Annotation of www/anoncvs.html, Revision 1.21
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.2 deraadt 4: <title>OpenBSD AnonCVS</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="the main OpenBSD page">
8: <meta name="keywords" content="openbsd,main">
9: <meta name="distribution" content="global">
1.13 deraadt 10: <meta name="copyright" content="This document copyright 1996 by OpenBSD.">
1.1 deraadt 11: </head>
12:
1.14 downsj 13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
1.1 deraadt 14:
1.14 downsj 15: <img alt="[OpenBSD]" SRC="images/smalltitle.gif">
16:
1.15 grr 17: <h1>OpenBSD</h1>
18: <hr>
19: <h3>Anonymous CVS Access:</h3>
20: <p>
21: Anonymous CVS is a method of keeping your local copy of the OpenBSD source
22: tree up to date with respect to changes made to current OpenBSD sources.
23: </p>
1.14 downsj 24: <p>
1.15 grr 25: The major advantage of Anonymous CVS over other source code update
26: techniques is that it works directly against a central source code
27: repository or mirror. This means that you have the full set of CVS
28: commands available to control merging and updating your changes with
29: other source changes and for performing diff's, change histories
30: and other queries against the central repository.
31: </p>
32: <h3>CVS:</h3>
33: CVS is the source code control system used to manage the OpenBSD source tree.
1.16 deraadt 34: It implements a central repository for all officially released source code
1.15 grr 35: and changes, while permitting developers to maintain local copies of the
36: source code with their working changes. Developers with "write access"
37: can commit changes directly to the OpenBSD source tree, while "Anonymous
38: CVS" users have "read access" and can keep their local copies of the source
39: up to date and issue queries against the central depository.
40: </p>
41: <p>
42: The major strength of CVS is that it has the ability to preform intelligent
43: merges of changes to the central repository with changes that you make to
44: your local copy. This means that if you make a change to a module and
45: perform an update, your changes are not "blown away", rather CVS makes
46: best efforts to merge the changes made to the central sources with changes
47: you've made to your local copy.
48: </p>
49: <p>
50: In the event that the changes can't be completely merged, CVS provides a
51: "soft fallback", in terms of providing you with annotated changes to your
52: local copy, preeserving an unmodified copy of your version and continuing
53: to update any other source modules you requested.
1.1 deraadt 54: </p>
1.15 grr 55: <h4>CVS COMMAND SUMMARY</h4>
56: <dl>
57: <DT>add
58: <dd>Add a new file or directory to the repository.
59: <dt>get
60: <dd>Make a working directory of source files for editing.
61: <dt>commit
62: <dd>Apply changes to the source repository (write access)
63: <dt>diff
64: <dd>Show differences between local files and the source repository.
65: <dt>history
66: <dd>Show reports on cvs commands against the source repository.
67: <dt>log
68: <dd>Display CVS log information.
69: <dt>rdiff
70: <dd>Prepare a collection of diffs reflecting changes between release.
71: <dt>status
72: <dd>Show current status of files in the repository and local copies.
73: <dt>update
74: <DD>Bring your working directory up to date with the repository.
75: </dl>
1.1 deraadt 76: <p>
1.17 deraadt 77: To summarize, the real strengh of using Anonymous CVS is that it is
1.15 grr 78: a "tolerant" source code control system - it <strong>respects</strong>
79: changes that you have made to your local sources and makes <strong>
80: "best efforts"</strong> to update your entire source tree, rather than
81: leaving you a list of arcane problems that have to be resolved before
82: continuing.
1.1 deraadt 83: </p>
84:
1.15 grr 85: <h3>Using Anonymous CVS:</h3>
1.1 deraadt 86: <p>
87: The latest version of CVS is available at
88: <a href=ftp://ftp.cyclic.com/pub/cvs/>Cyclic</a>.
89: Versions earlier than 1.6 are not recommended, and may not work.
90: If you already have OpenBSD installed, CVS is included.
91: </p>
92:
93: <p>
94: There are two levels of source tree access:
95: </p>
96:
97: <dl>
98: <dt><strong>Read-write access for developers:</strong>
99: <dd>Developers who need to commit changes to the source tree must have
100: an account on the OpenBSD machines. Getting this access will be a
101: natural result of working on the sources with other OpenBSD developers.
