Annotation of www/anoncvs.html, Revision 1.117
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.93 deraadt 4: <title>OpenBSD AnonCVS</title>
5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="How to get OpenBSD updates via Internet using Anonymous CVS">
8: <meta name="keywords" content="openbsd,anoncvs,updates">
9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 1996-1998 by OpenBSD.">
1.1 deraadt 11: </head>
12:
1.14 downsj 13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
1.1 deraadt 14:
1.58 pauls 15: <img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
1.93 deraadt 16: <p>
17: <h2><font color=#e00000>Anonymous CVS</font><hr></h2>
1.14 downsj 18:
1.100 ericj 19: <p>
20: <ul><h3>Table Of Contents</h3>
21: <li><a href="#anoncvs">What is Anonymous CVS?</a>
22: <li><a href="#CVS">What is CVS?</a>
23: <li><a href="#starting">Getting Started Using Anonymous CVS.</a>
24: <li><a href="#using">Using CVS to Get and Update your Source Tree.</a>
25: <li><a href="#CVSROOT">Available Anonymous CVS Servers.</a>
1.104 ericj 26: <li><a href="#CRYPTO">Getting crypto sources through CVS(1).</a>
27: <li><a href="#EXAMPLE">Example usages for CVS(1).</a>
28: <li><a href="#WHICH">Use rsh(1) or ssh(1)?</a>
1.107 millert 29: <li><a href="#SUP">Mirroring the CVS repository via sup(1).</a>
1.105 ericj 30: <li><a href="#MIRROR">Setting up an anoncvs mirror.</a>
1.100 ericj 31: </ul>
32: </p>
33: <hr>
34:
35:
36: <a name="anoncvs"></a>
37: <h3><font color=#0000e0>What is Anonymous CVS?</font></h3>
1.99 ericj 38:
1.15 grr 39: <p>
40: Anonymous CVS is a method of keeping your local copy of the OpenBSD source
41: tree up to date with respect to changes made to current OpenBSD sources.
1.109 jason 42: In addition to following the bleeding edge of development, it is
43: also possible to track the patches for errata of a release.
1.99 ericj 44: </p>
45:
1.14 downsj 46: <p>
1.15 grr 47: The major advantage of Anonymous CVS over other source code update
48: techniques is that it works directly against a central source code
49: repository or mirror. This means that you have the full set of CVS
50: commands available to control merging and updating your changes with
51: other source changes and for performing diff's, change histories
52: and other queries against the central repository.
1.99 ericj 53: </p>
54:
1.36 deraadt 55: <p>
1.99 ericj 56: The OpenBSD Project currently has three main source repositories:
57: </p>
58:
59: <ul>
60: <li><b>src</b> - Houses all source code for the OpenBSD Operating System.
61: <li><b>ports</b> - Houses the <a href="./ports.html">OpenBSD Ports</a>.
62: <li><b>www</b> - Houses all OpenBSD web pages. (Including this one).
63: </ul>
64:
1.100 ericj 65: <p>
66: To summarize, the real strength of using Anonymous CVS is that it is
67: a "tolerant" source code control system - it <strong>respects</strong>
68: changes that you have made to your local sources and makes <strong>
69: "best efforts"</strong> to update your entire source tree, rather than
70: leaving you a list of arcane problems that have to be resolved before
71: continuing.
72: </p>
73:
74: <a name="CVS"></a>
75: <h3><font color=#0000e0>What is CVS?</font></h3>
1.99 ericj 76:
1.36 deraadt 77: <p>
78: <a href=why-cvs.html>
79: CVS is the source code control system used to manage the OpenBSD source tree.</a>
1.16 deraadt 80: It implements a central repository for all officially released source code
1.15 grr 81: and changes, while permitting developers to maintain local copies of the
1.99 ericj 82: source code with their working changes. Developers with "<b>write access</b>"
1.15 grr 83: can commit changes directly to the OpenBSD source tree, while "Anonymous
1.99 ericj 84: CVS" users have "<b>read access</b>" and can keep their local copies of the source
1.15 grr 85: up to date and issue queries against the central depository.
1.99 ericj 86: </p>
87:
1.15 grr 88: <p>
1.22 niklas 89: The major strength of CVS is that it has the ability to perform intelligent
1.15 grr 90: merges of changes to the central repository with changes that you make to
91: your local copy. This means that if you make a change to a module and
92: perform an update, your changes are not "blown away", rather CVS makes
93: best efforts to merge the changes made to the central sources with changes
94: you've made to your local copy.
1.99 ericj 95: </p>
96:
1.15 grr 97: <p>
98: In the event that the changes can't be completely merged, CVS provides a
99: "soft fallback", in terms of providing you with annotated changes to your
1.39 todd 100: local copy, preserving an unmodified copy of your version and continuing
1.15 grr 101: to update any other source modules you requested.
1.99 ericj 102: </p>
103:
1.100 ericj 104: <a name="starting"></a>
105: <h3><font color=#0000e0>Getting Started Using Anonymous CVS.</font></h3>
106:
107: <p>
108: The latest version of CVS is available at
1.111 deraadt 109: <a href=http://www.cyclic.com/CVS/Dev/code/>Cyclic</a>.
