Howto set up a CVS (Concurrent Versions System) Server
By : Julien Herbin Email : julien@ecranbleu.orgDon't hesitate to contact me in case you need any information. Please inform me of any mistake I may have done.
Last modified : 2005-06-18
This Howto was written for the Debian Linux distribution, because packages management and dependencies is easy and commonplace through the APT command. It doesn't mean that the configuration won't work with another Linux distribution, since packages to install should be the same, but some configuration files may be located in another directories of your filesystem.
Installation and configuration
As usual with Debian, it's really easy to install a program :apt-get install cvsHere is a way to create your first own repository on the CVS server :
[root@lichi] ~# mkdir /var/lib/cvs/my_cvs_rep [root@lichi] ~# export CVSROOT=/var/lib/cvs/my_cvs_rep [root@lichi] ~# cvs initYou can also create a CVS module (you could also do it with the cvs command as a client with the import command)
[root@lichi] ~# mkdir $CVSROOT/my_module [root@lichi] ~# chgrp -R julien:julien $CVSROOT/my_module [root@lichi] ~# chmod -R g+w $CVSROOT/my_module
Authentifications
On the same computer
[julien@lichi] ~$ export CVSROOT=/var/lib/cvs/my_cvs_rep [julien@lichi] ~$ cvs co my_module cvs checkout: Updating my_module
On a distant computer user pserver auth
This is totally insecured if not done over a secure channel / VPN because the data is not encrypted at all.[julien@groseille] ~$ export CVSROOT=":pserver:julien@lichi.my-domain.name:/my_cvs_rep" [julien@groseille] ~$ cvs co my_module cvs checkout: Updating my_module
SSH auth
If all your CVS users have a login on the remote CVS server, there is an easy way to secure all your CVS transaction through an SSH connection.
[julien@groseille] ~$ export CVSROOT=":ext:julien@lichi.my-domain.name:
/var/lib/cvs/my_cvs_rep"
[julien@groseille] ~$ export CVS_RSH=ssh
But your passsword will be asked each time you type a CVS command which needs to communicate with the CVS server (ie : commit, checkout, update...). It is possible to avoid this thanks to the authentication key generation for SSH, which gives a method to log on a remote system whith SSH without typing any password.[julien@groseille] ~$ ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/julien/.ssh/id_dsa): /home/julien/.ssh/id_dsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/julien/.ssh/id_dsa. Your public key has been saved in /home/julien/.ssh/id_dsa.pub. The key fingerprint is: aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa:aa julien@groseille cat .ssh/id_dsa.pub | ssh julien@lichi.my-domain.name "cat - >>.ssh/authorized_keys"Now, if you connect with SSH to the CVS server host, no password should be asked anymore :
[julien@groseille] ~$ ssh julien@lichi.my-domain.name Linux lichi.my-domain.name 2.4.27-1-686 #1 Wed Dec 1 19:57:47 JST 2004 i686 GNU/Linux Last login: Sat Jun 18 10:15:23 2005 from xxx.fbx.proxad.net [julien@lichi] ~$Finally, you can use CVS on a secured connexion :
[julien@groseille] ~$ export CVSROOT=":ext:julien@lichi.my-domain.name:/var/lib/cvs/my_cvs_rep" [julien@groseille] ~$ export CVS_RSH=ssh [julien@groseille] ~$ cvs co my_module cvs checkout: Updating my_module U my_module/pgcd.py
Refences :
