Annotation of www/anoncvs.html, Revision 1.210
1.180 jufi 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1.1 deraadt 2: <html>
3: <head>
1.93 deraadt 4: <title>OpenBSD AnonCVS</title>
1.135 naddy 5: <link rev="made" href="mailto:www@openbsd.org">
1.93 deraadt 6: <meta name="resource-type" content="document">
1.180 jufi 7: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
1.93 deraadt 8: <meta name="description" content="How to get OpenBSD updates via Internet using Anonymous CVS">
9: <meta name="keywords" content="openbsd,anoncvs,updates">
10: <meta name="distribution" content="global">
1.200 nick 11: <meta name="copyright" content="This document copyright 1996-2004 by OpenBSD.">
1.1 deraadt 12: </head>
13:
1.135 naddy 14: <body bgcolor="#ffffff" text="#000000" link="#23238e">
1.1 deraadt 15:
1.171 jsyn 16: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
1.93 deraadt 17: <p>
1.135 naddy 18: <h2><font color="#e00000">Anonymous CVS</font></h2>
1.14 downsj 19:
1.135 naddy 20: <hr>
21:
22: <h3>Table Of Contents</h3>
23:
24: <ul>
1.100 ericj 25: <li><a href="#anoncvs">What is Anonymous CVS?</a>
26: <li><a href="#CVS">What is CVS?</a>
1.135 naddy 27: <li><a href="#starting">Getting Started Using Anonymous CVS</a>
28: <li><a href="#using">Using CVS to Get and Update your Source Tree</a>
29: <li><a href="#CVSROOT">Available Anonymous CVS Servers</a>
30: <li><a href="#CRYPTO">Getting crypto sources through cvs(1)</a>
31: <li><a href="#EXAMPLE">Example usages for cvs(1)</a>
1.104 ericj 32: <li><a href="#WHICH">Use rsh(1) or ssh(1)?</a>
1.135 naddy 33: <li><a href="#SUP">Mirroring the CVS repository via sup(1)</a>
34: <li><a href="#MIRROR">Setting up an anoncvs mirror</a>
1.100 ericj 35: </ul>
1.135 naddy 36:
1.100 ericj 37: <hr>
38:
1.135 naddy 39: <h3><a name="anoncvs"><font color="#0000e0">What is Anonymous CVS?</font></a></h3>
1.99 ericj 40:
1.15 grr 41: <p>
42: Anonymous CVS is a method of keeping your local copy of the OpenBSD source
43: tree up to date with respect to changes made to current OpenBSD sources.
1.109 jason 44: In addition to following the bleeding edge of development, it is
45: also possible to track the patches for errata of a release.
1.99 ericj 46: </p>
47:
1.14 downsj 48: <p>
1.15 grr 49: The major advantage of Anonymous CVS over other source code update
50: techniques is that it works directly against a central source code
51: repository or mirror. This means that you have the full set of CVS
52: commands available to control merging and updating your changes with
1.154 jsyn 53: other source changes and for performing diffs, change histories
1.15 grr 54: and other queries against the central repository.
1.99 ericj 55: </p>
56:
1.36 deraadt 57: <p>
1.135 naddy 58: The OpenBSD Project currently has five main source repositories:
1.99 ericj 59: </p>
60:
61: <ul>
1.140 horacio 62: <li><b>src</b> - Houses all source code for the OpenBSD Operating System.</li>
63: <li><b>ports</b> - Houses the <a href="./ports.html">OpenBSD Ports</a>.</li>
64: <li><b>www</b> - Houses all OpenBSD web pages. (Including this one).</li>
1.135 naddy 65: <li><b>X11</b> - Houses OpenBSD's adaptation of the
66: <a href="http://www.XFree86.org/">XFree86-3</a> software project.</li>
67: <li><b>XF4</b> - Houses OpenBSD's adaptation of the
68: <a href="http://www.XFree86.org/">XFree86-4</a> software project.</li>
1.99 ericj 69: </ul>
70:
1.100 ericj 71: <p>
72: To summarize, the real strength of using Anonymous CVS is that it is
73: a "tolerant" source code control system - it <strong>respects</strong>
74: changes that you have made to your local sources and makes <strong>
75: "best efforts"</strong> to update your entire source tree, rather than
76: leaving you a list of arcane problems that have to be resolved before
77: continuing.
78: </p>
79:
1.135 naddy 80: <h3><a name="CVS"><font color="#0000e0">What is CVS?</font></a></h3>
1.99 ericj 81:
1.36 deraadt 82: <p>
1.135 naddy 83: <a href="why-cvs.html">
1.36 deraadt 84: CVS is the source code control system used to manage the OpenBSD source tree.</a>
1.16 deraadt 85: It implements a central repository for all officially released source code
1.15 grr 86: and changes, while permitting developers to maintain local copies of the
1.99 ericj 87: source code with their working changes. Developers with "<b>write access</b>"
1.15 grr 88: can commit changes directly to the OpenBSD source tree, while "Anonymous
1.155 jsyn 89: CVS" users have "<b>read access</b>" and can keep their local copies of the
1.169 miod 90: source up to date and issue queries against the central repository.
