Annotation of www/anoncvs.html, Revision 1.201
1.180 jufi 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1.1 deraadt 2: <html>
3: <head>
1.93 deraadt 4: <title>OpenBSD AnonCVS</title>
1.135 naddy 5: <link rev="made" href="mailto:www@openbsd.org">
1.93 deraadt 6: <meta name="resource-type" content="document">
1.180 jufi 7: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
1.93 deraadt 8: <meta name="description" content="How to get OpenBSD updates via Internet using Anonymous CVS">
9: <meta name="keywords" content="openbsd,anoncvs,updates">
10: <meta name="distribution" content="global">
1.200 nick 11: <meta name="copyright" content="This document copyright 1996-2004 by OpenBSD.">
1.1 deraadt 12: </head>
13:
1.135 naddy 14: <body bgcolor="#ffffff" text="#000000" link="#23238e">
1.1 deraadt 15:
1.171 jsyn 16: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
1.93 deraadt 17: <p>
1.135 naddy 18: <h2><font color="#e00000">Anonymous CVS</font></h2>
1.14 downsj 19:
1.135 naddy 20: <hr>
21:
22: <h3>Table Of Contents</h3>
23:
24: <ul>
1.100 ericj 25: <li><a href="#anoncvs">What is Anonymous CVS?</a>
26: <li><a href="#CVS">What is CVS?</a>
1.135 naddy 27: <li><a href="#starting">Getting Started Using Anonymous CVS</a>
28: <li><a href="#using">Using CVS to Get and Update your Source Tree</a>
29: <li><a href="#CVSROOT">Available Anonymous CVS Servers</a>
30: <li><a href="#CRYPTO">Getting crypto sources through cvs(1)</a>
31: <li><a href="#EXAMPLE">Example usages for cvs(1)</a>
1.104 ericj 32: <li><a href="#WHICH">Use rsh(1) or ssh(1)?</a>
1.135 naddy 33: <li><a href="#SUP">Mirroring the CVS repository via sup(1)</a>
34: <li><a href="#MIRROR">Setting up an anoncvs mirror</a>
1.100 ericj 35: </ul>
1.135 naddy 36:
1.100 ericj 37: <hr>
38:
1.135 naddy 39: <h3><a name="anoncvs"><font color="#0000e0">What is Anonymous CVS?</font></a></h3>
1.99 ericj 40:
1.15 grr 41: <p>
42: Anonymous CVS is a method of keeping your local copy of the OpenBSD source
43: tree up to date with respect to changes made to current OpenBSD sources.
1.109 jason 44: In addition to following the bleeding edge of development, it is
45: also possible to track the patches for errata of a release.
1.99 ericj 46: </p>
47:
1.14 downsj 48: <p>
1.15 grr 49: The major advantage of Anonymous CVS over other source code update
50: techniques is that it works directly against a central source code
51: repository or mirror. This means that you have the full set of CVS
52: commands available to control merging and updating your changes with
1.154 jsyn 53: other source changes and for performing diffs, change histories
1.15 grr 54: and other queries against the central repository.
1.99 ericj 55: </p>
56:
1.36 deraadt 57: <p>
1.135 naddy 58: The OpenBSD Project currently has five main source repositories:
1.99 ericj 59: </p>
60:
61: <ul>
1.140 horacio 62: <li><b>src</b> - Houses all source code for the OpenBSD Operating System.</li>
63: <li><b>ports</b> - Houses the <a href="./ports.html">OpenBSD Ports</a>.</li>
64: <li><b>www</b> - Houses all OpenBSD web pages. (Including this one).</li>
1.135 naddy 65: <li><b>X11</b> - Houses OpenBSD's adaptation of the
66: <a href="http://www.XFree86.org/">XFree86-3</a> software project.</li>
67: <li><b>XF4</b> - Houses OpenBSD's adaptation of the
68: <a href="http://www.XFree86.org/">XFree86-4</a> software project.</li>
1.99 ericj 69: </ul>
70:
1.100 ericj 71: <p>
72: To summarize, the real strength of using Anonymous CVS is that it is
73: a "tolerant" source code control system - it <strong>respects</strong>
74: changes that you have made to your local sources and makes <strong>
75: "best efforts"</strong> to update your entire source tree, rather than
76: leaving you a list of arcane problems that have to be resolved before
77: continuing.
78: </p>
79:
1.135 naddy 80: <h3><a name="CVS"><font color="#0000e0">What is CVS?</font></a></h3>
1.99 ericj 81:
1.36 deraadt 82: <p>
1.135 naddy 83: <a href="why-cvs.html">
1.36 deraadt 84: CVS is the source code control system used to manage the OpenBSD source tree.</a>
1.16 deraadt 85: It implements a central repository for all officially released source code
1.15 grr 86: and changes, while permitting developers to maintain local copies of the
1.99 ericj 87: source code with their working changes. Developers with "<b>write access</b>"
1.15 grr 88: can commit changes directly to the OpenBSD source tree, while "Anonymous
1.155 jsyn 89: CVS" users have "<b>read access</b>" and can keep their local copies of the
1.169 miod 90: source up to date and issue queries against the central repository.
