Add following install time options for update.sh
- Whether or not /var/log/cvsup.log is rotated when update.sh
is invoked.
- Maximum number of log files.
- Wheter or not old log file is gzipped after rotated.
PR: ports/81598
Submitted by: KIMURA Yasuhiro <yasu@utahime.org>
Not objected by: jdp@FreeBSD.org
1. If update.sh failed to determine the PREFIX, it didn't realize it
had failed. This is arguably caused by a shell bug in processing
the statement
export PREFIX=$(expr $0 : "\(/.*\)/etc/cvsup/update\.sh\$")
This statement always succeeds even if the "expr" command fails.
Moving the "export" to a separate statement makes it work.
2. If the system had no "/home" directory, the pkg-install script
would create it with mode 0700, making ~cvsupin inaccessible to its
owner. A user ran into this bug when installing cvsup-mirror into a
jail.
the user to remove the client's home directory and the mirrored
files.
INSTALL: Create a home directory for the client user, since one
is needed to hold the authentication key file. Also create an
empty "auth" file so that its permissions will be right. Set the
gcos fields more appropriately.
honor of the occasion I have bumped the version number to 1.1.
The port now depends upon the cvsup-bin and cvsupd-bin ports rather
than on the more trouble-prone cvsup port.
The CVSup server is run with "-C 100" (max. 100 clients at a time)
and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access"
file. This is nice because you can change the limit by editing
the file; you don't have to restart the server. The cvsupd.access
file also contains a rule to limit each individual host to one
connection at a time.
The CVSup client is now run under its own unprivileged user ID
instead of root. This is a security enhancement. It makes it
impossible for a compromised master site to install files into
places outside the mirror area of the filesystem. The permissions
of various other files such as /usr/local/etc/cvsup have also been
strengthened to enhance security.
Both client and server now cd to /var/tmp to run, so that if they
decide to croak they'll be able to write the core file. :-)
The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start"
and "stop" arguments.
The configure script no longer attempts to tell you the sizes of
the various collections. That's impossible to maintain. When I
have time I plan to make a web page where one can obtain that
information from an automatically-updated source. Then I will
reference the URL in the configure script.
It is possible to upgrade an existing cvsup-mirror-1.0 installation
to this new version, but it is tricky because of the change in
ownership of the mirrored files. I will post instructions to the
freebsd-hubs mailing list after I make sure I have the procedure
just right.
users since it doesn't see yp/nis. Use 'pw {user|group} show ...' and
check the return code, otherwise the script can try and add an already
existing user or group.
