mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-04 19:33:18 +00:00
2f07530612
r=justdave
146 lines
5.1 KiB
Plaintext
146 lines
5.1 KiB
Plaintext
This is Despot, mozilla.org's system of managing users.
|
|
|
|
Maybe you'll find it useful, but for now, we're just concentrating on
|
|
developing it for our own needs.
|
|
|
|
So don't expect a lot of help from us in understanding this code...
|
|
|
|
---------------------------------------------------------------------
|
|
|
|
INSTALLATION:
|
|
|
|
See the Bugzilla README; you'll need to install at least MySQL, Perl,
|
|
and the MySQL-related Perl module collection as documented there.
|
|
You'll need a relatively new version of MySQL: 3.20.32a is known not
|
|
work; 3.22.32 is.
|
|
|
|
You'll may also need to build a version of CVS with the patch in
|
|
cvs_user.patch applied. I found cvs_user.patch in archives on the
|
|
net; unfortunately I didn't keep track of where. However, the CVS
|
|
repository for CVS itself now has this patch applied, so if your
|
|
copy of CVS is new enough, this may not be necessary.
|
|
|
|
# create a database called mozusers:
|
|
|
|
mysqladmin -p create mozusers
|
|
|
|
# create the tables
|
|
|
|
./maketables.sh
|
|
|
|
# insert a user with despot powers (probably yourself) and a daemon
|
|
# user (for despot to do updates and synchronization) into the users
|
|
# table of the mozusers database.
|
|
|
|
mysql mozusers
|
|
|
|
mysql> insert users set id=1, email="dmose@mozilla.org",
|
|
realname="Dan Mosedale", passwd="",
|
|
gila_group="cvsadm", cvs_group="cvsadm", despot="Yes",
|
|
neednewpassword="Yes", disabled="No", voucher=1,
|
|
signedform="No";
|
|
|
|
mysql> insert users set id=2, email="despotdaemon@foo.com",
|
|
realname="The Despot Daemon", passwd="",
|
|
gila_group="cvsadm", cvs_group="cvsadm", despot="No",
|
|
neednewpassword="Yes", disabled="No", voucher=1,
|
|
signedform="No";
|
|
|
|
# go to the webserver where you've got this set up and change the
|
|
# passwords for both of these accounts
|
|
|
|
# get anoncvs from the friedman-branch-openbsd-rel-1997-10-13
|
|
# branch. edit as appropriate, build, and install cvspserversh.
|
|
|
|
# on the cvs servers, create a cvsadm group, and a cvsadm user in that
|
|
# group. they should both have a shell of cvspserversh.
|
|
|
|
# set up 2 cvs repositories,
|
|
|
|
cvs -d /path/to/repos1 init
|
|
cvs -d /path/to/repos2 init
|
|
|
|
# create a passwd file in both CVSROOT directories and add a user in
|
|
# both places that the despotdaemon will use to do its checkins.
|
|
# the file will contain a single line that looks just like the
|
|
# following. the first field should be an email address with @ replaced by
|
|
# %, and the second field is an already crypt()ed representation of a
|
|
# password, just like the one used in /etc/passwd. the third field is
|
|
# the unix group (this group needs to have write access to the
|
|
# CVSROOT/passwd files. (don't use foo.com; use a working email address at
|
|
# your local site)
|
|
|
|
despotdaemon%foo.com:$1$2Zjkl2kjjgvGGapOsss7CLmocwX620:cvsadm
|
|
|
|
# make sure the repositories are owned by the cvsadm user
|
|
# and group. turn on the setgid bit on all directories for appropriate
|
|
# group inheritance semantics (assuming your unix supports this).
|
|
|
|
find . -type=d -print | xargs chmod g+s /path/to/repos1 /path/to/repos2
|
|
chown -R cvsadm.cvsadm /path/to/repos1 /path/to/repos2
|
|
|
|
# create binary ,v files by doing an RCS checkin of the files in both places.
|
|
# note that there are problems using the passwd strings from /etc/shadow
|
|
# on linux. the strings from /etc/shadow on solaris 2.6 machines seem to work
|
|
# however.
|
|
#
|
|
rcs -i -kb passwd
|
|
ci -u passwd
|
|
|
|
# if you're using cvs pserver, add the following line to
|
|
# /etc/inetd.conf. this particular config line assumes tcpd is installed.
|
|
|
|
cvspserver stream tcp nowait dmose /usr/sbin/tcpd /usr/bin/cvs --allow-root=/path/to/repos1 --allow-root=/path/to/repos2 pserver
|
|
|
|
# test (at least one of) your repositories
|
|
|
|
env CVSROOT=:pserver:despotdaemon%foo.com@127.0.0.1:/path/to/repos1 cvs login
|
|
env CVSROOT=:pserver:despotdaemon%foo.com@127.0.0.1:/path/to/repos1 cvs co /
|
|
|
|
# add entries for your repositories to the repositories table in the database
|
|
#
|
|
|
|
mysql mozusers
|
|
|
|
mysql> insert repositories set id=2, name="gila", cvsroot=
|
|
":pserver:despotdaemon%foo.com@127.0.0.1:/export/despot/repos/fake-gila",
|
|
domailing=0;
|
|
|
|
mysql> insert repositories set id=3, name="cvs", cvsroot=
|
|
":pserver:despotdaemon%foo.com@127.0.0.1:/export/despot/repos/fake-lizard"
|
|
, ownersrepository=2, ownerspath="owners.html", domailing=0;
|
|
|
|
# add default partitions for both repositories
|
|
#
|
|
mysql> insert partitions set id=1, name="default", repositoryid=2,
|
|
state="Open", branchid=1;
|
|
|
|
mysql> insert partitions set id=4, name="default", repositoryid=3,
|
|
state="Open", branchid=1;
|
|
|
|
|
|
# make sure the commitcheck.pl actually gets called. do this in both
|
|
# repositories
|
|
#
|
|
cd CVSROOT
|
|
co -l commitinfo
|
|
echo 'ALL\t$CVSROOT/CVSROOT/commitcheck.pl' >> commitinfo
|
|
ci -u commitinfo
|
|
|
|
# XXX create a .cvspass somewhere OTHER THAN in the directory where you
|
|
# want to run despot. you also need to modify the path to that in at least one
|
|
# of the scripts.
|
|
|
|
# create null copies of commitcheck.pl in both repositories (repeat the
|
|
# steps below for the second repository as well)
|
|
#
|
|
cd /path/to/repos1/CVSROOT
|
|
touch commitcheck.pl
|
|
chmod 775 commitcheck.pl
|
|
chown cvsadm *
|
|
ci -u commitcheck.pl
|
|
|
|
# XXX add lines for passwd and commitcheck.pl to checkout in both repositories
|
|
|
|
# XXX edit CVSROOT/config and set stuff like SystemAuth=no
|