1.100 ericj 110: Versions earlier than 1.6 are not recommended, and may not work.
111: If you already have OpenBSD installed, CVS is included.
112: </p>
113:
1.22 niklas 114: <p>
1.99 ericj 115: People who own an OpenBSD CD may have seen the <i>CVS/</i> dirs on it.
116: Actually there is a reason, the CD has a checkout of the OpenBSD <b>src</b> module
1.95 millert 117: usable to continue updating from. Using this tree will result in a much
1.23 mickey 118: faster initial CVS update than a fresh checkout of the full OpenBSD
119: source tree. There are two ways of using the CD:
1.99 ericj 120: </p>
121:
1.23 mickey 122: <ul>
1.99 ericj 123: <li>To copy the CVS tree from the CD to <i>/usr/src</i> (assuming the CD is mounted on /mnt):
1.22 niklas 124: <pre>
1.99 ericj 125: # <b>cd /mnt; pax -rw CVS Makefile [a-z]* /usr/src</b>
1.22 niklas 126: </pre>
1.110 wvdputte 127: <li>Use a union mount (see <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mount_union&apropos=0&sektion=8&manpath=OpenBSD+Current&format=html">mount_union(8)</a>) with the CD below a writable directory. (This can be used when only compiling from the tree.)
1.22 niklas 128: <pre>
1.99 ericj 129: # <b>mount -t union -o -b /mnt /usr/src</b>
1.22 niklas 130: </pre>
1.23 mickey 131: </ul>
1.100 ericj 132:
133: <p>
134: For people who don't have a CD on hand, you can use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">cvs(1)</a> to "<b>checkout</b>" the source repository for you. This is discussed in the <a href="#using">next section</a>.
135: </p>
136:
137: <p>
1.99 ericj 138: After this, <i>/usr/src</i> will be a nice checkout area where all <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">cvs(1)</a> commands will work OK.
1.100 ericj 139: </p>
140:
141: <a name="using"></a>
142: <h3><font color=#0000e0>Using CVS(1) to get and update your source tree.</font></h3>
143:
144: <p>
1.109 jason 145: CVS was designed to be a simple way to retrieve and update your sources,
146: therefore there isn't much involved at all in doing so. You must first
147: decide whether you want to track <i>current</i> or a patch branch.
1.112 kjell 148: The current tree has all of the up to the minute changes,
1.109 jason 149: whereas a patch branch contains a formal release plus the patches
150: from the <a href="errata.html">errata</a> already applied.
151:
152: <p>Once you have decided which tree to follow, you much choose which Anonymous
153: CVS server you are going to use. A list of these servers is
154: <a href="#CVSROOT">below</a>. Do, however, notice that there are 3 ways
155: to access these servers.
1.100 ericj 156: </p>
1.99 ericj 157:
1.100 ericj 158: <ul>
159: <li><b>ssh</b> - Secure Shell can be used to access the anonymous CVS servers. This is the <b>recommended</b> way of doing so, as it is encrypted. As of 2.6 OpenBSD has included OpenSSH in its standard distribution.
160: <li><b>rsh</b> - Remote Shell can be used on some of the servers for users who don't have access to <a href="http://www.openssh.com">ssh</a>
161: <li><b>pserver</b> - pserver is primarily useful for users who are behind firewalls that block the other two connections.
162: </ul>
163:
164: <p>
165: <b>NOTE:</b> - For users wishing to use ssh, you must first set the <i>CVS_RSH</i> variable to ssh.
166:
167: <ul>
168: <li> For Korn/Bourne shells.
169: <pre>
170: $ <b>export CVS_RSH="/usr/bin/ssh"</b>
171: </pre>
172: <li> For CSH based shells.
173: <pre>
174: $ <b>setenv CVS_RSH /usr/bin/ssh</b>
175: </pre>
176: </ul>
177:
178: <p>
179: Once you have chosen which <a href="#CVSROOT">Anonymous CVS Server</a> you will use, and which method you will use, you can start using cvs. For those of you who have CD's you can start with the CVS checkout that is on the CD by using the method <a href="#starting">above</a> to get the sources onto your system. If you don't have a CD handy, use the method below to checkout the sources. This method puts the OpenBSD source tree into <i>/usr/src</i>.
180: </p>
181:
182: <p>
183: <ul><pre>
1.114 marc 184: # <b>cd /usr; cvs checkout -P src</b>
1.100 ericj 185: </ul></pre>
186: </p>
1.99 ericj 187:
1.1 deraadt 188: <p>
1.109 jason 189: The above will checkout the <i>current</i> source tree. Many of you will
190: only want a patch branch sources. To checkout a patch branch, you must
191: specify a tag along with your command. Example:
1.100 ericj 192: </p>
1.1 deraadt 193:
194: <p>
1.100 ericj 195: <ul><pre>
1.109 jason 196: # <b>cd /usr; cvs checkout -P -rOPENBSD_2_7 src</b>
1.100 ericj 197: </ul></pre>
1.109 jason 198: Or OPENBSD_2_6 for 2.6, etc.