1.99 ericj 91: </p>
92:
1.15 grr 93: <p>
1.22 niklas 94: The major strength of CVS is that it has the ability to perform intelligent
1.15 grr 95: merges of changes to the central repository with changes that you make to
96: your local copy. This means that if you make a change to a module and
97: perform an update, your changes are not "blown away", rather CVS makes
98: best efforts to merge the changes made to the central sources with changes
99: you've made to your local copy.
1.99 ericj 100: </p>
101:
1.15 grr 102: <p>
103: In the event that the changes can't be completely merged, CVS provides a
104: "soft fallback", in terms of providing you with annotated changes to your
1.39 todd 105: local copy, preserving an unmodified copy of your version and continuing
1.15 grr 106: to update any other source modules you requested.
1.99 ericj 107: </p>
108:
1.155 jsyn 109: <h3><a name="starting"><font color="#0000e0">Getting Started Using Anonymous
110: CVS</font></a></h3>
1.100 ericj 111:
112: <p>
113: The latest version of CVS is available at
1.140 horacio 114: <a href="http://www.cvshome.org/">Cyclic</a>.
1.100 ericj 115: Versions earlier than 1.6 are not recommended, and may not work.
116: If you already have OpenBSD installed, CVS is included.
117: </p>
118:
1.22 niklas 119: <p>
1.99 ericj 120: People who own an OpenBSD CD may have seen the <i>CVS/</i> dirs on it.
1.155 jsyn 121: Actually there is a reason, the CD has a checkout of the OpenBSD <b>src</b>
122: module usable to continue updating from. Using this tree will result in a much
1.23 mickey 123: faster initial CVS update than a fresh checkout of the full OpenBSD
124: source tree. There are two ways of using the CD:
1.99 ericj 125: </p>
126:
1.23 mickey 127: <ul>
1.155 jsyn 128: <li>To copy the CVS tree from the CD to <i>/usr/src</i> (assuming the CD is
129: mounted on /mnt):
1.22 niklas 130: <pre>
1.99 ericj 131: # <b>cd /mnt; pax -rw CVS Makefile [a-z]* /usr/src</b>
1.22 niklas 132: </pre>
1.155 jsyn 133: <li>Use a union mount (see <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mount_union&apropos=0&sektion=8&manpath=OpenBSD+Current&format=html">mount_union(8)</a>)
134: with the CD below a writable directory. (This can be used when only compiling from the tree.)
1.22 niklas 135: <pre>
1.99 ericj 136: # <b>mount -t union -o -b /mnt /usr/src</b>
1.22 niklas 137: </pre>
1.23 mickey 138: </ul>
1.100 ericj 139:
140: <p>
1.155 jsyn 141: For people who don't have a CD on hand, you can use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">
142: cvs(1)</a> to "<b>checkout</b>" the source repository for you. This is
143: discussed in the <a href="#using">next section</a>.
1.100 ericj 144: </p>
145:
146: <p>
1.155 jsyn 147: After this, <i>/usr/src</i> will be a nice checkout area where all
148: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">
149: cvs(1)</a> commands will work OK.
1.100 ericj 150: </p>
151:
1.155 jsyn 152: <h3><a name="using"><font color="#0000e0">Using CVS to get and update your
153: source tree</font></a></h3>
1.100 ericj 154:
155: <p>
1.109 jason 156: CVS was designed to be a simple way to retrieve and update your sources,
157: therefore there isn't much involved at all in doing so. You must first
158: decide whether you want to track <i>current</i> or a patch branch.
1.112 kjell 159: The current tree has all of the up to the minute changes,
1.109 jason 160: whereas a patch branch contains a formal release plus the patches
1.157 heko 161: from the <a href="errata.html">errata</a> already applied. For a definition
162: of <i>current</i>, see the <a href="faq/upgrade-minifaq.html#1.1">Upgrade
163: Mini-FAQ</a>.
1.109 jason 164:
1.169 miod 165: <p>Once you have decided which tree to follow, you must choose which Anonymous
1.109 jason 166: CVS server you are going to use. A list of these servers is
1.135 naddy 167: <a href="#CVSROOT">below</a>. Do, however, notice that there are three ways
1.109 jason 168: to access these servers.
1.100 ericj 169: </p>
1.99 ericj 170:
1.135 naddy 171: <dl>
1.155 jsyn 172: <dt><b>ssh</b><dd>Secure Shell can be used to access the anonymous CVS servers.
173: This is the <em>recommended</em> way of doing so, as it is encrypted. As of
174: 2.6, OpenBSD has included OpenSSH in its standard distribution.
175: <dt><b>rsh</b><dd>Remote Shell can be used on some of the servers for users
176: who don't have access to <a href="http://www.openssh.com/">ssh</a>.
177: <dt><b>pserver</b><dd>pserver is primarily useful for users who are behind
178: firewalls that block the other two connections.
1.135 naddy 179: </dl>
1.100 ericj 180:
181: <p>
1.159 jcs 182: <b>NOTE:</b> For users wishing to use rsh, you must first set the
183: <var>CVS_RSH</var> variable to rsh.
