OSfight.de

CVS is an easy way to manage programming projects. It keeps track of who changed what and when, as well as saving old versions. I’ll explain how to get a CVS server up and running in 5-10 minutes.

1. Install the server/repo

For Debian/Ubuntu this is fairly straight forward. “apt-get install cvs” should do the trick. Those on other distribuitions should use whatever package manager their distribution uses. Install from source if you like to complicate things, or are running gentoo.

2. Set up the server/repo

Decide on a directory that you want to hold all your CVS modules (i.e. your projects). Typically this is /cvs or /usr/local/cvsroot but it doesnt matter.

Export this directory as the CVSROOT environment variable, this is done with the simple command
$ export CVSROOT=/path/to/cvs/root
(NOTE: this works for bash/csh/ksh, zsh should use the setenv command) You should also add this export statement either to your user init script (~/.bashrc) or the global init script (/etc/profile). So you don’t have to export the variable every time you use cvs on the server.

Run the command
$ cvs init
in order to initialize your cvs repository.

3. Configure the server/repo

CVS does not like having its files edited in the repo, in order to avoid conflicts, its a good idea to checkout the CVSROOT package (this holds all the configuration files) and then comit those changes rather than just editing the files in the package directly. So lets do this (and at the same time we can test if the repo is set up properly.

$ chvs checkout CVSROOT

should display an output like the following

U CVSROOT/checkoutlist
U CVSROOT/commitlist
…

Try editing some file, (add a space in a comment), save the file and type

$ cvs commit -m "first commit"

The -m is to indicate a short comment for the commit, otherwise cvs would open up the editor specified by the $EDITOR environmental variable to edit the comment.

If it doesnt work. Make sure that your user has write access to the cvs directory. The easiest way to set this up is to create a group (cvs) and to change the cvsroot directory to that groups ownership and to add your user to the group.

4.  Setting up remote access

Set up the proper permissions and users to allow remote reading and writing of the files.

Create a user named cvs-admin in the group cvs (or something along those lines). Go over to the cvs root directory and run the following 2 commands

$ chown -R :cvs .
$ chmod -R g+s .

The first one changes the owning group of the directory (and all of its files) to the cvs group. The second one makes it so that any newly created files will maintain the cvs group ownership (that way if many different users add files they will all still be readable and checkoutable by everyone

In order to get the server runing we need to edit some system config files. Make sure that the following line is in /etc/services

cvspserver       2401/tcp   #CVS network server

Then add the following line to /etc/inet.conf

cvspserver      stream  tcp     nowait  cvs-admin    /usr/bin/cvs cvs --allow-root=/cvs pserver

Also make sure to edit any firewall scripts to allow traffic on port 2401. Restart the inet service and everything should be runnning

5. Adding users

cvs does let you remotely log-in via a local user, but this is insecure, and doesnt work too well when you have a non root owner for the server process. If you don’t mind the security problem (i.e. on a local network), you can simply change the inet.conf to start the service as root instead of cvs-admin and add the names of the users you want to edit to the “writers” files and those who are read only to the “readers” file. (more on this in a second)

If you want the extra security OR you want to add users who don’t have a local account (i.e. windows users logging in remotely) you need to make a passwd file for the repository.

Checkout CVSROOT again (if you have deleted the previous checkout). Create a file named  passwd, a file named readers, and a file named “writers” and add the names of those users that you want to have write access to your repository (either local or remote) to writers.  If a writer/reader doesnt have a local account associated with them, or you decided to run the service from non-root account (which is recomended) you need to add an entry to the passwd file.

The passwd file has entries in the following format

username:password:systemuser

If the proccess is running as non-root then it has no rights to change the user of the attempted read, therefore any user other than the cvs-admin user in the systemuser field will cause the attempted checkout/commit to fail. If you are running a non-root cvs server all the entries should have the following format

john:43eEPdlpnUmb6:cvs-admin

The first field is the user name, the second is the encrypted password. The easiest way to generate this field is to use the htpasswd utility that is installed if you have apache installed on your server, otherwise you can use this utility that can generate the entry for you.

After creating and editing the readers/writers/passwd files we need to tell the cvs repository to include those files in the configuration, edit the checkoutlist file and add 3 lines to it, “passwd”, “readers”, “writers” with no quotes.

Now we just need to add those files and commit to the module with the following command:

$ cvs add writers
$ cvs add readers
$ cvs add passwd
$ cvs commit -m "Added passwd and users"

6. Client Configuration

The last thing left is to configure your client to access the cvs repo. luckily this is fairly straight forward.

For one off checkouts you can use the following commands

$ cvs -d :pserver:username@server:/path/to/cvs/root login
$ cvs -d :pserver:username@server:/path/to/cvs/root checkout MODULE
$ cvs -d :pserver:username@server:/path/to/cvs/root logout

For a regular cvs repository it would be easier to set the CVSROOT variable to point to the server/user that you need.

$ export CVSROOT=:pserver:username@server:/path/to/cvs/root

After which you can simply use the commands without specifying the server everytime

$ cvs login
$ cvs checkout MODULE
$ cvs logout

Remember to save the export either to /etc/profile or ~/.bashrc to save the exported variable next time you log in.

7. Anonymous CVS

There are two ways of doing this, depending on which way your server is configured. If you have it running as root, then you have to create an anonymous user

$ useradd anonymous -s /bin/false
$ adduser anonymous cvs

The reason I add anonymous to the cvs group is because even a read-only user needs to have write permissions to create a lockfile. There are ways around it but I havent figured them out.

In the passwd file add the following line  – anonymous:

If you are running the server as non-root, then you should add the following line to the passwd file

anonymous::cvs-admin

In either case, make sure to add the anonymous user to the readers file.
To make sure its working properly, log in as anonymous and try commiting a change, it should fail.