Annotation of www/anoncvs.html, Revision 1.67
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.49 ian 4: <title>OpenBSD AnonCVS</title>
5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type"
7: content="document">
8: <meta name="description"
9: content="How to get OpenBSD updates via Internet using Anonymous CVS">
10: <meta name="keywords"
11: content="openbsd,anoncvs,updates">
12: <meta name="distribution"
13: content="global">
14: <meta name="copyright"
15: content="This document copyright 1996-1998 by OpenBSD.">
1.1 deraadt 16: </head>
17:
1.14 downsj 18: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
1.1 deraadt 19:
1.58 pauls 20: <img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
1.14 downsj 21:
1.43 deraadt 22: <h3><font color=#0000e0>Anonymous CVS Access:</font></h3>
1.15 grr 23: <p>
24: Anonymous CVS is a method of keeping your local copy of the OpenBSD source
25: tree up to date with respect to changes made to current OpenBSD sources.
1.14 downsj 26: <p>
1.15 grr 27: The major advantage of Anonymous CVS over other source code update
28: techniques is that it works directly against a central source code
29: repository or mirror. This means that you have the full set of CVS
30: commands available to control merging and updating your changes with
31: other source changes and for performing diff's, change histories
32: and other queries against the central repository.
1.36 deraadt 33: <p>
34: You can use anoncvs to access our three main source repositories:
35: <strong>src</strong>, <strong>ports</strong>, and <strong>www</strong>.
36: <p>
1.43 deraadt 37: <h3><font color=#0000e0>CVS:</font></h3>
1.36 deraadt 38: <a href=why-cvs.html>
39: CVS is the source code control system used to manage the OpenBSD source tree.</a>
1.16 deraadt 40: It implements a central repository for all officially released source code
1.15 grr 41: and changes, while permitting developers to maintain local copies of the
42: source code with their working changes. Developers with "write access"
43: can commit changes directly to the OpenBSD source tree, while "Anonymous
44: CVS" users have "read access" and can keep their local copies of the source
45: up to date and issue queries against the central depository.
46: <p>
1.22 niklas 47: The major strength of CVS is that it has the ability to perform intelligent
1.15 grr 48: merges of changes to the central repository with changes that you make to
49: your local copy. This means that if you make a change to a module and
50: perform an update, your changes are not "blown away", rather CVS makes
51: best efforts to merge the changes made to the central sources with changes
52: you've made to your local copy.
53: <p>
54: In the event that the changes can't be completely merged, CVS provides a
55: "soft fallback", in terms of providing you with annotated changes to your
1.39 todd 56: local copy, preserving an unmodified copy of your version and continuing
1.15 grr 57: to update any other source modules you requested.
1.22 niklas 58: <p>
1.23 mickey 59: People who own an OpenBSD CD may have seen the CVS/ dirs on it.
1.22 niklas 60: Actually there is a reason, the CD has a checkout of the OpenBSD src/ module
1.23 mickey 61: usable to continue updating from. Using this tree will results in a much
62: faster initial CVS update than a fresh checkout of the full OpenBSD
63: source tree. There are two ways of using the CD:
64: <ul>
65: <li>copy the tree off it, (assuming the CD is mounted on /mnt):
1.22 niklas 66: <pre>
1.23 mickey 67: <b>#</b> cd /mnt; cp -Rp CVS Makefile bin distrib etc games gnu \
68: <b>></b> include kerberosIV lib libexec lkm regress sbin share \
69: <b>></b> sys usr.bin usr.sbin /usr/src
1.22 niklas 70: </pre>
1.23 mickey 71: <li>use a union mount with the CD below a writable directory.
1.22 niklas 72: <pre>
1.23 mickey 73: <b>#</b> mount -t union -o -b /mnt /usr/src
1.22 niklas 74: </pre>
1.23 mickey 75: </ul>
1.22 niklas 76: After this, /usr/src will be a nice checkout area where all cvs(1) commands
77: will work OK.
1.15 grr 78: <h4>CVS COMMAND SUMMARY</h4>
1.27 todd 79: <dt> cvs [cvs args] [cvs command] [cvs command args]
80: <dd> below is a listing of commonly used cvs commands.