1.100 ericj 184:
185: <ul>
1.135 naddy 186: <li>For Korn/Bourne shells:
1.100 ericj 187: <pre>
1.159 jcs 188: $ <b>export CVS_RSH=/usr/bin/rsh</b>
1.100 ericj 189: </pre>
1.135 naddy 190: <li>For csh/tcsh:
1.100 ericj 191: <pre>
1.159 jcs 192: % <b>setenv CVS_RSH /usr/bin/rsh</b>
1.100 ericj 193: </pre>
194: </ul>
195:
196: <p>
1.155 jsyn 197: Once you have chosen which <a href="#CVSROOT">Anonymous CVS Server</a> you will
198: use, and which method you will use, you can start using cvs. For those of you
199: who have CDs you can start with the CVS checkout that is on the CD by using
200: the method <a href="#starting">above</a> to get the sources onto your system.
201: If you don't have a CD handy, use the method below to checkout the sources.
202: This method puts the OpenBSD source tree into <i>/usr/src</i>.
1.100 ericj 203: </p>
204:
1.135 naddy 205: <pre>
206: # <b>cd /usr; cvs checkout -P src</b>
207: </pre>
1.99 ericj 208:
1.1 deraadt 209: <p>
1.109 jason 210: The above will checkout the <i>current</i> source tree. Many of you will
1.169 miod 211: only want the patch branch sources. To checkout a patch branch, you must
1.109 jason 212: specify a tag along with your command. Example:
1.100 ericj 213: </p>
1.1 deraadt 214:
1.135 naddy 215: <pre>
1.205 david 216: # <b>cd /usr; cvs checkout -P -rOPENBSD_3_5 src</b>
1.135 naddy 217: </pre>
1.1 deraadt 218: <p>
1.205 david 219: Or OPENBSD_3_4 for 3.4, etc.
1.100 ericj 220:
1.205 david 221: <p> The OPENBSD_3_5 tag contains the release sources and
1.109 jason 222: errata already applied.
1.100 ericj 223:
1.155 jsyn 224: <h3><a name="CVSROOT"><font color="#0000e0">Available Anonymous CVS Servers
225: </font></a></h3>
1.1 deraadt 226:
227: <p>
228: There are two levels of source tree access:
229:
230: <dl>
231: <dt><strong>Read-write access for developers:</strong>
232: <dd>Developers who need to commit changes to the source tree must have
233: an account on the OpenBSD machines. Getting this access will be a
234: natural result of working on the sources with other OpenBSD developers.
235: If someone does some good work and shows they can work with the team,
236: they will get an account.
237: </dl>
238:
239: <dl>
240: <dt><strong>Read-only access for everyone:</strong>
241: <dd>Anyone can access the read-only CVS repositories. These copies
242: of the read-write CVS repository are mirrored often. To use one,
1.135 naddy 243: set your <var>CVSROOT</var> environment variable to one of
1.1 deraadt 244: the following values:
1.12 grr 245: <p>
1.159 jcs 246: <em>Please see the note about <a href="#WHICH">ssh vs. rsh</a> below!</em>
1.12 grr 247: <p>
1.1 deraadt 248: <ul>
1.196 nick 249: <li><strong>CVSROOT=anoncvs@anoncvs1.usa.openbsd.org:/cvs</strong><br>
1.209 david 250: Host also known as <strong>anoncvs@anoncvs.usa.openbsd.org</strong>,
251: <strong>anoncvs@anoncvs4.usa.openbsd.org</strong>.<br>
1.210 ! naddy 252: Located in Redwood City, California, western USA.<br>
! 253: Maintained by <a href="mailto:millert@openbsd.org">Todd Miller</a>.<br>
! 254: Protocols: rsh, ssh, ssh port 2022, pserver.<br>
! 255: Updated every 2 hours.<br>
1.196 nick 256: <p>
1.209 david 257: <li><strong>CVSROOT=anoncvs@anoncvs2.usa.openbsd.org:/cvs</strong><br>
258: Host also known as <strong>repository.citi.umich.edu</strong>.<br>
1.210 ! naddy 259: Located at the University of Michigan, central USA.<br>
! 260: Maintained by <a href="mailto:rees@umich.edu">Jim Rees</a>.<br>
! 261: Protocols: ssh, ssh port 2022.<br>
! 262: Updated every 12 hours.<br>
1.209 david 263: <p>
264: <li><strong>CVSROOT=anoncvs@anoncvs3.usa.openbsd.org:/cvs</strong><br>
1.210 ! naddy 265: Located at the University of Colorado, Boulder, western USA.<br>
! 266: Maintained by <a href="mailto:millert@openbsd.org">Todd Miller</a>.<br>
! 267: Protocols: rsh, ssh, ssh port 2022, pserver.<br>
! 268: Updated every 2 hours.<br>
1.1 deraadt 269: <p>
1.24 deraadt 270: <li><strong>CVSROOT=anoncvs@anoncvs1.ca.openbsd.org:/cvs</strong><br>