1.99 ericj 91: </p>
92:
1.15 grr 93: <p>
1.22 niklas 94: The major strength of CVS is that it has the ability to perform intelligent
1.15 grr 95: merges of changes to the central repository with changes that you make to
96: your local copy. This means that if you make a change to a module and
97: perform an update, your changes are not "blown away", rather CVS makes
98: best efforts to merge the changes made to the central sources with changes
99: you've made to your local copy.
1.99 ericj 100: </p>
101:
1.15 grr 102: <p>
103: In the event that the changes can't be completely merged, CVS provides a
104: "soft fallback", in terms of providing you with annotated changes to your
1.39 todd 105: local copy, preserving an unmodified copy of your version and continuing
1.15 grr 106: to update any other source modules you requested.
1.99 ericj 107: </p>
108:
1.155 jsyn 109: <h3><a name="starting"><font color="#0000e0">Getting Started Using Anonymous
110: CVS</font></a></h3>
1.100 ericj 111:
112: <p>
113: The latest version of CVS is available at
1.140 horacio 114: <a href="http://www.cvshome.org/">Cyclic</a>.
1.100 ericj 115: Versions earlier than 1.6 are not recommended, and may not work.
116: If you already have OpenBSD installed, CVS is included.
117: </p>
118:
1.22 niklas 119: <p>
1.99 ericj 120: People who own an OpenBSD CD may have seen the <i>CVS/</i> dirs on it.
1.155 jsyn 121: Actually there is a reason, the CD has a checkout of the OpenBSD <b>src</b>
122: module usable to continue updating from. Using this tree will result in a much
1.23 mickey 123: faster initial CVS update than a fresh checkout of the full OpenBSD
124: source tree. There are two ways of using the CD:
1.99 ericj 125: </p>
126:
1.23 mickey 127: <ul>
1.155 jsyn 128: <li>To copy the CVS tree from the CD to <i>/usr/src</i> (assuming the CD is
129: mounted on /mnt):
1.22 niklas 130: <pre>
1.99 ericj 131: # <b>cd /mnt; pax -rw CVS Makefile [a-z]* /usr/src</b>
1.22 niklas 132: </pre>
1.155 jsyn 133: <li>Use a union mount (see <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mount_union&apropos=0&sektion=8&manpath=OpenBSD+Current&format=html">mount_union(8)</a>)
134: with the CD below a writable directory. (This can be used when only compiling from the tree.)
1.22 niklas 135: <pre>
1.99 ericj 136: # <b>mount -t union -o -b /mnt /usr/src</b>
1.22 niklas 137: </pre>
1.23 mickey 138: </ul>
1.100 ericj 139:
140: <p>
1.155 jsyn 141: For people who don't have a CD on hand, you can use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">
142: cvs(1)</a> to "<b>checkout</b>" the source repository for you. This is
143: discussed in the <a href="#using">next section</a>.
1.100 ericj 144: </p>
145:
146: <p>
1.155 jsyn 147: After this, <i>/usr/src</i> will be a nice checkout area where all
148: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">
149: cvs(1)</a> commands will work OK.
1.100 ericj 150: </p>
151:
1.155 jsyn 152: <h3><a name="using"><font color="#0000e0">Using CVS to get and update your
153: source tree</font></a></h3>
1.100 ericj 154:
155: <p>
1.109 jason 156: CVS was designed to be a simple way to retrieve and update your sources,
157: therefore there isn't much involved at all in doing so. You must first
158: decide whether you want to track <i>current</i> or a patch branch.
1.112 kjell 159: The current tree has all of the up to the minute changes,
1.109 jason 160: whereas a patch branch contains a formal release plus the patches
1.157 heko 161: from the <a href="errata.html">errata</a> already applied. For a definition
162: of <i>current</i>, see the <a href="faq/upgrade-minifaq.html#1.1">Upgrade
163: Mini-FAQ</a>.
1.109 jason 164:
1.169 miod 165: <p>Once you have decided which tree to follow, you must choose which Anonymous
1.109 jason 166: CVS server you are going to use. A list of these servers is
1.135 naddy 167: <a href="#CVSROOT">below</a>. Do, however, notice that there are three ways
1.109 jason 168: to access these servers.
1.100 ericj 169: </p>
1.99 ericj 170:
1.135 naddy 171: <dl>
1.155 jsyn 172: <dt><b>ssh</b><dd>Secure Shell can be used to access the anonymous CVS servers.
173: This is the <em>recommended</em> way of doing so, as it is encrypted. As of
174: 2.6, OpenBSD has included OpenSSH in its standard distribution.
175: <dt><b>rsh</b><dd>Remote Shell can be used on some of the servers for users
176: who don't have access to <a href="http://www.openssh.com/">ssh</a>.
177: <dt><b>pserver</b><dd>pserver is primarily useful for users who are behind
178: firewalls that block the other two connections.
1.135 naddy 179: </dl>
1.100 ericj 180:
181: <p>
1.159 jcs 182: <b>NOTE:</b> For users wishing to use rsh, you must first set the
183: <var>CVS_RSH</var> variable to rsh.
