Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Enable CVS pserver on 10.2 UNIX
Set up for cvspserver is even easiler in OS 10.2 using xinetd. Here is what I did:
  1. Create a new file called "cvspserver" in /ete/xinetd.d/

  2. Inside that file paste the following:
    service cvspserver
    {
    disable = no
    protocol = tcp
    socket_type = stream
    wait = no
    user = root
    server = /usr/bin/cvs
    server_args = -f --allow-root="Your CVSROOT here" pserver
    passenv =
    groups = yes
    }
    Replace the "Your CVSROOT here" with the location of your repository (example: /usr/local/cvsroot).

  3. Restart xinetd. Send a SIGHUP signal to the xinetd process.

  4. Change your firewall configuration to allow port 2401 if appropriate.
Now you are done and should be able to connect.

[Editor's note: This hint explains how to set it up in pre 10.2 systems.]
    •    
  • Currently 3.50 / 5
  You rated: 3 / 5 (4 votes cast)
 
[34,481 views]  

Enable CVS pserver on 10.2 | 25 comments | Create New Account
Click here to return to the 'Enable CVS pserver on 10.2' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Security concern...
Authored by: Anonymous on Sep 18, '02 11:01:40AM

Do NOT even remotely think about using pserver if you have even the slightest of concern regarding security. Pserver uses a protocol that is as open as ftp -- i.e. one good packet sniff and the channel has been compromised.

I highly recommend using ssh for all cvs operations -- even for operations on the local filesystem (not because of security but because CVS behaves different depending on if you are using it in client/server vs. local filesystem mode).



[ Reply to This | # ]
Security concern...
Authored by: serversurfer on Sep 18, '02 06:13:02PM
So like, uh How do we do that?

[ Reply to This | # ]
Security concern...
Authored by: davevc on Oct 14, '02 06:31:08PM

Excellent CVS tutorial for OS X on the Apple Developer site:
http://developer.apple.com/internet/macosx/cvsoverview.html

Covers setting up CVS to use SSH access to a remote server instead of using the plain text password server method.



[ Reply to This | # ]
Old install
Authored by: theMaker on Sep 19, '02 03:07:27AM

I had pserver running under 10.1.x. Other than copying the related lines from /etc/inetd.conf.applesaved back into /etc/inetd.conf, I needed to do nothing else...

And xinetd is not running... should it be? In which version did xinetd appear?



[ Reply to This | # ]
Old install
Authored by: kwiersma on Sep 19, '02 02:51:12PM

You can use either inetd or xinetd to setup cvspserver. xinetd is now for 10.2 and all the system services are started this way so I figured it was the new standard. For some reason I couldn't get it working with inetd on my box as well.



[ Reply to This | # ]
Rejected access
Authored by: calroth on Nov 18, '02 08:21:07AM
I couldn't get this to work under 10.2.2. So I tried it on a freshly installed 10.2.2. Still couldn't get it to work. I've tried setting up permissions, checking groups, etc. Not sure how to get this working. I've read that it requires the Password Service of Mac OS X Server? cvs [login aborted]: authorization failed: server 127.0.0.1 rejected access Any ideas?

[ Reply to This | # ]
Rejected access
Authored by: calroth on Nov 18, '02 08:59:43AM

It rejects my crypted password ("I HATE YOU") when I telnet to localhost:2401. But when I launch cvs directly and give the same input, it approves it ("I LOVE YOU"). So there must be something up with the way cvs handles authentication when spawned by xinetd? Anyone know what's going on?



[ Reply to This | # ]
Having Authentication problems?
Authored by: ajbert on Nov 18, '02 11:37:51PM
I followed the instructions above, and have been denied all day long by my own server with the message
cvs [login aborted]: authorization failed: server 127.0.0.1 rejected access

I couldn't work out what the problem was and then, for a giggle, I tried removing the quote marks from the line of the server_args line of the config file, and suddenly I was able to log in. Amazing.