1.40 beck 271: Host also known as <strong>anoncvs.ca.openbsd.org</strong>,
1.74 beck 272: <strong>openbsd.sunsite.ualberta.ca</strong><br>
1.210 ! naddy 273: Located in Edmonton, Alberta, Canada.<br>
! 274: Maintained by <a href="mailto:beck@ualberta.ca">Bob Beck</a>.<br>
! 275: Protocols: ssh, rsh, ssh port 2022, pserver<br>
! 276: Updated every 2 hours.<br>
1.24 deraadt 277: <p>
1.1 deraadt 278: <li><strong>CVSROOT=anoncvs@anoncvs.no.openbsd.org:/cvs</strong><br>
1.64 deraadt 279: Host also known as <strong>cvs.inet.no</strong>.<br>
1.210 ! naddy 280: Located in Norway.<br>
! 281: Maintained by <a href="mailto:cvsadmin@inet.no">Michael Shuldman</a>.<br>
! 282: Protocols: rsh, ssh, ssh port 2022.<br>
! 283: Updated every 4 hours.<br>
1.1 deraadt 284: <p>
1.208 millert 285: <li><strong>CVSROOT=anoncvs@anoncvs.at.openbsd.org:/cvs</strong><br>
286: Host also known as <strong>togetic.kd85.com</strong>.<br>
1.210 ! naddy 287: Located in Austria.<br>
! 288: Maintained by <a href="mailto:wim@kd85.com">Wim Vandeputte</a>.<br>
! 289: Protocols: ssh, ssh port 2022.<br>
! 290: Updated every 3 hours.<br>
1.69 deraadt 291: <p>
1.142 naddy 292: <li><strong>CVSROOT=anoncvs@anoncvs.nl.openbsd.org:/cvs</strong><br>
293: Host also known as <strong>anoncvs.calyx.nl</strong>.<br>
1.210 ! naddy 294: Located in Amsterdam, The Netherlands.<br>
! 295: Maintained by <a href="mailto:nick@calyx.net">Nick Merrill</a> and
1.142 naddy 296: <a href="mailto:alex@calyx.nl">Alexander Grendel</a>.<br>
1.210 ! naddy 297: Protocols: ssh.<br>
! 298: Updated every 3 hours.<br>
1.118 beck 299: <p>
1.69 deraadt 300: <li><strong>CVSROOT=anoncvs@anoncvs.jp.openbsd.org:/cvs</strong><br>
301: Host also known as <strong>kankoromochi.econ.nagasaki-u.ac.jp</strong>.<br>
1.210 ! naddy 302: Located at Nagasaki Univ. Faculty of Economics, Japan.<br>
! 303: Maintained by <a href="mailto:sigh@net.nagasaki-u.ac.jp">SUZUKI Hitoshi</a>.<br>
! 304: Protocols: ssh, pserver.<br>
! 305: Updated every 3 hours.<br>
1.121 deraadt 306: <p>
1.103 beck 307: <li><strong>CVSROOT :pserver:anoncvs@cvs.bsdfr.org:/cvs</strong><br>
1.210 ! naddy 308: Located in France.<br>
! 309: Maintained by: <a href="mailto:jch@oleane.net">Jean-Claude Christophe</a>.<br>
! 310: Protocols: pserver<br>
! 311: Updated every 24h.<br>
1.121 deraadt 312: <p>
1.161 naddy 313: <li><strong>CVSROOT=anoncvs@anoncvs.de.openbsd.org:/cvs</strong><br>
314: Host also known as <strong>grappa.unix-ag.uni-kl.de</strong>.<br>
1.210 ! naddy 315: Located at the University of Kaiserslautern, Germany.<br>
! 316: Maintained by <a href="mailto:naddy@openbsd.org">Christian Weisgerber</a>.<br>
! 317: Protocols: ssh, ssh port 2022, pserver<br>
! 318: Updated every 6 hours.<br>
1.121 deraadt 319: <p>
1.128 beck 320: <li><strong>CVSROOT=anoncvs@anoncvs.pl.openbsd.org:/cvs</strong><br>
321: Host also known as <strong>anoncvs1.pl.openbsd.org</strong>,
1.210 ! naddy 322: <strong>incredible.bmtmc.gda.pl</strong>.<br>
! 323: Located at BMT Maritime Consultants, Gdansk, Poland.<br>
! 324: Maintained by <a href="mailto:detergent@incredible.bmtmc.gda.pl">
1.198 david 325: Adam Naguszewski</a>.<br>
1.210 ! naddy 326: Protocols: ssh, pserver<br>
! 327: Updated every 3 hours.<br>
1.122 beck 328: <p>
1.123 beck 329: <li><strong>CVSROOT=anoncvs@rt.fm:/cvs</strong><br>
1.210 ! naddy 330: Located in Lake in the Hills, Illinois, USA.<br>
! 331: Maintained by <a href="mailto:jcs@rt.fm">
1.198 david 332: Joshua Stein</a>.<br>
1.210 ! naddy 333: Protocols: ssh<br>
! 334: Updated every 3 hours.<br>
1.123 beck 335: <p>
1.149 miod 336: <li><strong>CVSROOT=anoncvs@cvs.openbsd.cz:/cvs</strong><br>
1.210 ! naddy 337: Located in Prague, Czech Republic.<br>
! 338: Maintained by <a href="mailto:vlada@openbsd.cz">Vladimir Kotal</a>.<br>
! 339: Protocols: ssh, pserver.<br>
! 340: Updated every 4 hours.<br>
1.152 beck 341: <p>
1.153 mickey 342: <li><strong>CVSROOT=anoncvs@anoncvs.openbsd.org.ua:/cvs</strong><br>
