stderr,"\t%s\n\n", CVSROOT); #ifdef DEBUG fprintf(stderr, "argc = %d\n", argc); @@ -225,7 +259,18 @@ char *argv[]; sleep(10); exit(0); } - execle("/usr/bin/cvs", "cvs", "server", (char *)NULL, env); + +#if defined(OPENCVS_USER) + if (opencvs == 1) { + execle("/usr/bin/opencvs", "opencvs", + "server", (char *)NULL, env); + } else { +#endif + execle("/usr/bin/cvs", "cvs", "server", (char *)NULL, env); +#if defined(OPENCVS_USER) + } +#endif + perror("execle: cvs"); fprintf(stderr, "unable to exec CVS server!\n"); exit(1); -- cgit v1.2.3