1.100 ericj 184:
185: <ul>
1.135 naddy 186: <li>For Korn/Bourne shells:
1.100 ericj 187: <pre>
1.159 jcs 188: $ <b>export CVS_RSH=/usr/bin/rsh</b>
1.100 ericj 189: </pre>
1.135 naddy 190: <li>For csh/tcsh:
1.100 ericj 191: <pre>
1.159 jcs 192: % <b>setenv CVS_RSH /usr/bin/rsh</b>
1.100 ericj 193: </pre>
194: </ul>
195:
196: <p>
1.155 jsyn 197: Once you have chosen which <a href="#CVSROOT">Anonymous CVS Server</a> you will
198: use, and which method you will use, you can start using cvs. For those of you
199: who have CDs you can start with the CVS checkout that is on the CD by using
200: the method <a href="#starting">above</a> to get the sources onto your system.
201: If you don't have a CD handy, use the method below to checkout the sources.
202: This method puts the OpenBSD source tree into <i>/usr/src</i>.
1.100 ericj 203: </p>
204:
1.135 naddy 205: <pre>
206: # <b>cd /usr; cvs checkout -P src</b>
207: </pre>
1.99 ericj 208:
1.1 deraadt 209: <p>
1.109 jason 210: The above will checkout the <i>current</i> source tree. Many of you will
1.169 miod 211: only want the patch branch sources. To checkout a patch branch, you must
1.109 jason 212: specify a tag along with your command. Example:
1.100 ericj 213: </p>
1.1 deraadt 214:
1.135 naddy 215: <pre>
1.191 nick 216: # <b>cd /usr; cvs checkout -P -rOPENBSD_3_4 src</b>
1.135 naddy 217: </pre>
1.1 deraadt 218: <p>
1.191 nick 219: Or OPENBSD_3_3 for 3.3, etc.
1.100 ericj 220:
1.191 nick 221: <p> The OPENBSD_3_4 tag contains the release sources and
1.109 jason 222: errata already applied.
1.100 ericj 223:
1.155 jsyn 224: <h3><a name="CVSROOT"><font color="#0000e0">Available Anonymous CVS Servers
225: </font></a></h3>
1.1 deraadt 226:
227: <p>
228: There are two levels of source tree access:
229:
230: <dl>
231: <dt><strong>Read-write access for developers:</strong>
232: <dd>Developers who need to commit changes to the source tree must have
233: an account on the OpenBSD machines. Getting this access will be a
234: natural result of working on the sources with other OpenBSD developers.
235: If someone does some good work and shows they can work with the team,
236: they will get an account.
237: </dl>
238:
239: <dl>
240: <dt><strong>Read-only access for everyone:</strong>
241: <dd>Anyone can access the read-only CVS repositories. These copies
242: of the read-write CVS repository are mirrored often. To use one,
1.135 naddy 243: set your <var>CVSROOT</var> environment variable to one of
1.1 deraadt 244: the following values:
1.12 grr 245: <p>
1.159 jcs 246: <em>Please see the note about <a href="#WHICH">ssh vs. rsh</a> below!</em>
1.12 grr 247: <p>
1.1 deraadt 248: <ul>
1.196 nick 249: <li><strong>CVSROOT=anoncvs@anoncvs1.usa.openbsd.org:/cvs</strong><br>
250: Host also known as <strong>anoncvs@anoncvs4.usa.openbsd.org</strong>.<br>
251: located in Redwood City, California, western USA.<br>
252: maintained by <a href="mailto:millert@openbsd.org">Todd Miller</a>.<br>
253: protocols: rsh, ssh, ssh port 2022, pserver.<br>
254: updated every 4 hours.<br>
255: <p>
1.83 millert 256: <li><strong>CVSROOT=anoncvs@anoncvs.usa.openbsd.org:/cvs</strong><br>
257: Host also known as <strong>anoncvs3.usa.openbsd.org</strong>.<br>
1.1 deraadt 258: located at the University of Colorado, Boulder, western USA.<br>
1.148 millert 259: maintained by <a href="mailto:millert@openbsd.org">Todd Miller</a>.<br>
1.94 millert 260: protocols: rsh, ssh, ssh port 2022, pserver.<br>
1.144 millert 261: updated every 3 hours.<br>
1.1 deraadt 262: <p>
1.31 deraadt 263: <li><strong>CVSROOT=anoncvs@anoncvs6.usa.openbsd.org:/cvs</strong><br>
264: Host also known as <strong>openbsd.citi.umich.edu</strong>.<br>
265: located at the University of Michigan, central USA.<br>
1.135 naddy 266: maintained by <a href="mailto:rees@umich.edu">Jim Rees</a>.<br>
1.31 deraadt 267: protocols: ssh, ssh port 2022.<br>
268: updated every 12 hours.<br>
269: <p>
1.24 deraadt 270: <li><strong>CVSROOT=anoncvs@anoncvs1.ca.openbsd.org:/cvs</strong><br>