1.15 grr 81: <dl>
82: <DT>add
83: <dd>Add a new file or directory to the repository.
84: <dt>get
85: <dd>Make a working directory of source files for editing.
86: <dt>commit
87: <dd>Apply changes to the source repository (write access)
88: <dt>diff
89: <dd>Show differences between local files and the source repository.
90: <dt>history
91: <dd>Show reports on cvs commands against the source repository.
92: <dt>log
93: <dd>Display CVS log information.
94: <dt>rdiff
95: <dd>Prepare a collection of diffs reflecting changes between release.
96: <dt>status
97: <dd>Show current status of files in the repository and local copies.
98: <dt>update
99: <DD>Bring your working directory up to date with the repository.
100: </dl>
1.1 deraadt 101: <p>
1.39 todd 102: To summarize, the real strength of using Anonymous CVS is that it is
1.15 grr 103: a "tolerant" source code control system - it <strong>respects</strong>
104: changes that you have made to your local sources and makes <strong>
105: "best efforts"</strong> to update your entire source tree, rather than
106: leaving you a list of arcane problems that have to be resolved before
107: continuing.
1.1 deraadt 108:
1.43 deraadt 109: <h3><font color=#0000e0>Using Anonymous CVS:</font></h3>
1.1 deraadt 110: <p>
111: The latest version of CVS is available at
1.47 pauls 112: <a href=http://download.cyclic.com/pub/>Cyclic</a>.
1.1 deraadt 113: Versions earlier than 1.6 are not recommended, and may not work.
114: If you already have OpenBSD installed, CVS is included.
115:
116: <p>
117: There are two levels of source tree access:
118:
119: <dl>
120: <dt><strong>Read-write access for developers:</strong>
121: <dd>Developers who need to commit changes to the source tree must have
122: an account on the OpenBSD machines. Getting this access will be a
123: natural result of working on the sources with other OpenBSD developers.
124: If someone does some good work and shows they can work with the team,
125: they will get an account.
126: </dl>
127:
128: <dl>
129: <dt><strong>Read-only access for everyone:</strong>
130: <dd>Anyone can access the read-only CVS repositories. These copies
131: of the read-write CVS repository are mirrored often. To use one,
132: set your <strong>CVSROOT</strong> environment variable to one of
133: the following values:
1.12 grr 134: <p>
135: <strong>Please see the note about using ssh vs. rsh below!</strong>
136: <p>
1.1 deraadt 137: <ul>
138: <p>
139: <li><strong>CVSROOT=anoncvs@anoncvs.usa.openbsd.org:/cvs</strong><br>
1.10 millert 140: Host also known as <strong>anoncvs.openbsd.org</strong>,
141: <strong>anoncvs@anoncvs1.usa.openbsd.org</strong>,
142: <strong>anoncvs@anoncvs4.usa.openbsd.org</strong> and
143: <strong>anoncvs2.isc.org</strong>.<br>
144: located in California, western USA.<br>
1.46 millert 145: maintained by <a href=mailto:millert@openbsd.org>Todd Miller</a>.<br>
1.10 millert 146: protocols: ssh only.<br>
1.1 deraadt 147: updated every 4 hours.<br>
1.66 millert 148: Currently DOWN!<br>
1.1 deraadt 149: <p>
150: <li><strong>CVSROOT=anoncvs@anoncvs3.usa.openbsd.org:/cvs</strong><br>
1.55 millert 151: Host also known as <strong>openbsd.cs.colorado.edu</strong>.<br>
1.1 deraadt 152: located at the University of Colorado, Boulder, western USA.<br>
153: maintained by <a href=mailto:Todd.Miller@cs.colorado.edu>Todd Miller</a>.<br>
