[See dev-user.txt for lots more discussion on these issues. I don't see why this should be a new environment variable rather than the USER environment variable. I guess I say that mainly in the context of compatibility with old CVS scripts/practices (from the pre-client/server era); but documenting the behavior (and presumably, giving $USER _some_ well-defined behavior) is the key here. Here are more thoughts from Zygo Blaxell: Basically the reason I have for using a new variable name is that $USER and $LOGNAME already have well-known meanings (at least on Unix) that are not the same as the meaning of the return value of getcaller() in CVS. IMHO overloading well-established environment variables is much worse than carving out CVS's own portion of the namespace (e.g. via lots of possibly redundant variables named CVS*). If CVS changes the values of variables like "TZ" or "TERM" or "LOGNAME" or "USER" or "PATH" in unexpected ways, then users will be surprised when it does not have the usual meaning in CVS. If the variable has "CVS" in its name, then users will expect that it has something to do with (and therefore has semantics defined by) CVS and only CVS. Of course your opinion may vary from mine--the dev-user page suggests that there is opposition to the entire idea of environment variables, particularly on non-Unix systems. If you want to seriously talk about non-Unix systems, you have to give up stdin, stdout, stderr, pipes, environment variables and command arguments as communications mechanisms as well. For example loginfo may be expected to receive a temporary file name on the command line in some easy-to-parse and consistent (text) format that lists all the files, their revisions, and log messages from a single commit. -kingdon] From: u1kta6zf@umail.furryterror.org (Zygo Blaxell) Subject: Patch: sets environment variable CVS_USER_NAME for pserver To: bug-cvs@gnu.org Date: 19 Jan 1999 15:21:21 -0500 X-Header-Mangling: Original "From:" was First, a little about my CVSROOT: I'm running 'cvs pserver' from inetd as a non-root user ID. I use normal system passwords (actually NIS) to authenticate clients but they all manipulate the repository as the 'cvs' user. I have some scripts in CVSROOT that generate web pages whenever something is committed. Unfortunately, in the current CVS there is no reliable way that these scripts can get the identity of the client who committed the changes. This patch implements a CVS_USER_NAME environment variable for the scripts that is set to the value of getcaller() and should match the data in the RCS change history. I don't know why this wouldn't also be useful (although redundant) in the other CVS modes, so it's set there as well. It should probably be based on the principal name for Kerberos authentication, but I can't test that. If you're using an rsh-based repository, then you'll need to have the rsh daemon on the CVS server host set an environment variable for you, and the CVSROOT scripts will have to also look for that. If you're using an ssh-based repository, you can use the "command" feature of ..ssh/authorized_keys to pass the client's identity (based on their RSA key) to the CVS server. Neither of these cases are handled by this patch, nor can they be. The documentation is kind of a hack; I'm not really sure where it should be documented. Given that it's most useful in a situation that (last time I checked) wasn't documented at all, maybe this doesn't belong in the documentation either. [I've replaced the last two files in this patch (src/cvs.h & src/main.c) with a more correct submission from Ask Bjoern Hansen . The original didn't compile due to unbalanced parens. If you're really curious, you can pull up the original (rev 1.1) using the source browser on the www project: http://www.cvshome.org/source/browse/www/www/dev/patches/user . Also, this patch is no longer necessary with CVS versions 1.11.1p1 and later, which put this data into the CVS_USER variable. -Derek Price] Index: NEWS =================================================================== RCS file: /home2/cvsroot/ccvs/NEWS,v retrieving revision 1.76 diff -u -w -r1.76 NEWS --- NEWS 1998/09/25 04:12:18 1.76 +++ NEWS 1999/01/19 20:07:19 @@ -1,5 +1,10 @@ Changes since 1.10: +* There is a new environment variable CVS_USER_NAME which is set +by CVS to what CVS thinks is the name of the user who is manipulating +the repository. This is most useful to the scripts that live in +CVSROOT when in pserver mode. + * There is a new access