1.40 beck 271: Host also known as <strong>anoncvs.ca.openbsd.org</strong>,
1.74 beck 272: <strong>openbsd.sunsite.ualberta.ca</strong><br>
1.24 deraadt 273: located in Edmonton, Alberta, Canada.<br>
1.198 david 274: maintained by <a href="mailto:beck@ualberta.ca">Bob Beck</a>.<br>
1.53 beck 275: protocols: ssh, rsh, ssh port 2022, pserver<br>
1.45 beck 276: updated every 2 hours.<br>
1.24 deraadt 277: <p>
1.1 deraadt 278: <li><strong>CVSROOT=anoncvs@anoncvs.no.openbsd.org:/cvs</strong><br>
1.64 deraadt 279: Host also known as <strong>cvs.inet.no</strong>.<br>
1.1 deraadt 280: located in Norway.<br>
1.135 naddy 281: maintained by <a href="mailto:cvsadmin@inet.no">Michael Shuldman</a>.<br>
1.1 deraadt 282: protocols: rsh, ssh, ssh port 2022.<br>
283: updated every 4 hours.<br>
284: <p>
1.68 wvdputte 285: <li><strong>CVSROOT=anoncvs@anoncvs.be.openbsd.org:/cvs</strong><br>
286: Host also known as <strong>badlands.rug.ac.be</strong>.<br>
287: located in Belgium.<br>
1.135 naddy 288: maintained by <a href="mailto:wvdputte@reptile.rug.ac.be">Wim Vandeputte</a>.<br>
1.68 wvdputte 289: protocols: ssh, ssh port 2022.<br>
290: updated every 3 hours.<br>
1.69 deraadt 291: <p>
1.142 naddy 292: <li><strong>CVSROOT=anoncvs@anoncvs.nl.openbsd.org:/cvs</strong><br>
293: Host also known as <strong>anoncvs.calyx.nl</strong>.<br>
1.118 beck 294: located in Amsterdam, The Netherlands.<br>
1.142 naddy 295: maintained by <a href="mailto:nick@calyx.net">Nick Merrill</a> and
296: <a href="mailto:alex@calyx.nl">Alexander Grendel</a>.<br>
1.118 beck 297: protocols: ssh.<br>
298: updated every 3 hours.<br>
299: <p>
1.69 deraadt 300: <li><strong>CVSROOT=anoncvs@anoncvs.jp.openbsd.org:/cvs</strong><br>
301: Host also known as <strong>kankoromochi.econ.nagasaki-u.ac.jp</strong>.<br>
302: located at Nagasaki Univ. Faculty of Economics, JAPAN.<br>
1.135 naddy 303: maintained by <a href="mailto:sigh@net.nagasaki-u.ac.jp">SUZUKI Hitoshi</a>.<br>
1.79 deraadt 304: protocols: ssh, pserver.<br>
305: updated every 3 hours.<br>
1.121 deraadt 306: <p>
1.103 beck 307: <li><strong>CVSROOT :pserver:anoncvs@cvs.bsdfr.org:/cvs</strong><br>
1.141 naddy 308: located in France<br>
1.149 miod 309: maintained by: <a href="mailto:jch@oleane.net">Jean-Claude Christophe</a>.<br>
1.103 beck 310: protocols: pserver<br>
311: updated every 24h <br>
1.121 deraadt 312: <p>
1.161 naddy 313: <li><strong>CVSROOT=anoncvs@anoncvs.de.openbsd.org:/cvs</strong><br>
314: Host also known as <strong>grappa.unix-ag.uni-kl.de</strong>.<br>
1.115 beck 315: located at the University of Kaiserslautern, Germany<br>
1.198 david 316: maintained by <a href="mailto:naddy@openbsd.org">Christian Weisgerber</a>.<br>
1.188 naddy 317: protocols: ssh, ssh port 2022, pserver<br>
318: updated every 6 hours from anoncvs.usa.openbsd.org.<br>
1.121 deraadt 319: <p>
1.128 beck 320: <li><strong>CVSROOT=anoncvs@anoncvs.pl.openbsd.org:/cvs</strong><br>
321: Host also known as <strong>anoncvs1.pl.openbsd.org</strong>,
322: <strong>incredible.bmtmc.gda.pl</strong><br>
1.126 beck 323: Located at BMT Maritime Consultants, Gdansk, Poland<br>
1.198 david 324: maintained by <a href="mailto:detergent@incredible.bmtmc.gda.pl">
325: Adam Naguszewski</a>.<br>
1.128 beck 326: protocols: ssh, pserver<br>
1.122 beck 327: updated every 3 hours.<br>
328: <p>
1.123 beck 329: <li><strong>CVSROOT=anoncvs@rt.fm:/cvs</strong><br>
1.136 miod 330: Located in Lake in the Hills, Illinois, USA<br>
1.198 david 331: maintained by <a href="mailto:jcs@rt.fm">
332: Joshua Stein</a>.<br>
1.123 beck 333: protocols: ssh<br>
1.124 beck 334: updated every 3 hours.<br>
1.123 beck 335: <p>
1.149 miod 336: <li><strong>CVSROOT=anoncvs@cvs.openbsd.cz:/cvs</strong><br>
337: Located in Prague, Czech Republic<br>
1.198 david 338: maintained by <a href="mailto:vlada@openbsd.cz">Vladimir Kotal</a>.<br>
1.149 miod 339: protocols: ssh, pserver.<br>
340: updated every 4 hours.<br>
1.152 beck 341: <p>