154: protocols: ssh, ssh port 2022.<br>
155: updated every 6 hours.<br>
156: <p>
1.18 todd 157: <li>
158: <strong>CVSROOT=:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs</strong><br>
159: Note <a href=#pserver>*pserver usage*</a><br>
160: Host also known as <strong>alpha.ctaz.com</strong>.<br>
1.19 todd 161: located in Arizona, western USA.<br>
1.18 todd 162: maintained by <a href=mailto:todd@openbsd.org>Todd Fries</a>.<br>
163: protocols: :pserver:.<br>
1.51 todd 164: Currently DOWN!<br>
1.18 todd 165: <p>
1.31 deraadt 166: <li><strong>CVSROOT=anoncvs@anoncvs6.usa.openbsd.org:/cvs</strong><br>
167: Host also known as <strong>openbsd.citi.umich.edu</strong>.<br>
168: located at the University of Michigan, central USA.<br>
169: maintained by <a href=mailto:rees@umich.edu>Jim Rees</a>.<br>
170: protocols: ssh, ssh port 2022.<br>
171: updated every 12 hours.<br>
172: <p>
1.24 deraadt 173: <li><strong>CVSROOT=anoncvs@anoncvs1.ca.openbsd.org:/cvs</strong><br>
1.40 beck 174: Host also known as <strong>anoncvs.ca.openbsd.org</strong>,
175: <strong>panopticon.ucs.ualberta.ca</strong><br>
1.24 deraadt 176: located in Edmonton, Alberta, Canada.<br>
177: maintained by <A HREF="mailto:beck@panopticon.ucs.ualberta.ca">Bob Beck</A><br>
1.53 beck 178: protocols: ssh, rsh, ssh port 2022, pserver<br>
1.45 beck 179: updated every 2 hours.<br>
1.24 deraadt 180: <p>
1.1 deraadt 181: <li><strong>CVSROOT=anoncvs@anoncvs.uk.openbsd.org:/cvs</strong><br>
182: Host also known as <strong>dumpty.wonderland.org</strong>.<br>
183: located in London, UK.<br>
184: maintained by <a href=mailto:peter@wonderland.org>Peter Galbavy</a>.<br>
185: protocols: rsh.<br>
186: updated every 12 hours.<br>
187: <p>
188: <li><strong>CVSROOT=anoncvs@anoncvs.tw.openbsd.org:/cvs</strong><br>
1.64 deraadt 189: Host also known as <strong>OpenBSD.csie.NCTU.edu.tw</strong>.<br>
1.1 deraadt 190: located in Taipei, Taiwan.<br>
1.63 deraadt 191: maintained by <a href=mailto:lkchu@OpenBSD.csie.NCTU.edu.tw>Liang-Kai Chu</a>.<br>
1.1 deraadt 192: protocols: rsh, ssh, ssh port 2022.<br>
193: updated every 12 hours.<br>
194: <p>
195: <li><strong>CVSROOT=anoncvs@anoncvs.no.openbsd.org:/cvs</strong><br>
1.64 deraadt 196: Host also known as <strong>cvs.inet.no</strong>.<br>
1.1 deraadt 197: located in Norway.<br>
1.64 deraadt 198: maintained by <a href=mailto:cvsadmin@inet.no>Michael Shuldman</a>.<br>
1.1 deraadt 199: protocols: rsh, ssh, ssh port 2022.<br>
200: updated every 4 hours.<br>
201: <p>
1.33 deraadt 202: <li><strong>CVSROOT=anoncvs@anoncvs.se.openbsd.org:/cvs</strong><br>
1.54 art 203: Host also known as <strong>anoncvs.stacken.kth.se</strong>.<br>
1.33 deraadt 204: located in Sweden.<br>
205: maintained by <a href=mailto:anoncvs@stacken.kth.se>Magnus Holmberg</a>.<br>
206: protocols: rsh, ssh, ssh port 2022.<br>
1.57 art 207: updated every 3 hours.<br>
1.33 deraadt 208: </ul>
209: <p>
1.1 deraadt 210: You may want to use `traceroute' to find out which server is nearest you.
1.11 michaels 211: Problems with a server should be reported to the <b>maintainer</b> of the
212: server in question.
1.1 deraadt 213: </dl>
214: <p>
215: <strong>IMPORTANT NOTE:</strong>
216: There are a few issues relating to cryptographic software that everyone
217: should be aware of:
218: <ul>
219: <li>The OpenBSD sources are from Canada.
