AUTOMAKE_OPTIONS = foreign
-bin_PROGRAMS = banned chrootsh ushell
+bin_PROGRAMS = banned chrootsh ushell cvssh
man_MANS = banned.8 chrootsh.8 ushell.1
INCLUDES = \
--- /dev/null
+.TH cvssh 1 "21 April 1999" "Local tools"
+.SH NAME
+cvssh \- quick shell for anonymous CVS servers
+.SH SYNOPSIS
+.B cvssh
+.SH DESCRIPTION
+The
+.B cvssh
+is intended to be used as the login shell of an anonymous CVS server
+account. It's not terribly useful in the outside world, because it
+requires a patched version of CVS which I haven't released.
+.SH ANONYMOUS CVS
+Suppose you want to set up a CVS repository in
+.B /home/cvs/cvs
+with the anonymous user
+.BR anoncvs .
+The following steps will get this done:
+.IP " 1."
+Make the directory
+.B /home/cvs
+owned by
+.B root
+with mode 755, and execute
+.sp 1
+.RS 10
+.nf
+.ft B
+cvs -d /home/cvs/cvs init
+.ft R
+.fi
+.RE
+.IP ""
+to create the repository.
+.IP " 2."
+Add a user
+.B anoncvs
+with a disabled password, shell set to
+.B chrootsh
+and home directory set to
+.BR /home/cvs/./cvs .
+.IP " 3."
+As the super-user, run the following commands:
+.PP
+.RS 10
+.nf
+.ft B
+# cd /home/cvs
+# mkdir -m 711 bin dev etc lib
+# mkdir -m 1777 tmp
+.ft R
+.fi
+.RE
+.IP ""
+You may need some other directories as well. For example, Digital Unix
+users will want to make
+.B shlib
+and
+.B sbin
+for the shared library system to work properly.
+.IP " 4."
+Copy the programs
+.BR cvs ,
+.B gzip
+and
+.B sh
+into
+.BR /home/cvs/bin .
+If your version of
+.B /bin/sh
+is really the Free Software Foundation's
+.B bash
+in disguise (e.g., you're a Linux user) then you're probably better off
+installing something lighter-weight like the FreeBSD shell (available in
+a guise called
+.B ash
+with Debian GNU/Linux). It's smaller and doesn't need as many shared
+libraries.
+.IP ""
+Also copy in the
+.B cvssh
+binary.
+.IP " 5."
+Copy in the shared libraries needed. If you have an
+.B ldd
+binary handy, run
+.sp 1
+.RS 10
+.nf
+.ft B
+# ldd bin/*
+.ft R
+.fi
+.RE
+.IP ""
+and copy in what it tells you to. Otherwise you'll have to find things
+out the hard way by looking at error messages. Do any other
+configuration your shared library system needs or desires here. For
+example, Linux users should run
+.sp 1
+.RS 10
+.nf
+.ft B
+# ldconfig -n -r/home/cvs /lib
+.ft R
+.fi
+.RE
+.IP ""
+to make a cache file for the shared loader.
+.IP " 6."
+Make any devices needed in the
+.B /dev
+directory. For Linux, that probably involves
+.sp 1
+.RS 10
+.nf
+.ft B
+# mknod -m666 dev/null c 1 3
+# mknod -m666 dev/zero c 1 5
+.ft R
+.fi
+.RE
+.IP ""
+Other operating systems will, of course, be different.
+.IP " 7."
+Edit the password and group files the
+.B etc
+directory. My versions are extremely minimal. The important thing is
+that the
+.B anoncvs
+user should have an entry like the one in the main password database but
+with home directory
+.B /cvs
+and shell
+.BR /bin/cvssh .
+The
+.B passwd
+file should contain no passwords or other useful information. Only put
+other users in the files if you really feel like it.
+.IP " 8."
+Finishing touches. Run the command
+.sp 1
+.RS 10
+.nf
+.ft B
+# touch cvs/.hushlogin
+.ft R
+.fi
+.RE
+.IP ""
+to make sure that logging in doesn't spew junk everywhere.
+Also, if you're planning on using SSH, do
+.sp 1
+.RS 10
+.nf
+.ft B
+# mkdir cvs/.ssh
+# touch cvs/.ssh/rc
+.ft R
+.fi
+.RE
+.IP ""
+to make SSH stop trying to play silly games with
+.BR xauth .
+.IP " 9."
+Relax. You're done.
+.SH BUGS
+None planned.
+.SH "SEE ALSO"
+.BR chrootsh (8),
+.BR cvs (1).
+.SH AUTHOR
+Mark Wooding (mdw@nsict.org)
--- /dev/null
+/* -*-c-*-
+ *
+ * $Id: cvssh.c,v 1.1 1999/04/21 09:04:24 mdw Exp $
+ *
+ * Login shell for an anonymous CVS user
+ *
+ * (c) 1999 Mark Wooding
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of the background resolver (resolve).
+ *
+ * resolve is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * resolve is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with resolve; if not, write to the Free Software Foundation,
+ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+/*----- Revision history --------------------------------------------------*
+ *
+ * $Log: cvssh.c,v $
+ * Revision 1.1 1999/04/21 09:04:24 mdw
+ * Add `cvssh' shell for anonymous CVS support.
+ *
+ */
+
+/*----- Header files ------------------------------------------------------*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <sys/types.h>
+#include <netdb.h>
+#include <unistd.h>
+#include <pwd.h>
+#include <sys/utsname.h>
+
+/*----- Main code ---------------------------------------------------------*/
+
+const static char help[] = "\
+Welcome to the anonymous CVS server.\n\
+\n\
+To use the CVS server, set your `CVSROOT' environment variable to\n\
+`%s@%s:%s', and use the `cvs checkout' and `cvs update'\n\
+commands. See the manual for more information on how to use CVS.\n\
+";
+
+void dummy(void)
+{
+ char *p;
+ char *host;
+ char *home;
+
+ home = getenv("HOME");
+ p = getenv("USER");
+
+ if (!p || !home) {
+ struct passwd *pw = getpwuid(getuid());
+ if (!p)
+ p = (pw ? pw->pw_name : "anoncvs");
+ if (!home)
+ home = (pw ? pw->pw_dir : "/cvs");
+ }
+
+ {
+ struct utsname u;
+ struct hostent *h;
+ uname(&u);
+ h = gethostbyname(u.nodename);
+ if (h)
+ host = h->h_name;
+ else
+ host = u.nodename;
+ }
+
+ printf(help, p, host, home);
+ exit(0);
+}
+
+int main(int argc, char *argv[])
+{
+ if (argc == 2 && (strcmp(argv[1], ".ssh/rc")) == 0)
+ exit(0);
+ if (argc != 3 || strcmp(argv[1], "-c") || strcmp(argv[2], "cvs server"))
+ dummy();
+ execl("/bin/cvs", "cvs", "-A", "server", (char *)0);
+ perror("cvssh (exec)");
+ exit(1);
+}
+
+/*----- That's all, folks -------------------------------------------------*/
~mdw / shells / commitdiff