Installing CVS
|
| < Free Open Study > |
|
To install CVS in its server mode, the client programs need to be installed. This is because CVS' server mode operates as an inetd service. The inetd "Internet superserver" was discussed in Chapter 4; in brief, inetd is a program that provides basic networking support for other programs, so that they don't have to manage their own networking support. The standard CVS client programs make use of this functionality to "transform" themselves into server software. This section will describe how to install the standard CVS programs, with appropriate support for server mode. The section "Configuring CVS" will describe how to configure the standard programs for the most popular server mode.
Compile-Time Options
Like most open source programs, CVS supports several compile-time options. As discussed in Chapter 7, a compile-time option is a parameter that hard-codes a particular property into the software at the time it is built. Typically, compile-time options are used to enable or disable particular bits of functionality.
The first option that needs to be set is the -prefix option. This option determines where the program binaries will ultimately be installed. Chapter 7 discussed the possible destinations for software-namely, /usr/local and /opt. Since the installation of CVS is a single installation consisting of pretty simple files that will only occasionally need to be updated (if ever), a good destination is /usr/local.
| Cross-Reference | For more information on choosing between /usr/local and /opt, see the section in Chapter 7 on "Deciding on a Destination. |
CVS supports compile-time options that enable or disable features related to the behavior of the client and server modes. Table 12-1 summarizes the major features supported by CVS, and lists the options for enabling and disabling them. Additional information can be obtained from running the command ./configure -help in the CVS root directory. (The ./configure command is the GNU autoconf tool also discussed in Chapter 7; the -help option displays information on supported options, and Table 12-1 is largely a summary of this information.)
 |
| FEATURE | ENABLING FLAG | DISABLING FLAG |
|---|---|---|
| Support for authentication via the Kerberos protocol[*] | -with-krb4=[path] | -without-krb4 |
| Support for authentication via the GSSAPI protocol[*] | -with-gssapi=[path] | -without-gssapi |
| Support for encryption of data in client/server mode when Kerberos is in use | -enable-encryption | -disable-encryption |
| Support for client mode | -enable-client | -disable-client |
| Support for server mode | -enable-server | -disable-server |
|
[*]Note: Options with a value of [path] must include a path to an installation of the corresponding library-for example, the Kerberos library. See the CVS documentation. | ||
|
Generally, the options boil down to enabling these three possibilities:
-
Client and server modes (via the -enable-client and -enable-server options)
-
Encryption of the data across the network (via the -enable-encryption option)
-
Alternative authentication mechanism such as Kerberos or GSSAPI
The vast majority of CVS installations will have both client and server enabled, most will have encryption enabled, and some will have the authentication mechanisms enabled.
Networks (such as a corporate or university network) that already use Kerberos or GSSAPI would benefit from those options; enabling them would permit an alternative to the rather insecure password server (pserver) mode to be used. Additionally, if Kerberos is in use, encryption can also be enabled. This prevents potentially valuable and secret material from being intercepted across the network. (Actually, it can still be intercepted, but since it's encrypted it can't be read.)
Most installations will require both client and server modes. However, an administrator could configure the CVS on workstations to contain only client support, whereas CVS on servers would contain only server support. This would prevent users from running CVS servers on their workstations and prevent users who log in to a server from running the CVS client. This functionality may be used to enforce a set of CVS usage policies, though it's not covered explicitly in this chapter.
For this example, I will show you how to enable client and server modes. You don't explicitly want Kerberos or GSSAPI support; however, if the libraries are already installed, you might as well use them, so you'll simply let the ./configure program detect their presence. (By default, ./configure will always auto-detect any features you don't explicitly include.) The following command is the command used to configure the software:
% ./configure --prefix=/usr/local --enable-client --enable-server
Installing from Source Code
Once the compile-time options have been selected and the ./configure program has been run, the software can be compiled. This section describes how to build and install the software. For CVS, this is quite simple.
Essentially, all you have to do is type make, followed by make install, as shown here:
% make % make install
Various build messages will scroll by as the software is compiled, and more messages will scroll by as CVS is copied to /usr/local.
If both commands complete without errors, CVS will now be installed! The section "Configuring CVS" later in this chapter will discuss how to configure CVS (via its run-time options) for actual use.
|
This book discusses how to install and configure CVS for pserver mode. However, CVS actually supports a number of different modes and even several different server modes. (For example, there are modes that use Kerberos authentication instead of passwords.) The pserver mode discussed in this book is probably the least secure way to use CVS.
However, pserver mode is the most popular, which is why this book discusses it. Administrators concerned about security (and especially administrators running a repository on a public network) should consult the CVS documentation on how to use the more secure modes.
|
|
| < Free Open Study > |
|
EAN: 2147483647
Pages: 159