1.100 ericj 199: </p>
200:
1.109 jason 201: <p> Currently only the OPENBSD_2_7 tag contains the release sources and
202: errata already applied.
1.100 ericj 203:
204: <a name="CVSROOT"></a>
205: <h3><font color=#0000e0>Available Anonymous CVS Servers.</font></h3>
1.1 deraadt 206:
207: <p>
208: There are two levels of source tree access:
209:
210: <dl>
211: <dt><strong>Read-write access for developers:</strong>
212: <dd>Developers who need to commit changes to the source tree must have
213: an account on the OpenBSD machines. Getting this access will be a
214: natural result of working on the sources with other OpenBSD developers.
215: If someone does some good work and shows they can work with the team,
216: they will get an account.
217: </dl>
218:
219: <dl>
220: <dt><strong>Read-only access for everyone:</strong>
221: <dd>Anyone can access the read-only CVS repositories. These copies
222: of the read-write CVS repository are mirrored often. To use one,
223: set your <strong>CVSROOT</strong> environment variable to one of
224: the following values:
1.12 grr 225: <p>
226: <strong>Please see the note about using ssh vs. rsh below!</strong>
227: <p>
1.1 deraadt 228: <ul>
229: <p>
1.83 millert 230: <li><strong>CVSROOT=anoncvs@anoncvs1.usa.openbsd.org:/cvs</strong><br>
231: Host also known as <strong>anoncvs@anoncvs4.usa.openbsd.org</strong>.<br>
1.10 millert 232: located in California, western USA.<br>
1.46 millert 233: maintained by <a href=mailto:millert@openbsd.org>Todd Miller</a>.<br>
1.83 millert 234: protocols: pserver only.<br>
1.1 deraadt 235: updated every 4 hours.<br>
236: <p>
1.83 millert 237: <li><strong>CVSROOT=anoncvs@anoncvs.usa.openbsd.org:/cvs</strong><br>
238: Host also known as <strong>anoncvs3.usa.openbsd.org</strong>.<br>
1.1 deraadt 239: located at the University of Colorado, Boulder, western USA.<br>
240: maintained by <a href=mailto:Todd.Miller@cs.colorado.edu>Todd Miller</a>.<br>
1.94 millert 241: protocols: rsh, ssh, ssh port 2022, pserver.<br>
1.1 deraadt 242: updated every 6 hours.<br>
243: <p>
1.76 deraadt 244: <li><strong>CVSROOT=anoncvs@anoncvs5.usa.openbsd.org:/cvs</strong><br>
245: Host also known as <strong>squid.nas.nasa.gov</strong>.<br>
246: located at Ames Research Center, Moffett Field, California, USA.<br>
1.78 deraadt 247: maintained by <a href=mailto:allison@mail.arc.nasa.gov>Tyler Allison</a>.<br>
1.77 deraadt 248: protocols: ssh only.<br>
249: updated every 3 hours.<br>
1.84 beck 250: <li><strong>CVSROOT=anoncvs@mirror.arc.nasa.gov:/cvs</strong><br>
251: located at Ames Research Center, Moffett Field, California, USA.<br>
252: maintained by <a href=mailto:allison@mail.arc.nasa.gov>Tyler Allison</a>.<br>
253: protocols: ssh only.<br>
254: updated every 3 hours.<br>
1.76 deraadt 255: <p>
1.31 deraadt 256: <li><strong>CVSROOT=anoncvs@anoncvs6.usa.openbsd.org:/cvs</strong><br>
257: Host also known as <strong>openbsd.citi.umich.edu</strong>.<br>
258: located at the University of Michigan, central USA.<br>
259: maintained by <a href=mailto:rees@umich.edu>Jim Rees</a>.<br>
260: protocols: ssh, ssh port 2022.<br>
261: updated every 12 hours.<br>
262: <p>
1.24 deraadt 263: <li><strong>CVSROOT=anoncvs@anoncvs1.ca.openbsd.org:/cvs</strong><br>
1.40 beck 264: Host also known as <strong>anoncvs.ca.openbsd.org</strong>,
1.74 beck 265: <strong>openbsd.sunsite.ualberta.ca</strong><br>
1.24 deraadt 266: located in Edmonton, Alberta, Canada.<br>
1.80 beck 267: maintained by <A HREF="mailto:beck@ualberta.ca">Bob Beck</A><br>
1.53 beck 268: protocols: ssh, rsh, ssh port 2022, pserver<br>
1.45 beck 269: updated every 2 hours.<br>
1.24 deraadt 270: <p>
1.106 beck 271: <li><strong>CVSROOT=anoncvs@valkyrie.secureops.com:/cvs</strong><br>
272: located in Montreal, Quebec, Canada.<br>
