Commit Graph

18 Commits

Author SHA1 Message Date
John Polstra
72d03e0fab Set the umask explicitly to 002 in the supfile. This prevents
permission problems in case "/etc/profile" sets it to something
else.

Discovered by:	Dag-Erling Smorgrav <des>
2000-09-13 18:11:48 +00:00
John Polstra
6d296c9994 Update the cvsup-mirror port to reflect the fact that crypto isn't
a special case any more.
2000-07-09 17:57:33 +00:00
John Polstra
8ecbd3b062 Remove src-crypto-rsa. It doesn't exist any more. 2000-07-03 22:57:53 +00:00
Andrey A. Chernov
560b15f8d5 Add src-crypto-rsa 2000-06-29 14:21:33 +00:00
John Polstra
3d21afad7b Add "exec" to the beginning of commands passed to "su ... -c ...".
With some shells (csh in particular) this eliminates a useless
process waiting for the command to finish.

Submitted by:	Mikhail Teterin <mi@privatelabs.com>
2000-06-21 05:00:15 +00:00
Akinori MUSHA
8e6405e403 Make update.sh accept command line options that are passed to CVSup.
Now users can schedule CVSup e.g. as follows:

    45 0-6,8-23 * * * root nice -15 /usr/local/etc/cvsup/update.sh -s
    45 7        * * * root nice -15 /usr/local/etc/cvsup/update.sh

Approved by:	John Polstra <jdp@polstra.com>
2000-04-24 14:01:58 +00:00
John Polstra
9a07481b47 Add "-f" to all "su" invocations for better behavior when the login
shell is csh.

Submitted by:	ache
2000-03-05 18:40:28 +00:00
John Polstra
f6cddec5fb Set the HOME environment variable properly when running cvsup, so
the authentication key file can be found in "~/.cvsup/auth".
2000-02-11 04:23:24 +00:00
John Polstra
6f6eb6138a Fix bug: mirroring crypto/non-crypto from different sources was broken.
Submitted by:	Christian Weisgerber <naddy@mips.rhein-neckar.de>
2000-02-06 00:15:15 +00:00
John Polstra
1526b6c237 Use the ISO date format in the "CVSup update {begins,ends}" messages.
Use "%T" instead of the equivalent "%H:%M:%S".

Submitted by:	Christian Weisgerber <naddy@mips.rhein-neckar.de>
2000-02-06 00:13:52 +00:00
John Polstra
3176ec22e7 This is a fairly substantial upgrade of the cvsup-mirror port. In
honor of the occasion I have bumped the version number to 1.1.

The port now depends upon the cvsup-bin and cvsupd-bin ports rather
than on the more trouble-prone cvsup port.

The CVSup server is run with "-C 100" (max. 100 clients at a time)
and the true limit is set in the "/usr/local/etc/cvsup/cvsupd.access"
file.  This is nice because you can change the limit by editing
the file; you don't have to restart the server.  The cvsupd.access
file also contains a rule to limit each individual host to one
connection at a time.

The CVSup client is now run under its own unprivileged user ID
instead of root.  This is a security enhancement.  It makes it
impossible for a compromised master site to install files into
places outside the mirror area of the filesystem.  The permissions
of various other files such as /usr/local/etc/cvsup have also been
strengthened to enhance security.

Both client and server now cd to /var/tmp to run, so that if they
decide to croak they'll be able to write the core file. :-)

The /usr/local/etc/rc.d/cvsupd.sh script now honors the "start"
and "stop" arguments.

The configure script no longer attempts to tell you the sizes of
the various collections.  That's impossible to maintain.  When I
have time I plan to make a web page where one can obtain that
information from an automatically-updated source.  Then I will
reference the URL in the configure script.

It is possible to upgrade an existing cvsup-mirror-1.0 installation
to this new version, but it is tricky because of the change in
ownership of the mirrored files.  I will post instructions to the
freebsd-hubs mailing list after I make sure I have the procedure
just right.
2000-01-28 06:42:37 +00:00
John Polstra
61c323b40d Consolidate the cvsup options into one place in the script.
Check the exit status of cvsup, and don't start the server until an
update has successfully run to completion.
2000-01-14 04:53:10 +00:00
John Polstra
a7dc76b0aa Install a "refuse" file to protect the mirror's scripts and
configuration files from a malicious or compromised master site.
2000-01-14 04:39:57 +00:00
John Polstra
30dc8072b7 Pass the "-b base" option when running cvsup, so it will work even
if installed somewhere other than /usr/local.

Submitted by:	Dag-Erling Smorgrav <des@yes.no>
2000-01-12 05:26:45 +00:00
John Polstra
d728e30b72 Update for new release of CVSup.
Approved by:	asami (just barely)
1998-03-24 04:41:44 +00:00
John Polstra
d173bd5e46 When sourcing "config.sh" in shell scripts, specify it as "./config.sh"
to prevent the shell from searching the PATH for the file.

Submitted by:	David Quattlebaum <sasdrq@unx.sas.com>
1998-02-12 01:14:02 +00:00
John Polstra
f08936d579 Direct cvsupd's stdout and stderr into "/var/tmp/cvsupd.out" for
better crash diagnosis.  May it never get tested, ha ha ha.

Eliminate the lite2 and smp releases of the src-sys collection.

Add the new mail-archive collection.

Run cvsup with the "-1" flag to disable automatic retries.  Let cron
take care of that.

State in DESCR that version 15.1 or later of CVSup is required.
1997-07-16 20:59:55 +00:00
John Polstra
a2fac24797 The cvsup-mirror port, a kit that makes it easy to set up a FreeBSD
mirror site.
1997-02-02 04:11:35 +00:00