The second way of installation is convenient when you have almost dedicated CVS-machine and all your developers have system accounts on this machine. This configuration uses system authentication with plain `/etc/passwd' file, or with shadow passwords, or with PAM (Pluggable Authentication Modules) which by itself gives you very flexible way of authenticating your users.
In this case all access to repositories is administered on operating system or file system level. You can use whatever features your system provides and CVS does not even try to do something extra.
To install the password server with system authentication edit your `/etc/inetd.conf' and add the following line to it (formatted to fit the screen):
2401 stream tcp nowait root /usr/local/bin/cvs-pserver cvs-pserver /repos1 /repos2 -- /usr/local/bin/checkpassword /usr/local/bin/cvs pserver
If your inetd wants a symbolic service name
instead of a raw port number, then put this in
`/etc/services':
cvspserver 2401/tcp
and put cvspserver instead of 2401 in
`inetd.conf'.
Restart your inetd or make it to re-read its
configuration file.
Here `/usr/local/bin/cvs-pserver' is a small
binary that reads username and password from the
network and then executes authentication program that
conforms to checkpassword interface described at
http://cr.yp.to/checkpassword.html.
Here `checkpassword' can be either the simplest authentication program that uses plain old `/etc/passwd' or shadow passwords, or it could be PAM (Pluggable Authentication Modules)-enabled program that could do whatever the PAM framework allows. (See `README.checkpassword' in distribution for information on how to obtain suitable `checkpassword').
When using PAM-enabled `checkpassword' (See `README.checkpassword' in distribution for information on how to obtain one) use the following line in `/etc/inetd.conf':
2401 stream tcp nowait root /usr/local/bin/cvs-pserver cvs-pserver /repos1 /repos2 -- /usr/local/bin/checkpassword-pam cvspserver /usr/local/bin/cvs pserver
Please note that `checkpassword-pam' takes
additional argument that specifies the name of the
service for the PAM configuration file. I. e., when
using `/usr/local/bin/checkpassword-pam
cvspserver' file `/etc/pam.d/cvspserver' will
contain the PAM configuration for cvs pserver.
Go to the first, previous, next, last section, table of contents.