273: maintained by <A HREF="mailto:drbones@darkelves.com">Patrick Ethier</A><br>
274: protocols: ssh<br>
275: updated every 24 hours at 3 AM EST<br>
276: <p>
1.1 deraadt 277: <li><strong>CVSROOT=anoncvs@anoncvs.uk.openbsd.org:/cvs</strong><br>
278: located in London, UK.<br>
279: maintained by <a href=mailto:peter@wonderland.org>Peter Galbavy</a>.<br>
1.116 beck 280: protocols: ssh only.<br>
281: updated every 6 hours.<br>
1.1 deraadt 282: <p>
1.117 ! beck 283: <li><strong>CVSROOT=anoncvs@anoncvs2.uk.openbsd.org:/cvs</strong><br>
! 284: located in London, UK.<br>
! 285: maintained by <a href=mailto:joe@hole-in-the.net>Joe Warren-Meeks</a>.<br>
! 286: protocols: ssh only.<br>
! 287: updated every 6 hours.<br>
! 288: <p>
1.1 deraadt 289: <li><strong>CVSROOT=anoncvs@anoncvs.tw.openbsd.org:/cvs</strong><br>
1.64 deraadt 290: Host also known as <strong>OpenBSD.csie.NCTU.edu.tw</strong>.<br>
1.1 deraadt 291: located in Taipei, Taiwan.<br>
1.63 deraadt 292: maintained by <a href=mailto:lkchu@OpenBSD.csie.NCTU.edu.tw>Liang-Kai Chu</a>.<br>
1.1 deraadt 293: protocols: rsh, ssh, ssh port 2022.<br>
294: updated every 12 hours.<br>
295: <p>
296: <li><strong>CVSROOT=anoncvs@anoncvs.no.openbsd.org:/cvs</strong><br>
1.64 deraadt 297: Host also known as <strong>cvs.inet.no</strong>.<br>
1.1 deraadt 298: located in Norway.<br>
1.64 deraadt 299: maintained by <a href=mailto:cvsadmin@inet.no>Michael Shuldman</a>.<br>
1.1 deraadt 300: protocols: rsh, ssh, ssh port 2022.<br>
301: updated every 4 hours.<br>
302: <p>
1.33 deraadt 303: <li><strong>CVSROOT=anoncvs@anoncvs.se.openbsd.org:/cvs</strong><br>
1.54 art 304: Host also known as <strong>anoncvs.stacken.kth.se</strong>.<br>
1.33 deraadt 305: located in Sweden.<br>
306: maintained by <a href=mailto:anoncvs@stacken.kth.se>Magnus Holmberg</a>.<br>
307: protocols: rsh, ssh, ssh port 2022.<br>
1.57 art 308: updated every 3 hours.<br>
1.68 wvdputte 309: <p>
310: <li><strong>CVSROOT=anoncvs@anoncvs.be.openbsd.org:/cvs</strong><br>
311: Host also known as <strong>badlands.rug.ac.be</strong>.<br>
312: located in Belgium.<br>
313: maintained by <a href=mailto:wvdputte@reptile.rug.ac.be>Wim Vandeputte</a>.<br>
314: protocols: ssh, ssh port 2022.<br>
315: updated every 3 hours.<br>
1.69 deraadt 316: <p>
317: <li><strong>CVSROOT=anoncvs@anoncvs.jp.openbsd.org:/cvs</strong><br>
318: Host also known as <strong>kankoromochi.econ.nagasaki-u.ac.jp</strong>.<br>
319: located at Nagasaki Univ. Faculty of Economics, JAPAN.<br>
320: maintained by <a href=mailto:sigh@net.nagasaki-u.ac.jp>SUZUKI Hitoshi</a>.<br>
1.79 deraadt 321: protocols: ssh, pserver.<br>
322: updated every 3 hours.<br>
1.73 deraadt 323: <li><strong>CVSROOT=anoncvs@anoncvs.cz.openbsd.org:/cvs</strong><br>
324: Host also known as <strong>com-os2.ms.mff.cuni.cz</strong>.<br>
1.98 rohee 325: located at Faculty Math & Physics, Charles University, Prague, Czech republic.<br>
1.73 deraadt 326: maintained by <a href=mailto:galambos@com-os2.ms.mff.cuni.cz>Leo Galambos</a>.<br>
327: protocols: ssh, ssh port 2022.<br>
328: updated every 3 hours.<br>
1.84 beck 329: <li><strong>CVSROOT=anoncvs@anoncvs1.au.openbsd.org:/cvs</strong><br>
330: Host also known as <strong>anoncvs.au.openbsd.org</strong>,
331: <strong>anoncvs.openbsd.aba.net.au</strong><br>
332: located in Carlton, Victoria, Australia.<br>
333: maintained by <A HREF="mailto:mwp@aba.net.au">Micheal Paddon</A><br>
334: protocols: ssh<br>
335: updated every 4 hours.<br>
1.88 beck 336: <li><strong>CVSROOT=anoncvs@dolphin.mtmc.ru:/cvs</strong><br>
337: located in Moscow, Russia<br>
338: maintained by <A HREF="mailto:jc@mtmc.ru">John Chertihin</A><br>
339: protocols: rsh, ssh<br>
1.89 beck 340: updated every 24 hours (at 1 AM Moscow time)<br>
1.86 beck 341: <li><strong>CVSROOT :pserver:anoncvs@gloup.linuxfr.org:/cvs</strong><br>
