GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  CVSUPD.CLASS (5)

NAME

cvsupd.class - client class based access restrictions on CVSup collections

CONTENTS

Description
Patterns
Attributes
Implementation Notes
Files
Examples
See Also
Authors
Bugs

DESCRIPTION

cvsupd.class is the configuration file read by the cvsupd(8) daemon to specify access rights and restrictions to collections of files based on the class of the client. If cvsupd.class does not exist, cvsupd grants free access to all collections by default.

The cvsupd.class file resides in the base directory of the cvsupd server. By default, the base directory is /usr/local/etc/cvsup, but the location can be overridden with the -b option to cvsupd.

The cvsupd.class file contains specifications of client classes with a syntax similar to other configuration files such as /etc/printcap and /etc/login.conf. Comment lines beginning with #’ are ignored, as are empty lines. All other lines are considered to contain class specifications. Each line contains a single class specification. Long lines can be broken up by using the backslash (‘\’) as a continuation character at the end of the line.

A class specification consists of fields separated by colons (‘:’). The first field of each entry contains the name of the class. The remaining fields contain attribute-value pairs in the form attribute = value’. Empty fields and fields containing only white space are ignored.

PATTERNS

Many of the values consist of comma-separated lists of patterns. Patterns are by default shell-style patterns as described in sh(1), using the wild card constructs *’, ?’, and [...]’. Unlike sh(1), however, there is no special treatment for /’ or for leading .’ characters. That is, these characters are matched by wild cards just the same as other characters.

If a pattern begins with +’ then it is instead interpreted as a regular expression. The leading +’ is removed and the regular expression is anchored implicitly, as if it began with ^’ and ended with $’. To begin a shell-style pattern with +’, use [+]’.

If a pattern is preceded by !’ then it is negated. A negated pattern selects whatever the pattern does not match. When negating a regular expression pattern, the !’ should come first, followed by the +’.

For more complex matching, patterns can be combined into comma-separated lists. The patterns in a list are applied in order from left to right. Later patterns override the earlier ones; i.e., the last match wins. For example, the pattern list f*,!fu*’ would match all strings beginning with f’ except for those beginning with fu’.

ATTRIBUTES

The following attributes apply to all collections:

collections = patternlist
  Clients in this class will only be able to access collections that are matched by the pattern list. Other collections will be treated as if they did not exist.
collection-dirs = patternlist
  Clients in this class will only be able to access collections in subdirectories matched by the pattern list. Other collections will be treated as if they did not exist.

These subdirectories are relative to the server’s base directory. By default the server looks for collections in a single subdirectory sup, but a list of subdirectories can be specified on the command line with the -c option. The collection-dirs specification is applied to that list. In other words, collection-dirs can be used to eliminate certain subdirectories for a given class, but it cannot be used to add new subdirectories which were not specified on the command line.

The remaining attributes apply only to collections containing RCS files:

branches = patternlist
  Only branches matched by the pattern list will be visible to clients in this class. Valid branch names are all special CVS branch tags and the literal ’. which specifies the main branch of the revision tree.
.Sm off
branches/ collection = patternlist
 
.Sm on This attribute can be used to further refine the branches specification for a specific collection. The given pattern list is appended to the end of the branches pattern list, and the result is used to control which branches are visible in the specified collection. Note: collection must be the exact name of a collection; it is not a pattern.
tags = patternlist
  Only tags matched by the pattern list will be visible to clients in this class.
.Sm off
tags/ collection = patternlist
 
.Sm on This attribute can be used to further refine the tags specification for a specific collection. The given pattern list is appended to the end of the tags pattern list, and the result is used to control which tags are visible in the specified collection. Note: collection must be the exact name of a collection; it is not a pattern.
opaque-collections = patternlist
  All collections matched by the pattern list will be treated as opaque. In an opaque collection, certain branches and tags are hidden from the client.

Normally the opaque collections are determined automatically, based on the values of other attributes. The opaque-collections attribute is provided for completeness, but it is not expected to be needed.

Finally, each class specification may contain this attribute:
default = class
  Any attributes not specified for the current class will be copied from the class named by the default attribute. The named class must have already been defined earlier in the cvsupd.class file; forward references are not allowed.

If a class has no default attribute specification, its defaults are taken from the class named default’. The default’ class may be defined in cvsupd.class as the first entry in the file. If it is missing, the server provides a default’ class which gives free access to all collections, equivalent to the following:

default:\
  :collections=*:\
  :collection-dirs=*:\
  :branches=*:\
  :tags=*:\
  :opaque-collections=!*:

IMPLEMENTATION NOTES

The implementation of the class concept is currently contained completely in the CVSup server cvsupd. Information about hidden collections and non-visible branches of partially hidden collections is never communicated to the client. For partially hidden RCS files, the server pretends not to know anything about deltas, tags, and branches that are not visible for the client.

Due to the structure of RCS files, it is only possible to hide parts of branches from the branch point on the main trunk to the tip of the branch onwards, and the top part of the main trunk (on which no other exported branches may reside).

When the export status of a collection changes, the client will not get any new deltas that weren’t visible to it before by default, because the file attributes (including the modification time) will probably not have changed. Thus in these cases it is necessary to force the server to perform a complete detailed comparison of all RCS files. As currently no meta-information about the export status of collections is kept at the client, there is no way to automate this procedure. As a workaround, both the client and the server have been extended to recognize the -x command line option, which enforces the complete compare. The option only needs to be given to the server or the client, not to both.

If the cvsupd.class file changes, the server needs not to be restarted or informed via a signal; the new information will automatically be used for the next client connection.

FILES

/usr/local/etc/cvsup Default base directory.
/usr/local/etc/cvsup/cvsupd.class Client class based access rights/restrictions
/usr/local/etc/cvsup/cvsupd.access
  Network/host based access rights/restrictions
/usr/local/etc/cvsup/cvsupd.passwd
  CVSup password database

EXAMPLES

The following example grants default access to all collections containing the string pub’ in their names as well as to the src-base’ collection:
default:\
  :collections=*pub*,src-base:\
  :branches=*:\
  :tags=*:

In the next example, all collections except those whose names begin with ‘‘pr_’’ and ‘‘ex_’’ are exported by default:

default:\
  :collections=!pr_*,!ex_*:

Here is a specification for a guest class that exports all collections whose names contain only letters. Access to these collections is unrestricted, except for the collection flash’, from which only the stable release branches and corresponding tags are exported:

guest:\
  :collections=+[A-Za-z]*:\
  :branches=*:\
  :tags=*:\
  :branches/flash=!*,release_flash_?_?_stable:

SEE ALSO

co(1), cvpasswd(1), cvs(1), cvsup(1), cvsupd(8), cvsupd.passwd(5).

http://www.cvsup.org/

AUTHORS


.An John Polstra Aq jdp@polstra.com ,
.An Olaf Wagner Aq wagner@elego.de .

BUGS

  • Checkout mode for partially hidden collections is currently not implemented.
  • In exact mode (which is no more cleared by default for partially hidden collections) the algorithm used for tags often leads to unnecessary delete tag/add tag sequences when the export status of tags and/or branches changes.
  • Probably many more as the implementation has not been extensively tested yet.
Search for    or go to Top of page |  Section 5 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.