1.210 ! naddy 343: Located in Kiev, Ukraine.<br>
! 344: Maintained by <a href="mailto:hunter@dg.net.ua">Sergey Smitienko</a>.<br>
! 345: Protocols: ssh<br>
! 346: Updated every 6 hours.<br>
1.164 miod 347: <p>
1.165 miod 348: <li><strong>CVSROOT=openbsd@openbsd.bug.it:/cvs</strong><br>
1.210 ! naddy 349: Located in Modena, Italy.<br>
! 350: Maintained by <a href="mailto:jwk@bug.it">Giacomo Cariello</a>.<br>
! 351: Protocols: ssh, password "openbsd"<br>
! 352: Updated every 6 hours.<br>
1.176 miod 353: <p>
354: <li><strong>CVSROOT=anoncvs@anoncvs.openbsd.lt:/cvs</strong><br>
355: Host also known as <strong>anoncvs.studentas.lt</strong><br>
356: Located at LITNET NOC, Academical and Research Network, Kaunas, Lithuania.<br>
1.210 ! naddy 357: Maintained by <a href="mailto:helpas@aic.lt">Donatas Budvytis</a>.<br>
! 358: Protocols: ssh, password "anoncvs"<br>
! 359: Updated every 3 hours from anoncvs.usa.openbsd.org.<br>
1.183 jufi 360: <p>
1.199 nick 361: <li><strong>CVSROOT=anoncvs@anoncvs2.de.openbsd.org:/cvs</strong><br>
362: Host also known as <strong>openbsd.informatik.uni-erlangen.de</strong>.<br>
1.210 ! naddy 363: Located at the University of Erlangen-Nuremberg, Germany.<br>
! 364: Maintained by <a href="mailto:Alexander.Gernler@informatik.stud.uni-erlangen.de">Alexander von Gernler</a>.<br>
! 365: Protocols: ssh, ssh port 2022, pserver<br>
! 366: Updated every 2 hours.<br>
1.194 nick 367: <p>
1.185 jufi 368: <li><strong>CVSROOT=anoncvs@mirror.osn.de:/cvs</strong><br>
1.210 ! naddy 369: Located in Nürnberg, Germany.<br>
! 370: Maintained by <a href="mailto:aw@osn.de">Armin Wolfermann</a>.<br>
! 371: Protocols: ssh<br>
! 372: Updated every 4 hours.<br>
1.186 beck 373: <p>
374: <li><strong>CVSROOT=anoncvs@openbsd.chem.uw.edu.pl:/cvs</strong><br>
1.210 ! naddy 375: Located in Warsaw, Poland.<br>
! 376: Maintained by <a href="mailto:admin@chem.uw.edu.pl">Piotr Klein</a>.<br>
! 377: Protocols: ssh<br>
! 378: Updated every 3 hours.<br>
1.203 saad 379: <p>
1.202 beck 380: <li><strong>CVSROOT=anoncvs@anoncvs.student.pw.edu.pl:/cvs</strong><br>
1.210 ! naddy 381: Located at the Warsaw University of Technology, Poland.<br>
! 382: Maintained by <a href="mailto:dmarcink@elka.pw.edu.pl">Darek Marcinkeiwicz</a>.<br>
! 383: Protocols: ssh<br>
! 384: Updated every 3 hours.<br>
1.73 deraadt 385: </ul>
1.84 beck 386:
387:
1.73 deraadt 388: <p>
1.135 naddy 389: <em>Note:</em> If your server is listed on here with inaccurate or
1.104 ericj 390: unknown information, please contact
1.135 naddy 391: <a href="mailto:beck@openbsd.org"><tt>beck@openbsd.org</tt></a>
1.104 ericj 392: </p>
393:
1.80 beck 394: <p>
1.104 ericj 395: You may want to use
1.135 naddy 396: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=traceroute&sektion=8&format=html">traceroute(8)</a>
1.104 ericj 397: to find out which server is nearest you.
1.11 michaels 398: Problems with a server should be reported to the <b>maintainer</b> of the
399: server in question.
1.135 naddy 400: </dl>
1.104 ericj 401:
1.155 jsyn 402: <h3><a name="CRYPTO"><font color="#0000e0">Getting crypto sources through
403: cvs(1)</font></a></h3>
1.104 ericj 404:
1.1 deraadt 405: <p>
406: <strong>IMPORTANT NOTE:</strong>
407: There are a few issues relating to cryptographic software that everyone
408: should be aware of:
409: <ul>
410: <li>The OpenBSD sources are from Canada.
1.9 deraadt 411: As
1.182 nick 412: <a href="http://www.efc.ca/pages/doc/crypto-export.html">
1.9 deraadt 413: researched by a Canadian individual</a>
414: and as
1.135 naddy 415: <a href="http://axion.physics.ubc.ca/ECL.html">
1.9 deraadt 416: described in the Export Control list of Canada</a>
1.156 ian 417: it is legal to export crypto software from Canada to the world.
1.1 deraadt 418: <p>
419: <li>However, if you are outside the USA or Canada, you should not
420: fetch the cryptographic sections of the OpenBSD sources from an
421: anoncvs server located in the USA. The files in question are...