1.9 deraadt 220: As
221: <a href=http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html>
222: researched by a Canadian individual</a>
223: and as
224: <a href=http://axion.physics.ubc.ca/ECL.html>
225: described in the Export Control list of Canada</a>
226: is legal to export crypto software from Canada to the world.
1.1 deraadt 227: <p>
228: <li>However, if you are outside the USA or Canada, you should not
229: fetch the cryptographic sections of the OpenBSD sources from an
230: anoncvs server located in the USA. The files in question are...
231: <ul>
232: <li>src/kerberosIV/*
1.57 art 233: <li>src/lib/libdes/*
1.1 deraadt 234: <li>src/lib/libc/crypt/crypt.c
235: <li>src/lib/libc/crypt/morecrypt.c
1.36 deraadt 236: <li>src/sys/netinet
1.67 ! art 237: <li>src/usr.sbin/afs/src/rxkad/*
1.56 matthieu 238: <li>X11/xc/lib/Xdmcp/Wraphelp.c
1.1 deraadt 239: </ul>
240: Because of the USA ITAR munitions list,
241: crypto software may only be exported to Canada from the USA.
242: <p>
243: <li>The OpenBSD project is looking for more anoncvs servers -- read
244: on to find out how you can help.
245: </ul>
246:
247: <p>
248: A sample use of an anoncvs CVS server would be:
1.27 todd 249: <ul>
1.1 deraadt 250: <pre>
1.59 beck 251: % setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs
1.1 deraadt 252: % cd /tmp
253: % cvs get src/sys/arch/sparc
1.12 grr 254: [copies the files from the repository to your machine]
1.1 deraadt 255: % cvs log src/sys/arch/sparc/sparc/locore.s
1.12 grr 256: [shows the commit log for the chosen file ]
1.1 deraadt 257: % cvs diff -bc -r1.1 -r1.5 src/sys/arch/sparc/sparc/locore.s
1.12 grr 258: [shows the changes between revisions 1.1 and rev 1.5]
1.1 deraadt 259: </pre>
1.27 todd 260: </ul>
1.1 deraadt 261:
262: <p>
1.18 todd 263: <a name=pserver>In order to use a cvs ``pserver'' (a direct tcp connection instead of using ssh or rsh) you must login once:</a>
264: <pre>
265: [ *NOTE* You must be using cvs version 1.8 or higher to do this ]
1.59 beck 266: % setenv CVSROOT :pserver:anoncvs@anoncvs.ca.openbsd.org:/cvs
1.18 todd 267: % cvs login
1.59 beck 268: (Logging in to anoncvs@anoncvs1.ca.openbsd.org)
1.18 todd 269: CVS password: <type whatever you feel like, just type something!>
270: [this writes a line to ~/.cvspass (filename over-ridden by CVS_PASSFILE).]
271: [An example line from my ~/.cvspass after typing 'blah' for the above ]
272: [password is: ]
273: [:pserver:anoncvs@anoncvs5.usa.openbsd.org:/cvs Au'yc ]
274: [...after logging in ONCE every other use of the above CVSROOT will work ]
275: % cvs -z9 get ksrc-i386 ksrc-common
276: [allows you to retrieve ONLY that necessary to rebuild an i386 kernel ]
277: [ -z9 allows gzip -9 compression, GOOD medicine for slow links ]
278: </pre>
279:
280: <p>
1.39 todd 281: Here is how someone using anoncvs regularly would update his
1.1 deraadt 282: source tree:
1.60 millert 283: <ul><li>First, start out by `get'-ing an initial tree:
1.27 todd 284:
1.1 deraadt 285: <pre>
1.59 beck 286: # setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs
1.1 deraadt 287: # cd /usr
288: # cvs -q get -PA src
289: </pre>
1.27 todd 290: </li>
1.37 todd 291:
1.27 todd 292: <li> Anytime afterwards, to `update' this tree:
1.1 deraadt 293: <pre>
1.41 deraadt 294: # cd /usr/src
295: # cvs -q up -PAd
1.1 deraadt 296: </pre>
1.27 todd 297:
1.39 todd 298: Everytime you ran this it would synchronize your /usr/src tree. It would
1.1 deraadt 299: not destroy any of your local changes, rather it would attempt to merge
300: changes in. If you use obj directories (not obj symbolic links) you may
301: wish to append "-I obj" to the cvs command line, this will keep cvs from
302: spitting out a warning about all the obj directories it is going to
303: encounter which are not in the repository.
