1 |
On Friday 02 of January 2009 22:53:36 Robin H. Johnson wrote: |
2 |
> On Fri, Jan 02, 2009 at 01:40:09PM -0800, Alec Warner wrote: |
3 |
> > How hard would it be to change permissions on the ,v file for this and |
4 |
> > just run the use.local.desc updater as a user with different |
5 |
> > privileges? |
6 |
> |
7 |
> It does have different permissions. It's the directory permissions that |
8 |
> matter however. I already tried the file permissions. If we want to |
9 |
> truly block it while not affecting commits to the rest of the directory, |
10 |
> we need to add CVS ACLS, which I've been meaning to do, but just never |
11 |
> got around to. |
12 |
> |
13 |
> CVS does (the short version): |
14 |
> 1. Take a file-based lock (#A) for the target ,v file. |
15 |
> No writes permitted, reads are permitted. |
16 |
> 2. Build the new version of the ,v in the temp space. |
17 |
> 3. Copy the new version to a different name in the target directory. |
18 |
> 4. Upgrade lock #A, no reads permitted now. |
19 |
> 5. unlink the old ,v file |
20 |
> (the kernel checks the directory permissions, not the file perms). |
21 |
> 6. rename the new file into place. |
22 |
> 7. Release lock #A. |
23 |
|
24 |
What about creating a hook that checks if commited file is the one in question |
25 |
and fails the commit, if true? I don't know much about cvs hooks, however in |
26 |
svn it would be simple to setup. |