1.87 beck 342: Host also known as <strong>gloup.linuxfr.org</strong><br>
1.96 beck 343: located at Paris (Claranet), FRANCE<br>
1.87 beck 344: maintained by: <A HREF=mailto:seisen@linuxfr.org>Fabien Seisen</A><br>
1.96 beck 345: protocols: pserver, ssh<br>
1.86 beck 346: updated every 24h ( at 2h GMT )<br>
1.103 beck 347: <li><strong>CVSROOT :pserver:anoncvs@cvs.bsdfr.org:/cvs</strong><br>
348: located at in France<br>
349: maintained by: <A HREF=mailto:jch@oleane.net>Jean-Claude Christophe</A><br>
350: protocols: pserver<br>
351: updated every 24h <br>
1.115 beck 352: <li><strong>CVSROOT=anoncvs@grappa.unix-ag.uni-kl.de:/cvs</strong><br>
353: located at the University of Kaiserslautern, Germany<br>
354: maintained by <A HREF="mailto:hgw@d1906.inka.de">Hans Gunter Weigand</A> and
355: <A HREF="mailto:naddy@openbsd.org"> Christian Weisgerber</A><br>
356: protocols: rsh, ssh, ssh port 2022, pserver<br>
357: updated daily from cvsup.uk.openbsd.org<br>
1.80 beck 358: <li><strong>CVSROOT=anoncvs@exokernel.lcs.mit.edu:/cvs</strong><br>
359: located at M.I.T, Eastern USA.<br>
360: maintained by ????<br>
361: protocols: ssh, ???<br>
362: updated every ? hours.<br>
1.108 ho 363: <li><strong>CVSROOT=anoncvs@xyzzy.gsnig.org:/cvs</strong><br>
364: Located in Göteborg, Sweden<br>
1.80 beck 365: maintained by martin@openbsd.org<br>
1.108 ho 366: protocols: ssh port 2022<br>
367: updated every 4 hours.<br>
1.80 beck 368: <li><strong>CVSROOT=anoncvs@stl-isaas.ey.com:/cvs</strong><br>
1.90 beck 369: Located in St. Louis, MO, Eastern USA<br>
1.81 beck 370: maintained by <A HREF="mailto:aaron11@sprynet.com">Aaron Miller</A><br>
371: protocols: ssh, ssh port 2022, pserver<br>
372: updated every 3 hours.<br>
1.91 beck 373: <li><strong>CVSROOT=anoncvs@openbsd.groupbsd.org:/cvs</strong><br>
1.92 jason 374: Located in Hillsborough NC, Eastern USA<br>
375: maintained by <A HREF="mailto:jason@openbsd.org">Jason Wright</A><br>
1.91 beck 376: protocols: ssh<br>
377: updated every 4 hours.<br>
1.80 beck 378: <li><strong>CVSROOT=anoncvs@headend-vlan1-cm19.fibertel.com.ar:/cvs</strong><br>
379: Located in Buenos Aires, Argentina<br>
380: maintained by ????<br>
381: protocols: ssh?, ???<br>
382: updated every ? hours.<br>
1.73 deraadt 383: </ul>
1.84 beck 384:
385:
1.73 deraadt 386: <p>
1.80 beck 387: <EM>Note:</EM>, If your server is listed on here with inaccurate or
1.104 ericj 388: unknown information, please contact
389: <A HREF="mailto:beck@openbsd.org"><tt>beck@openbsd.org</tt></A>
390: </p>
391:
1.80 beck 392: <p>
1.104 ericj 393: You may want to use
394: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=traceroute&sektion=8&format=html">traceroute(8)</a>
395: to find out which server is nearest you.
1.11 michaels 396: Problems with a server should be reported to the <b>maintainer</b> of the
397: server in question.
1.104 ericj 398: </dl></p>
399:
400: <a name="CRYPTO"></a>
401: <h3><font color=#0000e0>Getting crypto sources through CVS(1)</font></h3>
402:
1.1 deraadt 403: <p>
404: <strong>IMPORTANT NOTE:</strong>
405: There are a few issues relating to cryptographic software that everyone
406: should be aware of:
407: <ul>
408: <li>The OpenBSD sources are from Canada.
1.9 deraadt 409: As
410: <a href=http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html>
411: researched by a Canadian individual</a>
412: and as
413: <a href=http://axion.physics.ubc.ca/ECL.html>
414: described in the Export Control list of Canada</a>
415: is legal to export crypto software from Canada to the world.
1.1 deraadt 416: <p>
417: <li>However, if you are outside the USA or Canada, you should not
418: fetch the cryptographic sections of the OpenBSD sources from an
419: anoncvs server located in the USA. The files in question are...