1.27 todd 304: </li>
305: </ul>
306:
1.37 todd 307: <p>
308: To <a name=ports>use</a> <a href=ports.html>ports</a>, it is similar to src:
309: <ul><li>
310: <pre>
1.59 beck 311: # setenv CVSROOT anoncvs@anoncvs.ca.openbsd.org:/cvs
1.37 todd 312: # cd /usr
313: # cvs -q get -PA ports
1.38 deraadt 314: </pre>
1.37 todd 315: </li>
316: <li> Anytime afterwards, to `update' this tree:
317: <pre>
318: # cd /usr
319: # cvs -q up -PAd ports
320: </pre>
321: </li>
322: </p>
323: </ul>
324:
1.27 todd 325: In the above example, '-q' is optional, only intended to minimize
326: cvs's output. For those who like to see screenfulls of output, it
327: can be omitted.
1.1 deraadt 328:
329: <p>
1.12 grr 330: or to make a diff of a locally patched module (here cd.c) to include with
331: a bug report:
332: <pre>
333: # cd /usr
334: # cvs diff -u src/sys/scsi/cd.c > /tmp/patch
335: </pre>
1.37 todd 336: </p>
1.12 grr 337:
338: <p>
1.1 deraadt 339: The CVS man page (included with the CVS sources) has much more
340: information about how CVS can be used.
341:
342: <p>
1.12 grr 343: <strong>Warning:</strong>
344: When using cvs you should take care that your current directory is either
345: the root of the tree you're referencing or in a separate place such as /tmp.
346: Some commands such as "get" can create an arbitrary sub-tree in the current
347: directory, and a subsequent update will recursively flesh out this sub-tree.
348:
349: <p>
1.1 deraadt 350: The anoncvs service gives fledgling developers a chance to learn CVS
351: operation and get thoroughly involved in the development process
352: before getting "commit" access -- as a result of showing useful
353: skills and high quality results they will naturally later be given
354: developer access. As well, people providing patches can create
355: their "diff"s relative to the CVS tree, which will ease integration.
356:
357: <p>
1.15 grr 358: <strong>Anoncvs: rsh vs. ssh</strong>
1.12 grr 359: <br>
360: By default, the CVS client uses rsh to talk to the CVS server. Many
1.39 todd 361: of the CVS sites no longer support rsh for security reasons or a local
1.12 grr 362: problem like a firewall or imperfect protocol emulator such as slirp
363: may prevent you from using rsh.
364: The alternative is a to use a "secure shell" connection using
1.48 ryker 365: <a href=http://www.cs.hut.fi/ssh/>ssh</a>. This is a commercial product
1.12 grr 366: offered by <a href=http://www.ssh.fi>SSH Communications Security Ltd</a>,
367: however they make a free unix version available that can be easily
1.49 ian 368: installed under OpenBSD. If you have installed the OpenBSD
369: <A HREF="ports.html">ports tree</A> you can download, compile, and install
370: the free UNIX version just by changing directory into the directory
371: /usr/ports/security/ssh
372: and typing <KBD>make install</KBD>.
373: If you installed "ports" from the OpenBSD 2.2 CD-ROM, you get ssh
1.50 ian 374: version 1.2.21 and should eventually "cvs update ports" and rebuild it as above
1.49 ian 375: after you get ssh and anoncvs working, to get the latest version.
376: Alternately, you can manually download the latest Unix version from
1.48 ryker 377: <a href=http://www.cs.hut.fi/ssh/>http://www.cs.hut.fi/ssh/</a> or one of
1.49 ian 378: the mirrors listed there, compile, and install it yourself.
