Date: Fri, 1 Feb 2002 10:09:53 +0100 From: Daniel Lang <dl@leo.org> To: adminmail@heitec.net Cc: hubs@FreeBSD.org Subject: Re: FTP mirror; anonymous CVS Message-ID: <20020201100953.A90046@atrbg11.informatik.tu-muenchen.de> In-Reply-To: <20020201044900.3B8C9B8101@christel.heitec.net>; from bdluevel@heitec.net on Fri, Feb 01, 2002 at 05:49:00AM %2B0100 References: <20020130043616.BD197B8206@christel.heitec.net> <20020130131414.I81625@atrbg11.informatik.tu-muenchen.de> <20020201044900.3B8C9B8101@christel.heitec.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi,
Bernd Luevelsmeyer wrote on Fri, Feb 01, 2002 at 05:49:00AM +0100:
[..]
> I set up a MFS of 15 MB, and promptly ran out of the 2042 inodes.
> Oh well, it has 256 MB RAM so I gave it a 200 MB MFS with 350'000 inodes
> and tried again. Ports are worst, checkout being slightly in front of
> update. checkout needs 136 MB and 67'860 inodes, while update needs only
> 113 MB and 59'290 inodes. I was left with 12 MB of free RAM and a
> slightly swapping machine. I had to kill apache to make it run too. I
> can't do that often, it's the company's WWW and FTP server ;-)))
I just quote my line /etc/fstab, it's pretty much the one
John Polstra suggested:
/dev/da0s1b /anoncvstmp mfs rw,-s=786432,-b=4096,-f=512,-i=560,-c=3,-m=0,nosuid,nodev 0 0
This is sort of highly tuned, i.e. size is 384MB, lowest
possible block and fragment size, large amount of inodes, although
I'm not sure where 560 bpi comes from. Very few cylinders per group
and of course minfree=0.
> The temp directory will be on a real disk after all, I think ;-)
With 256MB RAM, well, yes.
>
>
> Btw I'm a little bit proud on the command line to check the /tmp size,
> here it is in the entire beauty:
:-)
[..]
> In an attempt to have it *really* read-only, I set up the inetd.conf
> line like this:
> cvspserver stream tcp nowait/1/5 nobody /usr/bin/cvs cvs \
> -f -R -T /var/tmp --allow-root=/home/ftp/repo pserver
I use pretty much the same, with an additional -l (don't log
into the history file, IIRC, we don't have one anyway).
Oh, and I've created a special user 'anoncvs' with no
rights for it. Abusing nobody for too many purposes gives
me a bad feeling...
> Now my theory is that the entire cvs thing will now run as 'nobody', and
> because of the -R and the existing but empty 'writers' file this nobody
> surely will never even attempt to write anything. Does this sound
> plausible?
Aye.
> I'd be glad if people willing to spend the time would test the cvs
> access; of course also feel free to break it, as I'm not sure I got it
> right; it's only the second anonymous cvs server I set up.
> Just in case someone didn't guess it, the CVSROOT is
> :pserver:anoncvs@cvsup.heitec.net:/home/ftp/repo
Seems to work, checkout showed no problems.
Bye,
Daniel
--
IRCnet: Mr-Spock - My name is Pentium of Borg, division is futile, you
will be approximated. -
*Daniel Lang * dl@leo.org * +49 89 289 25735 * http://www.leo.org/~dl/*
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hubs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020201100953.A90046>