|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Problems setting up CVS
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 13 May 2002 at 1:03, gabriel rosenkoetter wrote:
> On Mon, May 13, 2002 at 12:23:06AM -0400, Michael Leone wrote:
> > I'm trying to help someone setup CVS on his Debian system. It all
> > seemed to install correctly. I see the entry in /etc/inetd.conf.
>
> What do inetd's logs say?
daemon.log says:
May 12 23:45:08 slimtop cvs-pserver[2293]: connect from localhost
May 12 23:45:08 slimtop cvs: login refused for /usr/local/cvs
for each attempt (altho obviously it lists the hostname, for the
times I specified the full hostname on the login line.
auth.log has nothing, nor does syslog. I can't find any other log
that says anything. I would have thought auth.log would, since it is
trying to log in, but it's empty of any messages from cvs.
> > mjl@slimtop:~$ cvs -d :pserver:mjl@localhost:/usr/local/cvs init cvs
> > init: warning: skipping invalid entry in password file at line 1
> > /usr/local/cvs: no such repository
>
> Hrm. Do you have a pre-existing .cvspass?
It did, but then I removed it, so now there is none. But the
repository should still exist, and yet it still says that it doesn't
(after removing .cvspass).
> Why are you using pserver on the localhost? Or, really, at all? You
> know that pserver is *strongly* discouraged, in favor of using the
> CVS_ROOT=<host>:<path> and setting CVS_RSH=`which ssh`, right?
I'll pass that along to the person who wants it set up. He wants to
be able to access the CVS server from another station on the LAN, but
I doubt he'll have a problem doing it your way. As long as it works.
:-)
How would you do that, tho? I set those 2 environmental variables as
you entered above, and got:
env:
CVSROOT=slimtop.his-domain.com:/usr/local/cvs
CVS_RSH=/usr/bin/ssh
mjl@slimtop:/var/log$ cvs login
cvs login: can only use `login' command with the 'pserver' method
cvs [login aborted]: CVSROOT: slimtop.his-domain.com:/usr/local/cvs
> pserver's clear text, password included. And there's no reason to use
> pserver unless the repository's actually on a remote system. Even if
> you set up an anoncvs user, the source is transfered in the clear over
> the network, which you really ought to be concerned about. (A mitm
> could very easily insert malicious code without your being any the
> wiser.)
The vast majority of the time, it will only be transferred from one
station on the LAN to another. Not from remote (i.e., out of the
office) locations, altho that might happen occasionally.
> Not that figuring out what's wrong isn't worth your time, just that
> you probably don't actually want to be using pserver at all.
>
> > However, when I try to login:
> >
> > cvs -d :pserver:mjl@localhost:/usr/local/cvs login
> > Logging in to :pserver:mjl@localhost:2401/usr/local/cvs
> > CVS password:
> > /usr/local/cvs: no such repository
>
> Hrm. As whom is pserver running? (That is, is your inetd or pserver
> itself doing a setuid(), or, perhaps more importantly, a chroot()?)
- From /etc/inetd.conf:
cvspserver stream tcp nowait.400 root /usr/sbin/tcpd
/usr/sbin/cvs-pserver
(this was added by the Debian installer, not me)
- From /etc/hosts.allow:
ALL: .his-domain.com
(and no need to mention the security; we'll fix it once cvs is
running :-)
As to chroot ... beats the crrap out of me :-), altho it doesn't look
like it from the statements above (if they're any indication).
> > It looks like it's accepting the password (since there's no password
> > error), but it also thinks there's no repository.
>
> Could be a spurious error.
Happens each and every time, where I do it on the repository machine,
or from other stations, so it's consistent, at least.
> What version of CVS is this? (Various
> versions before 1.11 had some serious bugs with a variety of things,
> pserver included.)
mjl@slimtop:/var/log$ cvs --version
Concurrent Versions System (CVS) 1.11.1p1 (client/server)
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4 -- QDPGP 2.68
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBPN+32pq0HvZapbzfEQI9+wCcC6pr9jpUJ6JwsIfEfqQETQK9maEAnRp/
AFzHSknO9iLMLhwIP2e4Ggir
=bbLK
-----END PGP SIGNATURE-----
______________________________________________________________________
Philadelphia Linux Users Group - http://www.phillylinux.org
Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce
General Discussion - http://lists.phillylinux.org/mail/listinfo/plug
|
|