method :fork: which is similar to :local: except that it is implemented via the CVS remote protocol, and thus has a somewhat different set of quirks and bugs. Index: doc/cvs.texinfo =================================================================== RCS file: /home2/cvsroot/ccvs/doc/cvs.texinfo,v retrieving revision 1.438 diff -u -w -r1.438 cvs.texinfo --- cvs.texinfo 1999/01/16 15:45:54 1.438 +++ cvs.texinfo 1999/01/19 20:09:51 @@ -2387,6 +2387,17 @@ @c to pserver; it applies to kerberos and SSH and @c everything else too. Should reorganize the @c documentation to make this clear. +@c +@c Zygo Blaxell +@c Note that you *can* get access to *any* user ID +@c on the repository system if you have write access to CVSROOT +@c and if the pserver is run from inetd as root. +@c This is not true of kerberos and SSH; with these +@c the best you can do is take control over *another +@c CVS user's* account on the repository system *when +@c they modify the repository (e.g. via loginfo)*, although +@c that in itself might eventually lead to access to other things. +@c The separate @sc{cvs} password file (@pxref{Password authentication server}) allows people to use a different password for repository access than @@ -12033,6 +12044,13 @@ @item USER Username of the user running @sc{cvs} (on the @sc{cvs} server machine). + +@item CVS_USER_NAME +Username of the user running @sc{cvs} (on the @sc{cvs} client machine). +In some circumstances CVS_USER_NAME is more meaningful than USER. +For example, if @sc{cvs} is running in pserver mode as a non-root user, +then $USER will be always be set to the name of the user who invoked +the @sc{cvs} pserver. @end table If you want to pass a value to the administrative files Index: doc/ChangeLog =================================================================== RCS file: /home2/cvsroot/ccvs/doc/ChangeLog,v retrieving revision 1.562 diff -u -w -r1.562 ChangeLog --- ChangeLog 1999/01/16 15:45:54 1.562 +++ ChangeLog 1999/01/19 20:15:28 @@ -1,3 +1,9 @@ +1999-01-16 Zygo Blaxell + + * cvs.texinfo: Try to fit documentation for CVS_USER_NAME into + there as part of the variable descriptions for *info in CVSROOT. + Doesn't really fit there as it's really an environment variable. + 1999-01-16 Jim Kingdon * cvs.texinfo (Wrappers): Comment out all the -t/-f documentation, Index: src/ChangeLog =================================================================== RCS file: /home2/cvsroot/ccvs/src/ChangeLog,v retrieving revision 1.1695 diff -u -w -r1.1695 ChangeLog --- ChangeLog 1999/01/15 20:26:56 1.1695 +++ ChangeLog 1999/01/19 20:10:02 @@ -1,3 +1,12 @@ +1999-01-15 Zygo Blaxell + + * main.c, cvs.h: define the environment variable CVS_USER_NAME + when in client-server mode so that scripts under CVSROOT can + determine the client's identity--not the local host user ID, but + the username supplied by the pserver. If CVS is not running in + pserver mode, then CVS_USER_NAME is simply the real userID of + the CVS process as determined by getcaller(). + 1999-01-15 Jim Kingdon * sanity.sh (rcs3): Redirect awk's stdin to /dev/null like all the *** cvs.h~ Tue Oct 31 01:37:52 2000 --- cvs.h Fri Sep 14 07:30:25 2001 *************** *** 277,282 **** --- 277,285 ---- #define CVSUMASK_ENV "CVSUMASK" /* Effective umask for repository */ /* #define CVSUMASK_DFLT Set by options.h */ + /* Client user name for the server end of client/server mode */ + #define CVS_USER_NAME_ENV "CVS_USER_NAME" + /* * If the beginning of the Repository matches the following string, strip it * so that the output to the logfile does not contain a full pathname. *** main.c~ Tue Oct 31 01:37:53 2000 --- main.c Fri Sep 14 07:32:51 2001 *************** *** 776,781 **** --- 776,796 ---- server_active = strcmp (command_name, "server") == 0; #endif + /* Set up this environment variable so that the CVSROOT/*info + scripts on the server can know the client's identity. + This is done by setting the CVS_USER_NAME environment + for the environment of the client to match whatever name + was used by the client to get at CVS (as opposed to the + user ID that CVS happens to be running under). */ + + if (!getenv(CVS_USER_NAME_ENV)) { + char *user = getcaller(); + char *env = xmalloc(strlen(user) + strlen(CVS_USER_NAME_ENV) + + 1 + 1); + (void) sprintf(env, "%s=%s", CVS_USER_NAME_ENV, user); + (void) putenv(env); + } + /* This is only used for writing into the history file. For remote connections, it might be nice to have hostname and/or remote path, on the other hand I'm not sure whether