420: <ul>
421: <li>src/kerberosIV/*
1.57 art 422: <li>src/lib/libdes/*
1.1 deraadt 423: <li>src/lib/libc/crypt/crypt.c
424: <li>src/lib/libc/crypt/morecrypt.c
1.36 deraadt 425: <li>src/sys/netinet
1.67 art 426: <li>src/usr.sbin/afs/src/rxkad/*
1.56 matthieu 427: <li>X11/xc/lib/Xdmcp/Wraphelp.c
1.1 deraadt 428: </ul>
429: Because of the USA ITAR munitions list,
430: crypto software may only be exported to Canada from the USA.
431: <p>
432: <li>The OpenBSD project is looking for more anoncvs servers -- read
433: on to find out how you can help.
434: </ul>
435:
1.104 ericj 436: <a name="EXAMPLE"></a>
437: <h3><font color=#0000e0>Example usages for CVS(1).</font></h3>
438:
1.1 deraadt 439: <p>
440: A sample use of an anoncvs CVS server would be:
1.104 ericj 441: <ul><pre>
442: % <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
443: % <strong>cd /tmp</strong>
444: % <strong>cvs get src/sys/arch/sparc</strong>
1.12 grr 445: [copies the files from the repository to your machine]
1.104 ericj 446: % <strong>cvs log src/sys/arch/sparc/sparc/locore.s</strong>
1.12 grr 447: [shows the commit log for the chosen file ]
1.104 ericj 448: % <strong>cvs diff -bc -r1.1 -r1.5 src/sys/arch/sparc/sparc/locore.s</strong>
1.12 grr 449: [shows the changes between revisions 1.1 and rev 1.5]
1.104 ericj 450: </pre></ul>
1.1 deraadt 451:
452: <p>
1.18 todd 453: <a name=pserver>In order to use a cvs ``pserver'' (a direct tcp connection instead of using ssh or rsh) you must login once:</a>
1.104 ericj 454:
455: <ul><pre>
1.18 todd 456: [ *NOTE* You must be using cvs version 1.8 or higher to do this ]
1.104 ericj 457: % <strong>setenv CVSROOT :pserver:anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
458: % <strong>cvs login</strong>
1.59 beck 459: (Logging in to anoncvs@anoncvs1.ca.openbsd.org)
1.104 ericj 460: CVS password: <strong>anoncvs</strong>
1.18 todd 461: [this writes a line to ~/.cvspass (filename over-ridden by CVS_PASSFILE).]
462: [An example line from my ~/.cvspass after typing 'blah' for the above ]
463: [password is: ]
464: [:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs Au'yc ]
465: [...after logging in ONCE every other use of the above CVSROOT will work ]
1.104 ericj 466: % <strong>cvs get ksrc-i386 ksrc-common</strong>
1.18 todd 467: [allows you to retrieve ONLY that necessary to rebuild an i386 kernel ]
1.104 ericj 468: </pre></ul>
1.18 todd 469:
470: <p>
1.39 todd 471: Here is how someone using anoncvs regularly would update his
1.1 deraadt 472: source tree:
1.60 millert 473: <ul><li>First, start out by `get'-ing an initial tree:
1.27 todd 474:
1.109 jason 475: <p> (If you are following <i>current</i>):
1.104 ericj 476: <ul><pre>
477: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
478: # <strong>cd /usr</strong>
479: # <strong>cvs -q get -PA src</strong>
480: </pre></ul>
1.109 jason 481:
482: <p> (If you are following the patch branch for 2.7):
483: <ul><pre>
484: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
485: # <strong>cd /usr</strong>
486: # <strong>cvs -q get -rOPENBSD_2_7 -P src</strong>
487: </pre></ul>
1.27 todd 488: </li>
1.37 todd 489:
1.27 todd 490: <li> Anytime afterwards, to `update' this tree:
1.109 jason 491: <p> (If you are following <i>current</i>):
1.104 ericj 492: <ul><pre>
493: # <strong>cd /usr/src</strong>
494: # <strong>cvs -q up -PAd</strong>
495: </pre></ul>
1.27 todd 496:
1.109 jason 497: <p> (If you are following the patch branch for 2.7):
498: <ul><pre>
499: # <strong>cd /usr/src</strong>
500: # <strong>cvs -q up -rOPENBSD_2_7 -Pd</strong>
501: </pre></ul>
502:
1.39 todd 503: Everytime you ran this it would synchronize your /usr/src tree. It would
1.1 deraadt 504: not destroy any of your local changes, rather it would attempt to merge
505: changes in. If you use obj directories (not obj symbolic links) you may
506: wish to append "-I obj" to the cvs command line, this will keep cvs from
507: spitting out a warning about all the obj directories it is going to
508: encounter which are not in the repository.