422: <ul>
423: <li>src/kerberosIV/*
1.167 miod 424: <li>src/kerberosV/*
1.57 art 425: <li>src/lib/libdes/*
1.1 deraadt 426: <li>src/lib/libc/crypt/crypt.c
427: <li>src/lib/libc/crypt/morecrypt.c
1.167 miod 428: <li>src/sys/crypto
1.36 deraadt 429: <li>src/sys/netinet
1.67 art 430: <li>src/usr.sbin/afs/src/rxkad/*
1.167 miod 431: <li>XF4/xc-mit/lib/Xdmcp/Wraphelp.c
432: <li>XF4/xc-old/lib/Xdmcp/Wraphelp.c
433: <li>XF4/xc/lib/Xdmcp/Wraphelp.c
1.1 deraadt 434: </ul>
435: Because of the USA ITAR munitions list,
436: crypto software may only be exported to Canada from the USA.
437: <p>
438: <li>The OpenBSD project is looking for more anoncvs servers -- read
439: on to find out how you can help.
440: </ul>
441:
1.155 jsyn 442: <h3><a name="EXAMPLE"><font color="#0000e0">Example usages for cvs(1)</font>
443: </a></h3>
1.104 ericj 444:
1.198 david 445: <p>
1.168 pvalchev 446: NOTICE: If you want to update a branch (such as a patch branch)
1.169 miod 447: to <i>current</i>, you would add the <code>-A</code>
1.163 chris 448: flag to cvs, but this flag is of little use otherwise. Some older
449: versions of the OpenBSD documentation recommended use of this flag
450: in many examples. We no longer recommend this flag unless absolutely necessary.
451:
1.1 deraadt 452: <p>
1.135 naddy 453: A sample use of an anoncvs server would be:
454: <pre>
1.104 ericj 455: % <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
456: % <strong>cd /tmp</strong>
457: % <strong>cvs get src/sys/arch/sparc</strong>
1.12 grr 458: [copies the files from the repository to your machine]
1.104 ericj 459: % <strong>cvs log src/sys/arch/sparc/sparc/locore.s</strong>
1.135 naddy 460: [shows the commit log for the chosen file]
1.104 ericj 461: % <strong>cvs diff -bc -r1.1 -r1.5 src/sys/arch/sparc/sparc/locore.s</strong>
1.12 grr 462: [shows the changes between revisions 1.1 and rev 1.5]
1.135 naddy 463: </pre>
1.1 deraadt 464:
465: <p>
1.155 jsyn 466: <a name="pserver">In order to use a cvs ``pserver'' (a direct TCP connection
467: instead of using ssh or rsh) you must login once:</a>
1.104 ericj 468:
1.135 naddy 469: <pre>
1.104 ericj 470: % <strong>setenv CVSROOT :pserver:anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
471: % <strong>cvs login</strong>
1.59 beck 472: (Logging in to anoncvs@anoncvs1.ca.openbsd.org)
1.104 ericj 473: CVS password: <strong>anoncvs</strong>
1.135 naddy 474: [This writes a line to ~/.cvspass (filename over-ridden by CVS_PASSFILE).]
1.18 todd 475: [An example line from my ~/.cvspass after typing 'blah' for the above ]
476: [password is: ]
477: [:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs Au'yc ]
1.135 naddy 478: [After logging in ONCE every other use of the above CVSROOT will work. ]
1.104 ericj 479: % <strong>cvs get ksrc-i386 ksrc-common</strong>
1.135 naddy 480: [Allows you to retrieve ONLY that necessary to rebuild an i386 kernel. ]
481: </pre>
1.18 todd 482:
483: <p>
1.39 todd 484: Here is how someone using anoncvs regularly would update his
1.1 deraadt 485: source tree:
1.60 millert 486: <ul><li>First, start out by `get'-ing an initial tree:
1.27 todd 487:
1.109 jason 488: <p> (If you are following <i>current</i>):
1.135 naddy 489: <pre>
490: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
491: # <strong>cd /usr</strong>
1.163 chris 492: # <strong>cvs -q get -P src</strong>
1.135 naddy 493: </pre>
1.109 jason 494:
1.205 david 495: <p> (If you are following the patch branch for 3.5):
1.135 naddy 496: <pre>
497: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
498: # <strong>cd /usr</strong>
1.205 david 499: # <strong>cvs -q get -rOPENBSD_3_5 -P src</strong>
1.135 naddy 500: </pre>
1.27 todd 501: </li>
1.37 todd 502:
1.27 todd 503: <li> Anytime afterwards, to `update' this tree:
1.109 jason 504: <p> (If you are following <i>current</i>):
1.135 naddy 505: <pre>
506: # <strong>cd /usr/src</strong>
1.163 chris 507: # <strong>cvs -q up -Pd</strong>
1.135 naddy 508: </pre>
1.27 todd 509:
1.205 david 510: <p> (If you are following the patch branch for 3.5):
1.135 naddy 511: <pre>
512: # <strong>cd /usr/src</strong>
1.205 david 513: # <strong>cvs -q up -rOPENBSD_3_5 -Pd</strong>
1.135 naddy 514: </pre>
1.109 jason 515:
1.154 jsyn 516: Every time you ran this it would synchronize your /usr/src tree. It would
1.1 deraadt 517: not destroy any of your local changes, rather it would attempt to merge
518: changes in. If you use obj directories (not obj symbolic links) you may
519: wish to append "-I obj" to the cvs command line, this will keep cvs from
520: spitting out a warning about all the obj directories it is going to
521: encounter which are not in the repository.
