Date: Fri, 11 Jul 1997 16:13:03 -0700 From: John Polstra <jdp@polstra.com> To: hubs@freebsd.org Subject: CVSup mirrors and version 15.1 Message-ID: <199707112313.QAA18955@austin.polstra.com>
next in thread | raw e-mail | index | archive | help
Just a quick note to mildly nag those of you running CVSup servers
to upgrade to the new version 15.1 that I released last night.
There are a number of improvements, but here are the main reasons
you should upgrade:
* It solves the problem that cropped up recently in which files that
CVS thought were dead kept coming back via CVSup checkout mode
updates. (See the thread "CVS Branches hits again!" in the
FreeBSD-current mailing list.) The solution is in the server, which
means that your clients are at your mercy to upgrade.
* It supports a new "multiplexed" mode of operation which should
solve The Firewall Problem for a lot of clients.
* It fixes a potentially nasty security problem. Under certain
circumstances, it was possible for a file's setuid and/or setgid
bits to be transferred even though the owner/group were not. Since
the clients often run as root, this meant that a setuid file owned
by Joe Blow on the server host would become a setuid-to-root file on
the client. Not nice. I put fixes for this into both the client
and the server, and all the US servers are already upgraded. So you
are already reasonably protected. But wouldn't you feel better
running a client that protected you, so you wouldn't have to trust
somebody else's server?
* It includes a fix to make the "mail-archive/current" collection
work well. As you might remember, I announced that there were
problems with it before. It's OK again now, with the new version.
The problem was that the very large files in that collection would
often receive further appends on the server in mid-transfer to the
client. CVSup didn't deal with the changing size well at all, and
it caused failed updates which didn't recover properly. It's fixed
now, and with the new version the "mail-archive" collection works
fine.
One other request: Please modify your script that runs cvsupd to
use the new "-e" option. The option makes the server leave open its
stdout and stderr files even when it becomes a daemon. Suggested
usage is like this:
out=/var/tmp/cvsupd.out
su -m ${user} -c \
"cvsupd -e -C ${maxclients} -l @${facility}" >>${out} 2>&1
With this, if you ever get a core dump from your server, I can get a
lot of clues by looking at your "/var/tmp/cvsupd.out" file. By the
way, if you're thinking of moving the redirection inside the quote
marks, keep in mind that you probably need to use csh syntax in
there. The "su -m" makes it use root's login shell.
I will upgrade the cvsup-mirror port to do something like this.
John
--
John Polstra jdp@polstra.com
John D. Polstra & Co., Inc. Seattle, Washington USA
"Self-knowledge is always bad news." -- John Barth
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199707112313.QAA18955>