From owner-freebsd-hubs Fri Jul 11 16:13:36 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id QAA08957 for hubs-outgoing; Fri, 11 Jul 1997 16:13:36 -0700 (PDT) Received: from austin.polstra.com (austin.polstra.com [206.213.73.10]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA08952 for ; Fri, 11 Jul 1997 16:13:31 -0700 (PDT) Received: from austin.polstra.com (jdp@localhost) by austin.polstra.com (8.8.5/8.8.5) with ESMTP id QAA18955 for ; Fri, 11 Jul 1997 16:13:30 -0700 (PDT) Message-Id: <199707112313.QAA18955@austin.polstra.com> To: hubs@freebsd.org Subject: CVSup mirrors and version 15.1 Date: Fri, 11 Jul 1997 16:13:03 -0700 From: John Polstra Sender: owner-hubs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Just a quick note to mildly nag those of you running CVSup servers to upgrade to the new version 15.1 that I released last night. There are a number of improvements, but here are the main reasons you should upgrade: * It solves the problem that cropped up recently in which files that CVS thought were dead kept coming back via CVSup checkout mode updates. (See the thread "CVS Branches hits again!" in the FreeBSD-current mailing list.) The solution is in the server, which means that your clients are at your mercy to upgrade. * It supports a new "multiplexed" mode of operation which should solve The Firewall Problem for a lot of clients. * It fixes a potentially nasty security problem. Under certain circumstances, it was possible for a file's setuid and/or setgid bits to be transferred even though the owner/group were not. Since the clients often run as root, this meant that a setuid file owned by Joe Blow on the server host would become a setuid-to-root file on the client. Not nice. I put fixes for this into both the client and the server, and all the US servers are already upgraded. So you are already reasonably protected. But wouldn't you feel better running a client that protected you, so you wouldn't have to trust somebody else's server? * It includes a fix to make the "mail-archive/current" collection work well. As you might remember, I announced that there were problems with it before. It's OK again now, with the new version. The problem was that the very large files in that collection would often receive further appends on the server in mid-transfer to the client. CVSup didn't deal with the changing size well at all, and it caused failed updates which didn't recover properly. It's fixed now, and with the new version the "mail-archive" collection works fine. One other request: Please modify your script that runs cvsupd to use the new "-e" option. The option makes the server leave open its stdout and stderr files even when it becomes a daemon. Suggested usage is like this: out=/var/tmp/cvsupd.out su -m ${user} -c \ "cvsupd -e -C ${maxclients} -l @${facility}" >>${out} 2>&1 With this, if you ever get a core dump from your server, I can get a lot of clues by looking at your "/var/tmp/cvsupd.out" file. By the way, if you're thinking of moving the redirection inside the quote marks, keep in mind that you probably need to use csh syntax in there. The "su -m" makes it use root's login shell. I will upgrade the cvsup-mirror port to do something like this. John -- John Polstra jdp@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Self-knowledge is always bad news." -- John Barth