Using CVS to Manage a Web Site - A Guide For System Administrators

Contents

Linux Server Setup

There are many ways to set up a CVS server. One of the big choices is whether to allow pserver mode (which lets you avoid giving shell accounts to CVS-only users, but is full of security holes), or to give shell accounts to the users, and make them log in via ssh (which is nice and secure, but requires users who know how to use ssh). Every approach requires care, since CVS was not written for security. The pessimist would say that the only safe way to run CVS is to never give it root privileges, to run it in a chroot jail, and to apply all possible security patches. You give up some flexibility this way, but gain a modicum of assurance that hackers won't take down your machine.

I'm fairly pessimistic, so that's how I'm running it. Here's what I did. (Note: I'm still verifying that these instructions work, so caveat emptor.)

Linux Client Setup

Importing Your Site Into CVS

I've chosen here to get started with CVS without disturbing the existing web site by setting up the CVS server on a different machine than the web server, and not running any CVS commands at all on the real web server at first. This involves the extra step of downloading the site to a client machine so it can be imported into CVS.

Linux Web Server Setup

If there is a web server running on the CVS server, you can set up the server to update a copy of the web site from CVS every five minutes as follows:

Web pages regarding CVS and the web

Web Pages regarding CVS Server Security

See Also

Using CVS to Manage a Web Site - A Guide For Web Developers

Thanks

This page would have been must harder to write without the pages from Samba.org and unixtools.org documenting how they set up chroot jails for CVS. Much of this material is directly copied from those sites. Thanks also for suggestions from info-cvs and lula, and corrections from Chris Smith.


Last updated: 18 June 2001
Copyright 2000 Dan Kegel

[Back to CVS]