1.72 millert 509:
510: <p>
1.109 jason 511: <li> NOTES: if you are updating a source tree that you initially fetched
1.72 millert 512: from a different server, or from a CD, you <strong>must</strong>
513: add the <em>-d $CVSROOT</em> options to cvs. You must also set the
1.109 jason 514: <em>CVS_IGNORE_REMOTE_ROOT</em> environment variable. If you are following
515: a patch branch, be sure to always <strong>omit</strong> the <code>-A</code>
516: flag to cvs, or you may find yourself tracking <i>current</i> instead.
1.72 millert 517:
1.109 jason 518: <p> (If you are following <i>current</i>):
1.104 ericj 519: <ul><pre>
520: # <strong>cd /usr/src</strong>
521: # <strong>cvs -d $CVSROOT -q up -PAd</strong>
522: </pre></ul>
1.72 millert 523:
1.109 jason 524: <p> (If you are following a patch branch):
525: <ul><pre>
526: # <strong>cd /usr/src</strong>
527: # <strong>cvs -d $CVSROOT -q up -Pd</strong>
528: </pre></ul>
529:
1.27 todd 530: </li>
531: </ul>
532:
1.37 todd 533: <p>
534: To <a name=ports>use</a> <a href=ports.html>ports</a>, it is similar to src:
535: <ul><li>
536: <pre>
1.104 ericj 537: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
538: # <strong>cd /usr</strong>
539: # <strong>cvs -q get -PA ports</strong>
1.38 deraadt 540: </pre>
1.37 todd 541: </li>
542: <li> Anytime afterwards, to `update' this tree:
543: <pre>
1.104 ericj 544: # <strong>cd /usr</strong>
545: # <strong>cvs -q up -PAd ports</strong>
1.37 todd 546: </pre>
547: </li>
548: </p>
549: </ul>
550:
1.104 ericj 551: In the above example, <i>-q</i> is optional, only intended to minimize
1.27 todd 552: cvs's output. For those who like to see screenfulls of output, it
553: can be omitted.
1.1 deraadt 554:
555: <p>
1.104 ericj 556: or to make a diff of a locally patched module (here <i>cd.c</i>) to include with
1.12 grr 557: a bug report:
1.104 ericj 558: <ul><pre>
559: # <strong>cd /usr</strong>
560: # <strong>cvs diff -u src/sys/scsi/cd.c > /tmp/patch</strong>
561: </pre></ul>
1.37 todd 562: </p>
1.12 grr 563:
564: <p>
1.104 ericj 565: The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">CVS(1) man page</a>
566: (included with the CVS sources) has much more
1.1 deraadt 567: information about how CVS can be used.
568:
569: <p>
1.105 ericj 570: <strong>X11 Source tree</strong>
571: <br>
572: Anoncvs mirrors also carry the OpenBSD X11 source tree. You can adapt
573: the recipe above to update your X11 source tree from the second CD.
574: Either copy or use a union mount to get the X11 sources in <i>/usr/X11</i>:
575:
576: <ul>
577: <li>copy the tree off it (assuming the 2nd CD is mounted on /mnt):
578: <pre>
579: # <strong>cd /mnt; cp -Rp X11 /usr</strong>
580: </pre>
581: <li>use a union mount with the CD below a writable directory.
582: <pre>
583: # <strong>mount -t union -o -b /mnt/X11 /usr/X11</strong>
584: </pre></ul>
585:
586: After this, <i>/usr/X11</i> will be ready to be used by cvs. You can for
587: example update it to -current source (assuming you've already set
588: the <b>CVSROOT</b> environment variable):
589:
590: <ul><pre>
591: # <strong>cd /usr/X11</strong>
592: # <strong>cvs -q update -PAd</strong>
593: </pre></ul>
594:
595: <p>
1.12 grr 596: <strong>Warning:</strong>
597: When using cvs you should take care that your current directory is either
1.109 jason 598: the root of the tree you are referencing or in a separate place such as /tmp.
1.12 grr 599: Some commands such as "get" can create an arbitrary sub-tree in the current
600: directory, and a subsequent update will recursively flesh out this sub-tree.
601:
602: <p>
1.1 deraadt 603: The anoncvs service gives fledgling developers a chance to learn CVS
604: operation and get thoroughly involved in the development process
605: before getting "commit" access -- as a result of showing useful
606: skills and high quality results they will naturally later be given
607: developer access. As well, people providing patches can create
608: their "diff"s relative to the CVS tree, which will ease integration.
609:
1.104 ericj 610:
611: <a name="WHICH"></a>
612: <h3><font color=#0000e0>Use rsh(1) or ssh(1)?</font></h3>
613:
1.1 deraadt 614: <p>
1.15 grr 615: <strong>Anoncvs: rsh vs. ssh</strong>
1.12 grr 616: <br>
617: By default, the CVS client uses rsh to talk to the CVS server. Many
1.39 todd 618: of the CVS sites no longer support rsh for security reasons or a local
1.12 grr 619: problem like a firewall or imperfect protocol emulator such as slirp
620: may prevent you from using rsh.
1.97 deraadt 621: The alternative is a to use a "secure shell" connection using either
622: <a href=http://www.openssh.com>OpenSSH (*FREE*)</a> or
623: <a href=http://www.cs.hut.fi/ssh/>ssh (non-commercial and commercial)</a>.