Originally I had:
server_args = -f --allow-root="/usr/local/CVS" pserver
(which doesn't work)

So I changed it to:
server_args = -f --allow-root=/usr/local/CVS pserver
(and now I have a CVS server)

So technically the instructions above are correct, but I think it would be more obvious if either the quote marks were not there at all, or if the instructions said "remove the quote marks".

Also, you probably noticed, there is a typo at the start of the instructions, /ete/ should be /etc/

[ Reply to This | # ]
Having Authentication problems?
Authored by: calroth on Nov 19, '02 08:11:38AM

Hey, this works! Thanks a million.



[ Reply to This | # ]
Problems using pserver...
Authored by: bali on Jan 17, '03 07:08:26AM

I´ve gotten the deamon to run OK. I can login from another machine but I get the following message when doing basicly anything:

cvs checkout: cannot open CVS/Entries for reading: No such file or directory
Too many open files

When I try "csv history docs"(this works locally on the server) from the remote machine I get:
Too many open files

Does anyone recognize this problem?

I'm running MacOS X 10.2.3 and the December Development Tools.



[ Reply to This | # ]
Not getting very far
Authored by: miles202 on Jan 25, '03 04:17:54PM

I am afraid I am not getting very far with this -- I have added the file cvspserver in /etc/xintd/d. I have restarted the system. I am not able to connect to the pserver.

I am running 10.2.3. When I run "ps -aux" I do not see "xinetd" running. "inetd" however is running. this seems to be more consistent with the other instructions for 10.1.

What am I missing?

Thanks
Miles



[ Reply to This | # ]
Send a SIGHUP signal to the xinetd process
Authored by: miles202 on Jan 25, '03 04:19:35PM

How do I send a SIGHUP signal to the xinetd process?

Thanks,
Miles



[ Reply to This | # ]
Send a SIGHUP signal to the xinetd process
Authored by: sardu_mac on Jan 25, '03 05:03:22PM
Try ps axc | grep xinetd to get the process id (the first number in the output) and then sudo kill -HUP ###

sudo killall -HUP xinetd or sudo killall -1 xinetd should also work (as does simply rebooting)

[ Reply to This | # ]
Send a SIGHUP signal to the xinetd process
Authored by: jsteele on Jan 29, '03 12:32:13AM

try a variant of the previous aswer:
kill -HUP `cat /var/run/xinetd.pid`

it pipes the PID into kill. Take special notice that the quotes aren't. It's the back quote (above the TAB on a US keyboard.)



[ Reply to This | # ]
Enable CVS pserver on 10.2
Authored by: aktbar on Feb 19, '03 04:28:48PM

I was having authentication problems using cvs and Project Builder (Project Builder would tell me (I am not making this up, and there is no typo in the text) aborted]: use "cvs login" to log in first, with a corresponding message in /var/log/system.log that said cvs: bad auth protocol start: EOF.

After several hours of work, I found my problem was that I was running the fink version of cvs, 1.11.2-1, which apparently stores password information differently than the default apple version (1.10). Everything's working fine now!

[ Reply to This | # ]

is there a binary copy somewhere?
Authored by: JiveGuy on Feb 27, '03 11:10:35PM

Hi,

I am running Jaguar 10.2.4, but I do not have the developer tools.

I would like to use CVS to store revisions of documents, etc..

Is there a precompiled binary for CVS anywhere? I've looked all over the place and can't find one.

Any help would be appreciated.

Thanks.



[ Reply to This | # ]
Web Development versioning with CVS
Authored by: webma on Mar 24, '03 05:12:03AM

Has anyone had any luck with Web Development versioning with CVS?

We have a development team of 4 all using a PC and Mac each for Dreamweaver/ColdFusion/MS SQL web production. We've setup a CVS server and can connect to it with limited success using the jCVS and TortiseCVS client software, but it seems to be awfully hard to use for the simple concept of version control of our code.

Is anyone out there using CVS for web development? What are the Pros/Cons and alternatives?