102: If someone does some good work and shows they can work with the team,
103: they will get an account.
104: </dl>
105:
106: <dl>
107: <dt><strong>Read-only access for everyone:</strong>
108: <dd>Anyone can access the read-only CVS repositories. These copies
109: of the read-write CVS repository are mirrored often. To use one,
110: set your <strong>CVSROOT</strong> environment variable to one of
111: the following values:
1.12 grr 112: <p>
113: <strong>Please see the note about using ssh vs. rsh below!</strong>
114: <p>
1.1 deraadt 115: <ul>
116: <p>
117: <li><strong>CVSROOT=anoncvs@anoncvs.usa.openbsd.org:/cvs</strong><br>
1.10 millert 118: Host also known as <strong>anoncvs.openbsd.org</strong>,
119: <strong>anoncvs@anoncvs1.usa.openbsd.org</strong>,
120: <strong>anoncvs@anoncvs4.usa.openbsd.org</strong> and
121: <strong>anoncvs2.isc.org</strong>.<br>
122: located in California, western USA.<br>
123: maintained by <a href=mailto:niklas@openbsd.org>Niklas Hallqvist</a>.<br>
124: protocols: ssh only.<br>
1.1 deraadt 125: updated every 4 hours.<br>
126: <p>
127: <li><strong>CVSROOT=anoncvs@anoncvs2.usa.openbsd.org:/cvs</strong><br>
1.5 johns 128: Host also known as <strong>hydra.heuris.com</strong>.<br>
1.4 deraadt 129: located in St. Louis, Missouri, mid-western USA.<br>
1.1 deraadt 130: maintained by <a href=mailto:johns@heuris.com>John Stone</a>.<br>
131: protocols: rsh, ssh, ssh port 2022.<br>
132: updated every 12 hours.<br>
133: <p>
134: <li><strong>CVSROOT=anoncvs@anoncvs3.usa.openbsd.org:/cvs</strong><br>
135: Host also known as <strong>freestuff.cs.colorado.edu</strong>.<br>
136: located at the University of Colorado, Boulder, western USA.<br>
137: maintained by <a href=mailto:Todd.Miller@cs.colorado.edu>Todd Miller</a>.<br>
138: protocols: ssh, ssh port 2022.<br>
139: updated every 6 hours.<br>
140: <p>
1.18 todd 141: <li>
142: <strong>CVSROOT=:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs</strong><br>
143: Note <a href=#pserver>*pserver usage*</a><br>
144: Host also known as <strong>alpha.ctaz.com</strong>.<br>
1.19 todd 145: located in Arizona, western USA.<br>
1.18 todd 146: maintained by <a href=mailto:todd@openbsd.org>Todd Fries</a>.<br>
147: protocols: :pserver:.<br>
1.20 todd 148: updated every 3 hours midnight to noon; exception is Mon-Wed-Sat with a midnight update, 3am full update, then a noon update.<br>
1.18 todd 149: <p>
1.1 deraadt 150: <li><strong>CVSROOT=anoncvs@anoncvs.uk.openbsd.org:/cvs</strong><br>
151: Host also known as <strong>dumpty.wonderland.org</strong>.<br>
152: located in London, UK.<br>
153: maintained by <a href=mailto:peter@wonderland.org>Peter Galbavy</a>.<br>
154: protocols: rsh.<br>
155: updated every 12 hours.<br>
156: <p>
157: <li><strong>CVSROOT=anoncvs@anoncvs.tw.openbsd.org:/cvs</strong><br>
158: Host also known as <strong>hercules.secc.fju.edu.tw</strong>.<br>
159: located in Taipei, Taiwan.<br>
160: maintained by <a href=mailto:shawn@openbsd.org>Shawn Hsiao</a>.<br>
161: protocols: rsh, ssh, ssh port 2022.<br>
162: updated every 12 hours.<br>
163: <p>
164: <li><strong>CVSROOT=anoncvs@anoncvs.no.openbsd.org:/cvs</strong><br>
165: located in Norway.<br>
166: maintained by <a href=mailto:micheals@openbsd.org>Michael Shuldman</a>.<br>
167: protocols: rsh, ssh, ssh port 2022.<br>
168: updated every 4 hours.<br>
169: </ul>
170: <p>
171: You may want to use `traceroute' to find out which server is nearest you.