1.68 wvdputte 624:
625: <p>
1.97 deraadt 626: The OpenBSD anoncvs repositries support the SSH1 protocol, not the SSH2
627: protocol due to the use of a "strict non-commercial use licensing policy".
1.28 beck 628:
1.75 millert 629: <p>
630: Once ssh is installed, one sets the environment variable
1.28 beck 631: <strong>CVS_RSH</strong> to point to ssh (typically
1.113 brad 632: <strong>/usr/bin/ssh</strong>). If your local site prevents you
1.28 beck 633: from connecting out to port 22 (which ssh defaults to using) use port
634: 2022.
1.1 deraadt 635:
636: <p>
637: Do not be tempted to turn on compression since CVS already compresses.
638: Use something like the following in your <strong>$HOME/.ssh/config</strong>
1.10 millert 639: file. Note that not all anoncvs servers allow ssh connections on
1.21 millert 640: port 2022. Also note that most anoncvs servers no longer accept
641: the <strong>none</strong> cipher as it is disabled in recent
642: versions of ssh for security reasons.
1.1 deraadt 643: <pre>
1.59 beck 644: Host anoncvs.ca.openbsd.org
1.1 deraadt 645: Port 2022
646: </pre>
647:
648: <p>
649: CVS is a little noisy starting up; to quiet it a bit you may want to
650: do this:
1.105 ericj 651:
652: <ul><pre>
653: <strong>setenv CVS_CLIENT_PORT -1</strong>
654: </pre></ul>
1.1 deraadt 655:
656: <p>
1.8 deraadt 657: If you wish to change from one CVS server to another (say your normal one is
658: down, or for any other reason), the environment variable which will let you
659: do this is
1.105 ericj 660:
661: <ul><pre>
662: <strong>setenv CVS_IGNORE_REMOTE_ROOT</strong>
663: </pre></ul>
664:
1.72 millert 665: Note that you will also need to use the <strong>-d</strong> flag
666: as mentioned above.
1.8 deraadt 667:
1.107 millert 668: <a name="SUP"></a>
669: <h3><font color=#0000e0>Mirroring the CVS repository via sup(1).</font></h3>
670:
671: <p>
672: Users wishing to mirror the OpenBSD CVS tree itself may now do so
673: from <em>anoncvs.usa.openbsd.org</em>. Note that this is the cvs
674: tree, <b>not</b> a checked out source tree. It is only useful if
675: you want to be able to do fast cvs operations (diff, annotate, etc)
676: or if you have multiple source trees and you only want to transfer
677: new data once (you can then checkout a tree from your local cvs
678: mirror).
679: <p>
680: A sample supfile would be:
681: <pre>
682: cvs host=anoncvs.usa.openbsd.org hostbase=/ base=/home delete
683: </pre>
684: <p>
685: which would mirror the cvs tree into /home/cvs with the sup data
686: files ending up in /home/sup. The full OpenBSD cvs tree is just
687: under a gigabyte in size.
1.65 matthieu 688:
1.105 ericj 689: <a name="MIRROR"></a>
690: <h3><font color=#0000e0>Setting up an anoncvs mirror.</font></h3>
691:
1.107 millert 692: <p>
1.1 deraadt 693: If you wish to be a new anoncvs mirror site, please contact the anoncvs
1.102 deraadt 694: <a href=mailto:sup@openbsd.org>maintainer</a>.
1.107 millert 695: Anoncvs mirrors require about 1GB of disk, and use up to 4MB of swap
1.1 deraadt 696: per anoncvs user (assuming the user does a large operation; while smaller
697: operations use fewer resources, anoncvs still makes much more of an
698: impact than ftp or sup). Such anoncvs machines should have excellent
699: network connectivity for the area they are expected to serve. A
700: <a href=anoncvs.shar>document</a>
701: which describes the setup of anoncvs servers is available.
702:
1.60 millert 703: <h3><font color=#0000e0>Final notes:</font></h3>
704: After upgrading your source tree, you should read the comments
705: at the top of <KBD>/usr/src/Makefile</KBD> before attemping
706: a build. Also, you should build a new kernel <strong>before</strong>
1.101 ericj 707: doing a <KBD>make build</KBD> if possible. In some cases it may be
1.60 millert 708: necessary to rebuild and install the <KBD>config</KBD> utility before
709: you can build the kernel. If <KBD>config GENERIC</KBD> fails this
710: is probably the case.
711: <p>
712: It is important to note that upgrading from a release to the current tree
713: by rebuilding the sources can be rather difficult due to dependencies
714: that are often not obvious. Therefore, it is suggested that you first
715: install the latest snapshot before attemping a tree build from source.
1.1 deraadt 716:
717: <hr>
1.58 pauls 718: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.1 deraadt 719: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.117 ! beck 720: <br><small>$OpenBSD: anoncvs.html,v 1.116 2000/09/18 16:26:05 beck Exp $</small>
1.1 deraadt 721:
722: </body>
723: </html>