[ Reply to This | # ]
Web Development versioning with CVS
Authored by: lukas on Mar 29, '03 09:49:18AM

How about using a WebDAV Server instead of CVS ?
For Web Development it CVS doesnt seems to be very usefull...

Cheers



[ Reply to This | # ]
Enable CVS pserver on 10.3
Authored by: kwiersma on Nov 04, '03 12:09:27AM

I setup CVS pserver on my new PowerBook which is now running 10.3. The only clevat was that I could not login through pserver for some reason. Eventually I tracked down the problem by using Google and finding a link about setting up password access with CVS. Tips for setting up the CVS passwd file showed me that I needed to use a Perl command to crypt my password and then paste that into the CVS passwd file with my username. This allowed me to finally login via pserver.

--Kurt
A web/java developer's weblog



[ Reply to This | # ]
does pserver require passwd file?
Authored by: dinskeep on Nov 23, '03 12:25:09AM

I had cvs login working with pserver on 10.2 and didn't do anything with $CVSROOT/CVSROOT/passwd - I've saved my old CVSROOT directory and have no such file. Is there something different in cvs in 10.3 that requires a passwd file? I keep getting

"cvs login: authorization failed: server breezy rejected access to /usr/cvsroot for user skeep"

when I try to log in - aside from the passwd file, I've done everything else in this thread (xinetd.d entry, no quotes around the root in server_args). Is passwd required?



[ Reply to This | # ]
apparently yes, if:
Authored by: dinskeep on Nov 23, '03 01:11:21AM

I'm answering my own question here, but maybe it will help someone. Apparently if a user uses the ShadowHash authentication_authority, then you must create a $CVSROOT/CVSROOT/passwd file entry for them, as described above. I guess panther now defaults to using ShadowHash. To tell if the user you're having problems with uses ShadowHash, do:

niutil -read local@localhost /users/youruser

If you see the line "authentication_authority: ;ShadowHash;" then you'll need to do the passwd file stuff descibed earlier in this thread. The end result of that will be a line in the passwd file that looks like:

youruser:syw8996A9879sddns

assuming that youruser's password crypts to syw8996A9879sddns



[ Reply to This | # ]
apparently yes, if:
Authored by: hal9k on Jan 07, '04 09:11:54AM

Dave,
it definitely helped me! I used CVS with OS X 10.2 and didn't use a passwd file, I didn't even think I'd have to use it with 10.3!

So thanks a lot for replying your own question.

Armin



[ Reply to This | # ]
Re: Enable CVS pserver on 10.2 - starting xinetd
Authored by: mguske on Nov 11, '03 03:57:09PM
Thanks for the good explanation.

As mentioned in the
/etc/inetd.conf
file from Apple, you can also use
/sbin/service cvspserver start|stop
command to start or stop a xinetd service.

~ Markus

[ Reply to This | # ]
CVS Server from scratch, step-by-step ...
Authored by: blakers on Dec 02, '03 10:00:56PM
hi all,

i've been wanting to setup a a remote/central cvs server for Web Development
versioning for awhile.

the previous comments here on MacOSXHints were, as usual, helpful (thanks!) for
using OSX's bundled cvs.

wanting to get all my cvs clients & servers to a single, recent version with a
reproducible proces, I set out to build/configure cvs server from scratch ... and
spent some time collecting the info i'd found

given some of the questions/comments i've read, i hope some'll find this step-by-step
helpful!

cheers,

richard



cvs-1.11.9(CVS Home Page)
(login as root ...)

% cd /usr/ports
DOWNLOAD:  cvs-1.11.9.tar.bz2

% bunzip2 cvs-1.11.9.tar.bz2
% cd /usr/ports/cvs-1.11.9

% unsetenv CFLAGS CPPFLAGS CXX CXXFLAGS LDFLAGS LDDLFLAGS LD_PREBIND

Change these configure options as required; in particular note: your
approrpiate choice of:
--with-cvs-admin-group=wheel



% ./configure \
--prefix=/usr \
--enable-client \
--enable-password-authenticated-client \
--enable-server \
--enable-server-flow-control \
--enable-encryption \
--enable-rootcommit \
--with-krb4=/usr \
--with-cvs-admin-group=wheel

% make
% make install

% rehash
CREATE/INITIALIZE the repository
I assume here a root directory for the cvs repository of "/usr/local/cvsrep"
This can, of course, be any directory you wwant -- just make sure you have enough
free drive space !