1.153 mickey 342: <li><strong>CVSROOT=anoncvs@anoncvs.openbsd.org.ua:/cvs</strong><br>
1.152 beck 343: Located in Kiev, Ukraine<br>
1.198 david 344: maintained by <a href="mailto:hunter@dg.net.ua">Sergey Smitienko</a>.<br>
1.152 beck 345: protocols: ssh<br>
346: updated every 6 hours.<br>
1.164 miod 347: <p>
1.165 miod 348: <li><strong>CVSROOT=openbsd@openbsd.bug.it:/cvs</strong><br>
1.164 miod 349: Located in Modena, Italy<br>
1.198 david 350: maintained by <a href="mailto:jwk@bug.it">Giacomo Cariello</a>.<br>
1.165 miod 351: protocols: ssh, password "openbsd"<br>
1.164 miod 352: updated every 6 hours.<br>
1.176 miod 353: <p>
354: <li><strong>CVSROOT=anoncvs@anoncvs.openbsd.lt:/cvs</strong><br>
355: Host also known as <strong>anoncvs.studentas.lt</strong><br>
356: Located at LITNET NOC, Academical and Research Network, Kaunas, Lithuania.<br>
357: maintained by <a href="mailto:helpas@aic.lt">Donatas Budvytis</a>.<br>
1.193 nick 358: protocols: ssh, password "anoncvs"<br>
1.176 miod 359: updated every 3 hours from anoncvs.usa.openbsd.org.<br>
1.183 jufi 360: <p>
1.199 nick 361: <li><strong>CVSROOT=anoncvs@anoncvs2.de.openbsd.org:/cvs</strong><br>
362: Host also known as <strong>openbsd.informatik.uni-erlangen.de</strong>.<br>
1.194 nick 363: Located at the University of Erlangen-Nuremberg, Germany<br>
364: maintained by <a href="mailto:Alexander.Gernler@informatik.stud.uni-erlangen.de">Alexander von Gernler</a>.<br>
365: protocols: ssh, ssh port 2022, pserver<br>
366: updated every 2 hours from cvsup.uk.openbsd.org.<br>
367: <p>
1.185 jufi 368: <li><strong>CVSROOT=anoncvs@mirror.osn.de:/cvs</strong><br>
369: Located in Nürnberg, Germany<br>
370: maintained by <a href="mailto:aw@osn.de">Armin Wolfermann</a>.<br>
371: protocols: ssh<br>
372: updated every 4 hours.<br>
1.186 beck 373: <p>
374: <li><strong>CVSROOT=anoncvs@openbsd.chem.uw.edu.pl:/cvs</strong><br>
375: Located in Warsaw, Poland<br>
376: maintained by <a href="mailto:admin@chem.uw.edu.pl">Piotr Klein</a>.<br>
377: protocols: ssh<br>
378: updated every 3 hours.<br>
1.201 ! beck 379: <li><strong>CVSROOT=anoncvs@anoncvs.sudent.pw.edu.pl:/cvs</strong><br>
! 380: Located at the Warsaw University of Technology, Poland<br>
! 381: maintained by <a href="mailto:dmarcink@elka.pw.edu.pl">Darek Marcinkeiwicz</a>.<br>
! 382: protocols: ssh<br>
! 383: updated every 3 hours.<br>
1.73 deraadt 384: </ul>
1.84 beck 385:
386:
1.73 deraadt 387: <p>
1.135 naddy 388: <em>Note:</em> If your server is listed on here with inaccurate or
1.104 ericj 389: unknown information, please contact
1.135 naddy 390: <a href="mailto:beck@openbsd.org"><tt>beck@openbsd.org</tt></a>
1.104 ericj 391: </p>
392:
1.80 beck 393: <p>
1.104 ericj 394: You may want to use
1.135 naddy 395: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=traceroute&sektion=8&format=html">traceroute(8)</a>
1.104 ericj 396: to find out which server is nearest you.
1.11 michaels 397: Problems with a server should be reported to the <b>maintainer</b> of the
398: server in question.
1.135 naddy 399: </dl>
1.104 ericj 400:
1.155 jsyn 401: <h3><a name="CRYPTO"><font color="#0000e0">Getting crypto sources through
402: cvs(1)</font></a></h3>
1.104 ericj 403:
1.1 deraadt 404: <p>
405: <strong>IMPORTANT NOTE:</strong>
406: There are a few issues relating to cryptographic software that everyone
407: should be aware of:
408: <ul>
409: <li>The OpenBSD sources are from Canada.
1.9 deraadt 410: As
1.182 nick 411: <a href="http://www.efc.ca/pages/doc/crypto-export.html">
1.9 deraadt 412: researched by a Canadian individual</a>
413: and as
1.135 naddy 414: <a href="http://axion.physics.ubc.ca/ECL.html">
1.9 deraadt 415: described in the Export Control list of Canada</a>
1.156 ian 416: it is legal to export crypto software from Canada to the world.
1.1 deraadt 417: <p>
418: <li>However, if you are outside the USA or Canada, you should not
419: fetch the cryptographic sections of the OpenBSD sources from an
420: anoncvs server located in the USA. The files in question are...