1.11 michaels 172: Problems with a server should be reported to the <b>maintainer</b> of the
173: server in question.
1.1 deraadt 174: </dl>
175: </p>
176: <p>
177: <strong>IMPORTANT NOTE:</strong>
178: There are a few issues relating to cryptographic software that everyone
179: should be aware of:
180: <ul>
181: <li>The OpenBSD sources are from Canada.
1.9 deraadt 182: As
183: <a href=http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html>
184: researched by a Canadian individual</a>
185: and as
186: <a href=http://axion.physics.ubc.ca/ECL.html>
187: described in the Export Control list of Canada</a>
188: is legal to export crypto software from Canada to the world.
1.1 deraadt 189: <p>
190: <li>However, if you are outside the USA or Canada, you should not
191: fetch the cryptographic sections of the OpenBSD sources from an
192: anoncvs server located in the USA. The files in question are...
193: <ul>
194: <li>src/kerberosIV/*
195: <li>src/lib/libc/crypt/crypt.c
196: <li>src/lib/libc/crypt/morecrypt.c
197: </ul>
198: Because of the USA ITAR munitions list,
199: crypto software may only be exported to Canada from the USA.
200: <p>
201: <li>The OpenBSD project is looking for more anoncvs servers -- read
202: on to find out how you can help.
203: </ul>
204: </p>
205:
206: <p>
207: A sample use of an anoncvs CVS server would be:
208: <pre>
209: % setenv CVSROOT anoncvs@anoncvs.usa.openbsd.org:/cvs
210: % cd /tmp
211: % cvs get src/sys/arch/sparc
1.12 grr 212: [copies the files from the repository to your machine]
1.1 deraadt 213: % cvs log src/sys/arch/sparc/sparc/locore.s
1.12 grr 214: [shows the commit log for the chosen file ]
1.1 deraadt 215: % cvs diff -bc -r1.1 -r1.5 src/sys/arch/sparc/sparc/locore.s
1.12 grr 216: [shows the changes between revisions 1.1 and rev 1.5]
1.1 deraadt 217: </pre>
218: </p>
219:
220: <p>
1.18 todd 221: <a name=pserver>In order to use a cvs ``pserver'' (a direct tcp connection instead of using ssh or rsh) you must login once:</a>
222: <pre>
223: [ *NOTE* You must be using cvs version 1.8 or higher to do this ]
224: % setenv CVSROOT :pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs
225: % cvs login
226: (Logging in to anoncvs@anoncvs5.usa.openbsd.org)
227: CVS password: <type whatever you feel like, just type something!>
228: [this writes a line to ~/.cvspass (filename over-ridden by CVS_PASSFILE).]
229: [An example line from my ~/.cvspass after typing 'blah' for the above ]
230: [password is: ]
231: [:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs Au'yc ]
232: [...after logging in ONCE every other use of the above CVSROOT will work ]
233: % cvs -z9 get ksrc-i386 ksrc-common
234: [allows you to retrieve ONLY that necessary to rebuild an i386 kernel ]
235: [ -z9 allows gzip -9 compression, GOOD medicine for slow links ]
236: </pre>
237: </p>
238:
239: <p>
1.1 deraadt 240: Here is how someone using anoncvs regularily would update his
241: source tree:
242: <pre>
243: # setenv CVSROOT anoncvs@anoncvs.usa.openbsd.org:/cvs
244: # cd /usr
245: # cvs -q get -PA src
246: </pre>
1.12 grr 247: or similarily later on he might try:
1.1 deraadt 248: <pre>
1.12 grr 249: # cd /usr
250: # cvs -q up -PAd src
1.1 deraadt 251: </pre>
252: Everytime you ran this it would syncronize your /usr/src tree. It would
253: not destroy any of your local changes, rather it would attempt to merge
254: changes in. If you use obj directories (not obj symbolic links) you may
255: wish to append "-I obj" to the cvs command line, this will keep cvs from
256: spitting out a warning about all the obj directories it is going to
257: encounter which are not in the repository.
258: </p>
259:
260: <p>
1.12 grr 261: or to make a diff of a locally patched module (here cd.c) to include with
262: a bug report:
263: <pre>
264: # cd /usr
265: # cvs diff -u src/sys/scsi/cd.c > /tmp/patch
266: </pre>
267: </p>
268:
269: <p>
1.1 deraadt 270: The CVS man page (included with the CVS sources) has much more
271: information about how CVS can be used.