% mkdir /usr/local/cvsrep
% cvs -d /usr/local/cvsrep init
Checkout the CVSROOT configuration/info files to, e.g., your Desktop:

% cd /Users/your_user_name/Desktop
% cvs checkout CVSROOT
You should see the following output:

cvs checkout: Updating CVSROOT
   U CVSROOT/checkoutlist
   U CVSROOT/commitinfo
   U CVSROOT/config
   U CVSROOT/cvswrappers
   U CVSROOT/editinfo
   U CVSROOT/loginfo
   U CVSROOT/modules
   U CVSROOT/notify
   U CVSROOT/rcsinfo
   U CVSROOT/taginfo
   U CVSROOT/verifymsg
   U CVSROOT/writers
We're going to make some changes to the checked-out files.
note: don't edit files IN the repository!

cd CVSROOT
Restrict cvs access to just yourself ...
CREATE a new file:

% vi writers
and ADD a line(s) for your authorized user(s):

================================
+++	'your_user_name'
================================

% cvs add writers
% cvs edit checkoutlist
ADD "writers" to your CVSROOT check-out list

% vi checkoutlist
================================
+++	writers
================================
Commit both changed files, adding a first comment

cvs commit -m "Added writers file, restricting access to developers" checkoutlist writers
Setup network access to CVS's pserver in NetINfo

% niutil -create . /services/cvspserver
% niutil -createprop . /services/cvspserver port 2401
% niutil -createprop . /services/cvspserver protocol tcp
Setup pserver for control by inetd

% vi /etc/inetd.conf
ADDing the following line ...

================================
+++	cvspserver	stream	tcp	nowait	root	/usr/bin/env env -i /usr/bin/cvs -f --allow-root=/usr/local/cvsrep pserver
================================
Note:
I suppose you can make like changes in xinetd as well ... I'm not certain of
the value of choosing inetd vs. xinetd, since both are called by
/System/Library/StartupItems/IPServices/IPServices Reload inetd's settings
(comments anyone?)

% kill -HUP `ps cax | grep inetd | awk '{ print $1 }'`
Now you're ready to IMPORT & use your production directory
assuming your "target"" directory is "/Library/WebServer/Documents" on the
same machine, and your source module name will be "web_production" ...

% cd /Library/WebServer/Documents
% setenv CVSROOT /usr/local/cvsrep
% cvs import web_production comment_text START
you should now see your newly created "web_production" project as a folder
in your cvs root, i.e.: "/usr/local/cvsrep/web_production"

for sanity's sake, move your EXISTING files temporarily out of the way

% mv /Library/WebServer/Documents/ /Library/WebServer/DocumentsORIG
and CHECKOUT/push your repository's tree for your production files

% cd /Library/WebServer
% cvs co -d Documents web_production
or, from any other machine via, e.g., ssh, to any location with an installed cvs client

% cvs -d :pserver:your_user_name@your_server.your_domain.com:/usr/local/cvsrep login
password: <-- (your user's password)
% cvs -d :pserver:your_user_name@your_server.your_domain.com:/usr/local/cvsrep co -d Documents web_production
Now Checkout, Commit, Fold, Spindle & Mutilate to your hearts' content ...

[ Reply to This | # ]
CVS Server from scratch, step-by-step ...
Authored by: ktappe on Sep 21, '04 11:59:26AM

> % kill -HUP `ps cax | grep inetd | awk '{ print $1 }'`

The above line doesn't work in Panther:
1. "-HUP' is not a supported option in Panther's "kill'. You must use "1".
2. Once you do substitute "1", the line succeeds...in rebooting the Mac.

-Kurt



[ Reply to This | # ]