1.28 beck 379:
1.50 ian 380: <p> One ssh is installed, one sets the environment variable
1.28 beck 381: <strong>CVS_RSH</strong> to point to ssh (typically
382: <strong>/usr/local/bin/ssh</strong>). If your local site prevents you
383: from connecting out to port 22 (which ssh defaults to using) use port
384: 2022.
1.1 deraadt 385:
386: <p>
387: Do not be tempted to turn on compression since CVS already compresses.
388: Use something like the following in your <strong>$HOME/.ssh/config</strong>
1.10 millert 389: file. Note that not all anoncvs servers allow ssh connections on
1.21 millert 390: port 2022. Also note that most anoncvs servers no longer accept
391: the <strong>none</strong> cipher as it is disabled in recent
392: versions of ssh for security reasons.
1.1 deraadt 393: <pre>
1.59 beck 394: Host anoncvs.ca.openbsd.org
1.1 deraadt 395: Port 2022
396: </pre>
397:
398: <p>
399: CVS is a little noisy starting up; to quiet it a bit you may want to
400: do this:
401: <pre>
402: setenv CVS_CLIENT_PORT -1
403: </pre>
404:
405: <p>
1.8 deraadt 406: If you wish to change from one CVS server to another (say your normal one is
407: down, or for any other reason), the environment variable which will let you
408: do this is
409: <pre>
410: setenv CVS_IGNORE_REMOTE_ROOT
411: </pre>
412:
1.65 matthieu 413: <p><strong>X11 Source tree</strong>
414: <br>
415: Anoncvs mirrors also carry the OpenBSD X11 source tree. You can adapt
416: the recipe above to update your X11 source tree from the second CD.
417: Either copy or use a union mount to get the X11 sources in /usr/X11:
418: <ul>
419: <li>copy the tree off it (assuming the 2nd CD is mounted on /mnt):
420: <pre>
421: <b>#</b> cd /mnt; cp -Rp X11 /usr
422: </pre>
423: <li>use a union mount with the CD below a writable directory.
424: <pre>
425: <b>#</b> mount -t union -o -b /mnt/X11 /usr/X11
426: </pre>
427: </ul>
428: After this, /usr/X11 will be ready to be used by cvs. You can for
429: example update it to -current source (assuming you've already set
430: the <b>CVSROOT</b> environment variable):
431: <pre>
432: <b>#</b> cd /usr/X11
433: <b>#</b> cvs -q update -PAd
434: </pre>
435:
436: <p><strong>Setting up a new anoncvs mirror</strong>
437: <br>
1.1 deraadt 438: If you wish to be a new anoncvs mirror site, please contact the anoncvs
439: <a href=mailto:deraadt@theos.com>maintainer</a>.
1.30 beck 440: Anoncvs mirrors require about 500MB of disk, and use up to 4MB of swap
1.1 deraadt 441: per anoncvs user (assuming the user does a large operation; while smaller
442: operations use fewer resources, anoncvs still makes much more of an
443: impact than ftp or sup). Such anoncvs machines should have excellent
444: network connectivity for the area they are expected to serve. A
445: <a href=anoncvs.shar>document</a>
446: which describes the setup of anoncvs servers is available.
447:
1.60 millert 448: <h3><font color=#0000e0>Final notes:</font></h3>
449: After upgrading your source tree, you should read the comments
450: at the top of <KBD>/usr/src/Makefile</KBD> before attemping
451: a build. Also, you should build a new kernel <strong>before</strong>
452: doing a <KBD>make build</KBD> if possible. In some cases it make be
453: necessary to rebuild and install the <KBD>config</KBD> utility before
454: you can build the kernel. If <KBD>config GENERIC</KBD> fails this
455: is probably the case.
456: <p>
457: It is important to note that upgrading from a release to the current tree
458: by rebuilding the sources can be rather difficult due to dependencies
459: that are often not obvious. Therefore, it is suggested that you first
460: install the latest snapshot before attemping a tree build from source.
1.1 deraadt 461:
462: <hr>
1.58 pauls 463: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.1 deraadt 464: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.67 ! art 465: <br><small>$OpenBSD: anoncvs.html,v 1.66 1998/09/16 16:05:57 millert Exp $</small>
1.1 deraadt 466:
467: </body>
468: </html>