272: </p>
273:
274: <p>
1.12 grr 275: <strong>Warning:</strong>
276: When using cvs you should take care that your current directory is either
277: the root of the tree you're referencing or in a separate place such as /tmp.
278: Some commands such as "get" can create an arbitrary sub-tree in the current
279: directory, and a subsequent update will recursively flesh out this sub-tree.
280: </p>
281:
282: <p>
1.1 deraadt 283: The anoncvs service gives fledgling developers a chance to learn CVS
284: operation and get thoroughly involved in the development process
285: before getting "commit" access -- as a result of showing useful
286: skills and high quality results they will naturally later be given
287: developer access. As well, people providing patches can create
288: their "diff"s relative to the CVS tree, which will ease integration.
289: </p>
290:
291: <p>
1.15 grr 292: <strong>Anoncvs: rsh vs. ssh</strong>
1.12 grr 293: <br>
294: By default, the CVS client uses rsh to talk to the CVS server. Many
295: of the CVS sites no longer supprt rsh for security reasons or a local
296: problem like a firewall or imperfect protocol emulator such as slirp
297: may prevent you from using rsh.
298: The alternative is a to use a "secure shell" connection using
299: <a href=http://www.cs.hut.fi/ssh>ssh</a>. This is a commerical product
300: offered by <a href=http://www.ssh.fi>SSH Communications Security Ltd</a>,
301: however they make a free unix version available that can be easily
302: installed under OpenBSD. You can download the unix version from
303: <a href=http://www.cs.hut.fi/ssh>http://www.cs.hut.fi/ssh</a> or one of
304: the mirrors listed there.
305: </p>
306: <p>
307: In this case,
1.1 deraadt 308: one sets the environment variable <strong>CVS_RSH</strong> to point
309: to ssh (typically <strong>/usr/local/bin/ssh</strong>). To reduce the
310: performance hit the anoncvs server would take it is recommended (and
311: requested) that you disable encryption. If your local site prevents
312: you from connecting out to port 22 (which ssh defaults to using) use
313: port 2022.
314: </p>
315:
316: <p>
317: Do not be tempted to turn on compression since CVS already compresses.
318: Use something like the following in your <strong>$HOME/.ssh/config</strong>
1.10 millert 319: file. Note that not all anoncvs servers allow ssh connections on
1.21 ! millert 320: port 2022. Also note that most anoncvs servers no longer accept
! 321: the <strong>none</strong> cipher as it is disabled in recent
! 322: versions of ssh for security reasons.
1.1 deraadt 323: </p>
324: <pre>
325: Host anoncvs.usa.openbsd.org
326: Port 2022
327: </pre>
328:
329: <p>
330: CVS is a little noisy starting up; to quiet it a bit you may want to
331: do this:
332: <pre>
333: setenv CVS_CLIENT_PORT -1
334: </pre>
335: </p>
336:
337: <p>
1.8 deraadt 338: If you wish to change from one CVS server to another (say your normal one is
339: down, or for any other reason), the environment variable which will let you
340: do this is
341: <pre>
342: setenv CVS_IGNORE_REMOTE_ROOT
343: </pre>
344: </p>
345:
346: <p>
1.1 deraadt 347: If you wish to be a new anoncvs mirror site, please contact the anoncvs
348: <a href=mailto:deraadt@theos.com>maintainer</a>.
349: Anoncvs mirrors require about 300MB of disk, and use up to 4MB of swap
350: per anoncvs user (assuming the user does a large operation; while smaller
351: operations use fewer resources, anoncvs still makes much more of an
352: impact than ftp or sup). Such anoncvs machines should have excellent
353: network connectivity for the area they are expected to serve. A
354: <a href=anoncvs.shar>document</a>
355: which describes the setup of anoncvs servers is available.
356: </p>
357:
358: </dl>
359:
360: <hr>
1.3 deraadt 361: <a href=index.html><img src=back.gif border=0 alt=OpenBSD></a>
1.1 deraadt 362: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.21 ! millert 363: <br><small>$OpenBSD: anoncvs.html,v 1.20 1997/06/16 05:09:21 todd Exp $</small>
1.1 deraadt 364:
365: </body>
366: </html>