421: <ul>
422: <li>src/kerberosIV/*
1.167 miod 423: <li>src/kerberosV/*
1.57 art 424: <li>src/lib/libdes/*
1.1 deraadt 425: <li>src/lib/libc/crypt/crypt.c
426: <li>src/lib/libc/crypt/morecrypt.c
1.167 miod 427: <li>src/sys/crypto
1.36 deraadt 428: <li>src/sys/netinet
1.67 art 429: <li>src/usr.sbin/afs/src/rxkad/*
1.167 miod 430: <li>XF4/xc-mit/lib/Xdmcp/Wraphelp.c
431: <li>XF4/xc-old/lib/Xdmcp/Wraphelp.c
432: <li>XF4/xc/lib/Xdmcp/Wraphelp.c
1.1 deraadt 433: </ul>
434: Because of the USA ITAR munitions list,
435: crypto software may only be exported to Canada from the USA.
436: <p>
437: <li>The OpenBSD project is looking for more anoncvs servers -- read
438: on to find out how you can help.
439: </ul>
440:
1.155 jsyn 441: <h3><a name="EXAMPLE"><font color="#0000e0">Example usages for cvs(1)</font>
442: </a></h3>
1.104 ericj 443:
1.198 david 444: <p>
1.168 pvalchev 445: NOTICE: If you want to update a branch (such as a patch branch)
1.169 miod 446: to <i>current</i>, you would add the <code>-A</code>
1.163 chris 447: flag to cvs, but this flag is of little use otherwise. Some older
448: versions of the OpenBSD documentation recommended use of this flag
449: in many examples. We no longer recommend this flag unless absolutely necessary.
450:
1.1 deraadt 451: <p>
1.135 naddy 452: A sample use of an anoncvs server would be:
453: <pre>
1.104 ericj 454: % <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
455: % <strong>cd /tmp</strong>
456: % <strong>cvs get src/sys/arch/sparc</strong>
1.12 grr 457: [copies the files from the repository to your machine]
1.104 ericj 458: % <strong>cvs log src/sys/arch/sparc/sparc/locore.s</strong>
1.135 naddy 459: [shows the commit log for the chosen file]
1.104 ericj 460: % <strong>cvs diff -bc -r1.1 -r1.5 src/sys/arch/sparc/sparc/locore.s</strong>
1.12 grr 461: [shows the changes between revisions 1.1 and rev 1.5]
1.135 naddy 462: </pre>
1.1 deraadt 463:
464: <p>
1.155 jsyn 465: <a name="pserver">In order to use a cvs ``pserver'' (a direct TCP connection
466: instead of using ssh or rsh) you must login once:</a>
1.104 ericj 467:
1.135 naddy 468: <pre>
1.104 ericj 469: % <strong>setenv CVSROOT :pserver:anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
470: % <strong>cvs login</strong>
1.59 beck 471: (Logging in to anoncvs@anoncvs1.ca.openbsd.org)
1.104 ericj 472: CVS password: <strong>anoncvs</strong>
1.135 naddy 473: [This writes a line to ~/.cvspass (filename over-ridden by CVS_PASSFILE).]
1.18 todd 474: [An example line from my ~/.cvspass after typing 'blah' for the above ]
475: [password is: ]
476: [:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs Au'yc ]
1.135 naddy 477: [After logging in ONCE every other use of the above CVSROOT will work. ]
1.104 ericj 478: % <strong>cvs get ksrc-i386 ksrc-common</strong>
1.135 naddy 479: [Allows you to retrieve ONLY that necessary to rebuild an i386 kernel. ]
480: </pre>
1.18 todd 481:
482: <p>
1.39 todd 483: Here is how someone using anoncvs regularly would update his
1.1 deraadt 484: source tree:
1.60 millert 485: <ul><li>First, start out by `get'-ing an initial tree:
1.27 todd 486:
1.109 jason 487: <p> (If you are following <i>current</i>):
1.135 naddy 488: <pre>
489: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
490: # <strong>cd /usr</strong>
1.163 chris 491: # <strong>cvs -q get -P src</strong>
1.135 naddy 492: </pre>
1.109 jason 493:
1.191 nick 494: <p> (If you are following the patch branch for 3.4):
1.135 naddy 495: <pre>
496: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
497: # <strong>cd /usr</strong>
1.191 nick 498: # <strong>cvs -q get -rOPENBSD_3_4 -P src</strong>
1.135 naddy 499: </pre>
1.27 todd 500: </li>
1.37 todd 501:
1.27 todd 502: <li> Anytime afterwards, to `update' this tree:
1.109 jason 503: <p> (If you are following <i>current</i>):
1.135 naddy 504: <pre>
505: # <strong>cd /usr/src</strong>
1.163 chris 506: # <strong>cvs -q up -Pd</strong>
1.135 naddy 507: </pre>
1.27 todd 508:
1.191 nick 509: <p> (If you are following the patch branch for 3.4):
1.135 naddy 510: <pre>
511: # <strong>cd /usr/src</strong>
1.191 nick 512: # <strong>cvs -q up -rOPENBSD_3_4 -Pd</strong>
1.135 naddy 513: </pre>
1.109 jason 514:
1.154 jsyn 515: Every time you ran this it would synchronize your /usr/src tree. It would
1.1 deraadt 516: not destroy any of your local changes, rather it would attempt to merge
517: changes in. If you use obj directories (not obj symbolic links) you may
518: wish to append "-I obj" to the cvs command line, this will keep cvs from
519: spitting out a warning about all the obj directories it is going to
520: encounter which are not in the repository.