1.72 millert 522:
523: <p>
1.163 chris 524: <li> NOTE:
525: If you are updating a source tree that you initially fetched
1.72 millert 526: from a different server, or from a CD, you <strong>must</strong>
1.163 chris 527: add the <em>-d $CVSROOT</em> options to cvs.
1.135 naddy 528: <pre>
529: # <strong>cd /usr/src</strong>
530: # <strong>cvs -d $CVSROOT -q up -Pd</strong>
531: </pre>
1.27 todd 532: </li>
533: </ul>
534:
1.37 todd 535: <p>
1.135 naddy 536: To <a name="ports">use</a> <a href="ports.html">ports</a>, it is similar to src:
1.37 todd 537: <ul><li>
1.157 heko 538: <p> (If you are following <i>current</i>):
1.37 todd 539: <pre>
1.135 naddy 540: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
541: # <strong>cd /usr</strong>
1.163 chris 542: # <strong>cvs -q get -P ports</strong>
1.38 deraadt 543: </pre>
1.205 david 544: <p> (If you are following the patch branch for 3.5):
1.157 heko 545: <pre>
546: # <strong>setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs</strong>
547: # <strong>cd /usr</strong>
1.205 david 548: # <strong>cvs -q get -rOPENBSD_3_5 -P ports</strong>
1.157 heko 549: </pre>
1.37 todd 550: <li> Anytime afterwards, to `update' this tree:
1.157 heko 551: <p> (If you are following <i>current</i>):
1.37 todd 552: <pre>
1.135 naddy 553: # <strong>cd /usr</strong>
1.163 chris 554: # <strong>cvs -q up -Pd ports</strong>
1.157 heko 555: </pre>
1.205 david 556: <p> (If you are following the patch branch for 3.5):
1.157 heko 557: <pre>
558: # <strong>cd /usr</strong>
1.205 david 559: # <strong>cvs -q up -rOPENBSD_3_5 ports</strong>
1.157 heko 560: </pre>
1.37 todd 561: </li>
1.127 jufi 562: </ul>
1.37 todd 563:
1.104 ericj 564: In the above example, <i>-q</i> is optional, only intended to minimize
1.27 todd 565: cvs's output. For those who like to see screenfulls of output, it
566: can be omitted.
1.1 deraadt 567:
568: <p>
1.104 ericj 569: or to make a diff of a locally patched module (here <i>cd.c</i>) to include with
1.12 grr 570: a bug report:
1.135 naddy 571: <pre>
572: # <strong>cd /usr</strong>
573: # <strong>cvs diff -u src/sys/scsi/cd.c > /tmp/patch</strong>
574: </pre>
1.12 grr 575:
576: <p>
1.155 jsyn 577: The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&format=html">
578: cvs(1) man page</a>
1.104 ericj 579: (included with the CVS sources) has much more
1.1 deraadt 580: information about how CVS can be used.
581:
1.135 naddy 582: <h4>X11 Source tree</h4>
583:
1.1 deraadt 584: <p>
1.163 chris 585: Anoncvs mirrors also carry the OpenBSD X11 (XFree86) source tree. You can adapt
1.172 miod 586: the recipe above to update your XFree86 source tree from the third CD.
1.163 chris 587: You can copy or download the XFree86 3 source tree with the X11 cvs module,
588: although the current module containing XFree86 4 is XF4.
589: There are two ways to get the XF4 sources to <i>/usr/XF4</i>:
1.105 ericj 590:
591: <ul>
1.173 miod 592: <li>copy the tree off the CD (assuming the 3rd CD is mounted on /mnt):
1.105 ericj 593: <pre>
1.163 chris 594: # <strong>cd /mnt; cp -Rp XF4 /usr</strong>
1.105 ericj 595: </pre>
596: <li>use a union mount with the CD below a writable directory.
597: <pre>
1.163 chris 598: # <strong>mount -t union -o -b /mnt/XF4 /usr/XF4</strong>
1.135 naddy 599: </pre>
600: </ul>
1.105 ericj 601:
1.163 chris 602: After this, <i>/usr/XF4</i> will be ready to be used by cvs. You can for
1.105 ericj 603: example update it to -current source (assuming you've already set
1.140 horacio 604: the <var>CVSROOT</var> environment variable):
1.105 ericj 605:
1.135 naddy 606: <pre>
1.163 chris 607: # <strong>cd /usr/XF4</strong>
608: # <strong>cvs -q update -Pd</strong>
1.135 naddy 609: </pre>
1.105 ericj 610:
611: <p>
1.12 grr 612: <strong>Warning:</strong>
613: When using cvs you should take care that your current directory is either
1.109 jason 614: the root of the tree you are referencing or in a separate place such as /tmp.
1.12 grr 615: Some commands such as "get" can create an arbitrary sub-tree in the current
616: directory, and a subsequent update will recursively flesh out this sub-tree.
617:
618: <p>
1.1 deraadt 619: The anoncvs service gives fledgling developers a chance to learn CVS
620: operation and get thoroughly involved in the development process
621: before getting "commit" access -- as a result of showing useful
622: skills and high quality results they will naturally later be given
623: developer access. As well, people providing patches can create
624: their "diff"s relative to the CVS tree, which will ease integration.
625:
1.104 ericj 626:
1.135 naddy 627: <h3><a name="WHICH"><font color="#0000e0">Use rsh(1) or ssh(1)?</font></a></h3>
1.104 ericj 628:
1.1 deraadt 629: <p>
1.159 jcs 630: By default, the CVS client uses ssh ("secure shell":
631: <a href="http://www.openssh.com/">OpenSSH</a>) to talk to the CVS server.
632:
633: <p>
634: Many of the CVS sites no longer support rsh for security reasons. Local
635: problems like firewalls or imperfect protocol emulators such as slirp may
636: also hinder rsh usage. However, if rsh is desired, one must set the
637: <var>CVS_RSH</var> environment variable to point to rsh
638: (typically <strong>/usr/bin/rsh</strong>).
639:
640: <p>
641: If local policy prevents outgoing connections to ssh's default port of 22,
642: port 2022 may be used in its place. Note, however, that not all anoncvs
643: servers accept ssh connections on this port. Furthermore, most anoncvs servers
644: no longer accept the <strong>none</strong> cipher, as it is disabled in
1.169 miod 645: recent versions of ssh for security reasons. Also, do not be tempted
1.159 jcs 646: to turn on compression: CVS already compresses.
647:
648: <p>
649: One could specify something like the following in the
650: <strong>$HOME/.ssh/config</strong> configuration file to avoid the pitfalls
651: and restrictions mentioned above:
1.1 deraadt 652: <pre>
1.59 beck 653: Host anoncvs.ca.openbsd.org
1.159 jcs 654: Compression no
1.1 deraadt 655: Port 2022
656: </pre>
657:
658: <p>
659: CVS is a little noisy starting up; to quiet it a bit you may want to
660: do this:
1.105 ericj 661:
1.135 naddy 662: <pre>
663: <strong>% setenv CVS_CLIENT_PORT -1</strong>
664: </pre>
1.1 deraadt 665:
666: <p>
1.155 jsyn 667: <h3><a name="SUP"><font color="#0000e0">Mirroring the CVS repository via
668: sup(1)</font></a></h3>
1.107 millert 669:
670: <p>
671: Users wishing to mirror the OpenBSD CVS tree itself may now do so
1.143 millert 672: from <em>anoncvs.usa.openbsd.org</em> or <em>anoncvs1.usa.openbsd.org</em>
673: (these are different machines). Note that this is the cvs tree,
674: <b>not</b> a checked out source tree. It is only useful if you
675: want to be able to do fast cvs operations (diff, annotate, etc) or
676: if you have multiple source trees and you only want to transfer new
677: data once (you can then checkout a tree from your local cvs mirror).
1.107 millert 678: <p>
679: A sample supfile would be:
680: <pre>
681: cvs host=anoncvs.usa.openbsd.org hostbase=/ base=/home delete
682: </pre>
683: <p>
684: which would mirror the cvs tree into /home/cvs with the sup data
1.133 millert 685: files ending up in /home/sup. The full OpenBSD cvs tree is currently
1.195 brad 686: about 2.2GB in size.
1.65 matthieu 687:
1.155 jsyn 688: <h3><a name="MIRROR"><font color="#0000e0">Setting up an anoncvs mirror
689: </font></a></h3>
1.105 ericj 690:
1.107 millert 691: <p>
1.200 nick 692: If you wish to setup a new anoncvs mirror site and make it available to
693: the general public, please contact the anoncvs
1.135 naddy 694: <a href="mailto:sup@openbsd.org">maintainer</a>.
1.197 brad 695: Anoncvs mirrors require about 2.2GB of disk, and use up to 32MB of swap
1.1 deraadt 696: per anoncvs user (assuming the user does a large operation; while smaller
697: operations use fewer resources, anoncvs still makes much more of an
698: impact than ftp or sup). Such anoncvs machines should have excellent
699: network connectivity for the area they are expected to serve. A
1.135 naddy 700: <a href="anoncvs.shar">document</a>
1.1 deraadt 701: which describes the setup of anoncvs servers is available.
702:
1.135 naddy 703: <h3><font color="#0000e0">Final notes</font></h3>
1.60 millert 704: After upgrading your source tree, you should read the comments
1.198 david 705: at the top of <kbd>/usr/src/Makefile</kbd> before attempting
1.60 millert 706: a build. Also, you should build a new kernel <strong>before</strong>
1.198 david 707: doing a <kbd>make build</kbd> if possible. In some cases it may be
708: necessary to rebuild and install the <kbd>config</kbd> utility before
709: you can build the kernel. If <kbd>config GENERIC</kbd> fails this
1.60 millert 710: is probably the case.
711: <p>
712: It is important to note that upgrading from a release to the current tree
713: by rebuilding the sources can be rather difficult due to dependencies
714: that are often not obvious. Therefore, it is suggested that you first
1.154 jsyn 715: install the latest snapshot before attempting a tree build from source.
1.1 deraadt 716:
717: <hr>
1.155 jsyn 718: <a href="index.html"><img height="24" width="24" src="back.gif" border="0"
719: alt="OpenBSD"></a>
1.135 naddy 720: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
1.210 ! naddy 721: <br><small>$OpenBSD: anoncvs.html,v 1.209 2004/07/06 06:15:42 david Exp $
1.155 jsyn 722: </small>
1.1 deraadt 723:
724: </body>
725: </html>