1.72 millert 521:
522: <p>
1.163 chris 523: <li> NOTE:
524: If you are updating a source tree that you initially fetched
1.72 millert 525: from a different server, or from a CD, you <strong>must</strong>
1.163 chris 526: add the <em>-d $CVSROOT</em> options to cvs.
1.135 naddy 527: <pre>
528: # <strong>cd /usr/src</strong>
529: # <strong>cvs -d $CVSROOT -q up -Pd</strong>
530: </pre>
1.27 todd 531: </li>
532: </ul>
533:
1.37 todd 534: <p>
1.135 naddy 535: To <a name="ports">use</a> <a href="ports.html">ports</a>, it is similar to src:
1.37 todd 536: <ul><li>
1.157 heko 537: <p> (If you are following <i>current</i>):
1.37 todd 538: <pre>
1.135 naddy 539: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
540: # <strong>cd /usr</strong>
1.163 chris 541: # <strong>cvs -q get -P ports</strong>
1.38 deraadt 542: </pre>
1.191 nick 543: <p> (If you are following the patch branch for 3.4):
1.157 heko 544: <pre>
545: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
546: # <strong>cd /usr</strong>
1.191 nick 547: # <strong>cvs -q get -rOPENBSD_3_4 -P ports</strong>
1.157 heko 548: </pre>
1.37 todd 549: <li> Anytime afterwards, to `update' this tree:
1.157 heko 550: <p> (If you are following <i>current</i>):
1.37 todd 551: <pre>
1.135 naddy 552: # <strong>cd /usr</strong>
1.163 chris 553: # <strong>cvs -q up -Pd ports</strong>
1.157 heko 554: </pre>
1.191 nick 555: <p> (If you are following the patch branch for 3.4):
1.157 heko 556: <pre>
557: # <strong>cd /usr</strong>
1.191 nick 558: # <strong>cvs -q up -rOPENBSD_3_4 ports</strong>
1.157 heko 559: </pre>
1.37 todd 560: </li>
1.127 jufi 561: </ul>
1.37 todd 562:
1.104 ericj 563: In the above example, <i>-q</i> is optional, only intended to minimize
1.27 todd 564: cvs's output. For those who like to see screenfulls of output, it
565: can be omitted.
1.1 deraadt 566:
567: <p>
1.104 ericj 568: or to make a diff of a locally patched module (here <i>cd.c</i>) to include with
1.12 grr 569: a bug report:
1.135 naddy 570: <pre>
571: # <strong>cd /usr</strong>
572: # <strong>cvs diff -u src/sys/scsi/cd.c > /tmp/patch</strong>
573: </pre>
1.12 grr 574:
575: <p>
1.155 jsyn 576: The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">
577: cvs(1) man page</a>
1.104 ericj 578: (included with the CVS sources) has much more
1.1 deraadt 579: information about how CVS can be used.
580:
1.135 naddy 581: <h4>X11 Source tree</h4>
582:
1.1 deraadt 583: <p>
1.163 chris 584: Anoncvs mirrors also carry the OpenBSD X11 (XFree86) source tree. You can adapt
1.172 miod 585: the recipe above to update your XFree86 source tree from the third CD.
1.163 chris 586: You can copy or download the XFree86 3 source tree with the X11 cvs module,
587: although the current module containing XFree86 4 is XF4.
588: There are two ways to get the XF4 sources to <i>/usr/XF4</i>:
1.105 ericj 589:
590: <ul>
1.173 miod 591: <li>copy the tree off the CD (assuming the 3rd CD is mounted on /mnt):
1.105 ericj 592: <pre>
1.163 chris 593: # <strong>cd /mnt; cp -Rp XF4 /usr</strong>
1.105 ericj 594: </pre>
595: <li>use a union mount with the CD below a writable directory.
596: <pre>
1.163 chris 597: # <strong>mount -t union -o -b /mnt/XF4 /usr/XF4</strong>
1.135 naddy 598: </pre>
599: </ul>
1.105 ericj 600:
1.163 chris 601: After this, <i>/usr/XF4</i> will be ready to be used by cvs. You can for
1.105 ericj 602: example update it to -current source (assuming you've already set
1.140 horacio 603: the <var>CVSROOT</var> environment variable):
1.105 ericj 604:
1.135 naddy 605: <pre>
1.163 chris 606: # <strong>cd /usr/XF4</strong>
607: # <strong>cvs -q update -Pd</strong>
1.135 naddy 608: </pre>
1.105 ericj 609:
610: <p>
1.12 grr 611: <strong>Warning:</strong>
612: When using cvs you should take care that your current directory is either
1.109 jason 613: the root of the tree you are referencing or in a separate place such as /tmp.
1.12 grr 614: Some commands such as "get" can create an arbitrary sub-tree in the current
615: directory, and a subsequent update will recursively flesh out this sub-tree.
616:
617: <p>
1.1 deraadt 618: The anoncvs service gives fledgling developers a chance to learn CVS
619: operation and get thoroughly involved in the development process
620: before getting "commit" access -- as a result of showing useful
621: skills and high quality results they will naturally later be given
622: developer access. As well, people providing patches can create
623: their "diff"s relative to the CVS tree, which will ease integration.
624:
1.104 ericj 625:
1.135 naddy 626: <h3><a name="WHICH"><font color="#0000e0">Use rsh(1) or ssh(1)?</font></a></h3>
1.104 ericj 627:
1.1 deraadt 628: <p>
1.159 jcs 629: By default, the CVS client uses ssh ("secure shell":
630: <a href="http://www.openssh.com/">OpenSSH</a>) to talk to the CVS server.
631:
632: <p>
633: Many of the CVS sites no longer support rsh for security reasons. Local
634: problems like firewalls or imperfect protocol emulators such as slirp may
635: also hinder rsh usage. However, if rsh is desired, one must set the
636: <var>CVS_RSH</var> environment variable to point to rsh
637: (typically <strong>/usr/bin/rsh</strong>).
638:
639: <p>
640: If local policy prevents outgoing connections to ssh's default port of 22,
641: port 2022 may be used in its place. Note, however, that not all anoncvs
642: servers accept ssh connections on this port. Furthermore, most anoncvs servers
643: no longer accept the <strong>none</strong> cipher, as it is disabled in
1.169 miod 644: recent versions of ssh for security reasons. Also, do not be tempted
1.159 jcs 645: to turn on compression: CVS already compresses.
646:
647: <p>
648: One could specify something like the following in the
649: <strong>$HOME/.ssh/config</strong> configuration file to avoid the pitfalls
650: and restrictions mentioned above:
1.1 deraadt 651: <pre>
1.59 beck 652: Host anoncvs.ca.openbsd.org
1.159 jcs 653: Compression no
1.1 deraadt 654: Port 2022
655: </pre>
656:
657: <p>
658: CVS is a little noisy starting up; to quiet it a bit you may want to
659: do this:
1.105 ericj 660:
1.135 naddy 661: <pre>
662: <strong>% setenv CVS_CLIENT_PORT -1</strong>
663: </pre>
1.1 deraadt 664:
665: <p>
1.155 jsyn 666: <h3><a name="SUP"><font color="#0000e0">Mirroring the CVS repository via
667: sup(1)</font></a></h3>
1.107 millert 668:
669: <p>
670: Users wishing to mirror the OpenBSD CVS tree itself may now do so
1.143 millert 671: from <em>anoncvs.usa.openbsd.org</em> or <em>anoncvs1.usa.openbsd.org</em>
672: (these are different machines). Note that this is the cvs tree,
673: <b>not</b> a checked out source tree. It is only useful if you
674: want to be able to do fast cvs operations (diff, annotate, etc) or
675: if you have multiple source trees and you only want to transfer new
676: data once (you can then checkout a tree from your local cvs mirror).
1.107 millert 677: <p>
678: A sample supfile would be:
679: <pre>
680: cvs host=anoncvs.usa.openbsd.org hostbase=/ base=/home delete
681: </pre>
682: <p>
683: which would mirror the cvs tree into /home/cvs with the sup data
1.133 millert 684: files ending up in /home/sup. The full OpenBSD cvs tree is currently
1.195 brad 685: about 2.2GB in size.
1.65 matthieu 686:
1.155 jsyn 687: <h3><a name="MIRROR"><font color="#0000e0">Setting up an anoncvs mirror
688: </font></a></h3>
1.105 ericj 689:
1.107 millert 690: <p>
1.200 nick 691: If you wish to setup a new anoncvs mirror site and make it available to
692: the general public, please contact the anoncvs
1.135 naddy 693: <a href="mailto:sup@openbsd.org">maintainer</a>.
1.197 brad 694: Anoncvs mirrors require about 2.2GB of disk, and use up to 32MB of swap
1.1 deraadt 695: per anoncvs user (assuming the user does a large operation; while smaller
696: operations use fewer resources, anoncvs still makes much more of an
697: impact than ftp or sup). Such anoncvs machines should have excellent
698: network connectivity for the area they are expected to serve. A
1.135 naddy 699: <a href="anoncvs.shar">document</a>
1.1 deraadt 700: which describes the setup of anoncvs servers is available.
701:
1.135 naddy 702: <h3><font color="#0000e0">Final notes</font></h3>
1.60 millert 703: After upgrading your source tree, you should read the comments
1.198 david 704: at the top of <kbd>/usr/src/Makefile</kbd> before attempting
1.60 millert 705: a build. Also, you should build a new kernel <strong>before</strong>
1.198 david 706: doing a <kbd>make build</kbd> if possible. In some cases it may be
707: necessary to rebuild and install the <kbd>config</kbd> utility before
708: you can build the kernel. If <kbd>config GENERIC</kbd> fails this
1.60 millert 709: is probably the case.
710: <p>
711: It is important to note that upgrading from a release to the current tree
712: by rebuilding the sources can be rather difficult due to dependencies
713: that are often not obvious. Therefore, it is suggested that you first
1.154 jsyn 714: install the latest snapshot before attempting a tree build from source.
1.1 deraadt 715:
716: <hr>
1.155 jsyn 717: <a href="index.html"><img height="24" width="24" src="back.gif" border="0"
718: alt="OpenBSD"></a>
1.135 naddy 719: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
1.201 ! beck 720: <br><small>$OpenBSD: anoncvs.html,v 1.200 2004/02/19 03:12:55 nick Exp $
1.155 jsyn 721: </small>
1.1 deraadt 722:
723: </body>
724: </html>