Hi all, I am not able to access cvs via rsync today. Is the service down? Thanks, Marc Schwartz
rsync -> cvs down?
19 messages · Douglas Bates, A.J. Rossini, Martin Maechler +4 more
Marc Schwartz wrote:
I am not able to access cvs via rsync today. Is the service down?
Yes. We should have sent email about it to r-devel but it has been a hectic several days. The bad news is that the newly installed cvs.r-project.org machine, which is also rsync.r-project.org, was compromised and we had to take it off the net. The good news is that, thanks to heroic efforts by Martin Maechler and Deepayan Sarkar, the CVS repository has been transformed to Subversion and is available at http://svn.r-project.org/R/ (and at https://svn.r-project.org/R/ but SSL is probably only needed by those doing commits). If you have a Subversion client (see http://subversion.tigris.org - those using Windows may also want to look at http://tortoiseSVN.tigris.org/) you can check out and update the current r-devel from http://svn.r-project.org/R/trunk/ and the current R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
The svn server appears to be down. best, -tony Douglas Bates <bates@stat.wisc.edu> writes:
Marc Schwartz wrote:
I am not able to access cvs via rsync today. Is the service down?
Yes. We should have sent email about it to r-devel but it has been a hectic several days. The bad news is that the newly installed cvs.r-project.org machine, which is also rsync.r-project.org, was compromised and we had to take it off the net. The good news is that, thanks to heroic efforts by Martin Maechler and Deepayan Sarkar, the CVS repository has been transformed to Subversion and is available at http://svn.r-project.org/R/ (and at https://svn.r-project.org/R/ but SSL is probably only needed by those doing commits). If you have a Subversion client (see http://subversion.tigris.org - those using Windows may also want to look at http://tortoiseSVN.tigris.org/) you can check out and update the current r-devel from http://svn.r-project.org/R/trunk/ and the current R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
______________________________________________ R-devel@stat.math.ethz.ch mailing list https://www.stat.math.ethz.ch/mailman/listinfo/r-devel
Anthony Rossini Research Associate Professor rossini@u.washington.edu http://www.analytics.washington.edu/ Biomedical and Health Informatics University of Washington Biostatistics, SCHARP/HVTN Fred Hutchinson Cancer Research Center UW (Tu/Th/F): 206-616-7630 FAX=206-543-3461 | Voicemail is unreliable FHCRC (M/W): 206-667-7025 FAX=206-667-4812 | use Email CONFIDENTIALITY NOTICE: This e-mail message and any attachme...{{dropped}}
On Mon, 2004-07-19 at 12:38, Douglas Bates wrote:
Marc Schwartz wrote:
I am not able to access cvs via rsync today. Is the service down?
Yes. We should have sent email about it to r-devel but it has been a hectic several days. The bad news is that the newly installed cvs.r-project.org machine, which is also rsync.r-project.org, was compromised and we had to take it off the net. The good news is that, thanks to heroic efforts by Martin Maechler and Deepayan Sarkar, the CVS repository has been transformed to Subversion and is available at http://svn.r-project.org/R/ (and at https://svn.r-project.org/R/ but SSL is probably only needed by those doing commits). If you have a Subversion client (see http://subversion.tigris.org - those using Windows may also want to look at http://tortoiseSVN.tigris.org/) you can check out and update the current r-devel from http://svn.r-project.org/R/trunk/ and the current R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
Doug, Thanks and thanks to Martin and Deepayan! subversion is part of FC2 as is the svn client. Presuming that I am using the proper command: svn co http://svn.r-project.org/R/branches/R-1-9-patches Is the svn server down or is the command incorrect? Thanks again Doug. Best, Marc
A.J. Rossini wrote:
The svn server appears to be down.
Actually, I'm just checking out a developer release from https://svn.r-project.org/R/trunk/ Note that https is required, ^ the unsecured http protocol seems not to be working... Uwe
best, -tony Douglas Bates <bates@stat.wisc.edu> writes:
Marc Schwartz wrote:
I am not able to access cvs via rsync today. Is the service down?
Yes. We should have sent email about it to r-devel but it has been a hectic several days. The bad news is that the newly installed cvs.r-project.org machine, which is also rsync.r-project.org, was compromised and we had to take it off the net. The good news is that, thanks to heroic efforts by Martin Maechler and Deepayan Sarkar, the CVS repository has been transformed to Subversion and is available at http://svn.r-project.org/R/ (and at https://svn.r-project.org/R/ but SSL is probably only needed by those doing commits). If you have a Subversion client (see http://subversion.tigris.org - those using Windows may also want to look at http://tortoiseSVN.tigris.org/) you can check out and update the current r-devel from http://svn.r-project.org/R/trunk/ and the current R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
______________________________________________ R-devel@stat.math.ethz.ch mailing list https://www.stat.math.ethz.ch/mailman/listinfo/r-devel
I stand corrected. One of the servers IS down, and the other one is running. best, -tony Uwe Ligges <ligges@statistik.uni-dortmund.de> writes:
A.J. Rossini wrote:
The svn server appears to be down.
Actually, I'm just checking out a developer release from https://svn.r-project.org/R/trunk/ Note that https is required, ^ the unsecured http protocol seems not to be working... Uwe
best, -tony Douglas Bates <bates@stat.wisc.edu> writes:
Marc Schwartz wrote:
I am not able to access cvs via rsync today. Is the service down?
Yes. We should have sent email about it to r-devel but it has been a hectic several days. The bad news is that the newly installed cvs.r-project.org machine, which is also rsync.r-project.org, was compromised and we had to take it off the net. The good news is that, thanks to heroic efforts by Martin Maechler and Deepayan Sarkar, the CVS repository has been transformed to Subversion and is available at http://svn.r-project.org/R/ (and at https://svn.r-project.org/R/ but SSL is probably only needed by those doing commits). If you have a Subversion client (see http://subversion.tigris.org - those using Windows may also want to look at http://tortoiseSVN.tigris.org/) you can check out and update the current r-devel from http://svn.r-project.org/R/trunk/ and the current R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
______________________________________________ R-devel@stat.math.ethz.ch mailing list https://www.stat.math.ethz.ch/mailman/listinfo/r-devel
Anthony Rossini Research Associate Professor rossini@u.washington.edu http://www.analytics.washington.edu/ Biomedical and Health Informatics University of Washington Biostatistics, SCHARP/HVTN Fred Hutchinson Cancer Research Center UW (Tu/Th/F): 206-616-7630 FAX=206-543-3461 | Voicemail is unreliable FHCRC (M/W): 206-667-7025 FAX=206-667-4812 | use Email CONFIDENTIALITY NOTICE: This e-mail message and any attachme...{{dropped}}
Uwe, That did it. Using https: I am now able to do a checkout. It seems to be slow at the moment, but the files are coming through. Thanks, Marc
On Mon, 2004-07-19 at 13:01, Uwe Ligges wrote:
A.J. Rossini wrote:
The svn server appears to be down.
Actually, I'm just checking out a developer release from https://svn.r-project.org/R/trunk/ Note that https is required, ^ the unsecured http protocol seems not to be working... Uwe
best, -tony Douglas Bates <bates@stat.wisc.edu> writes:
Marc Schwartz wrote:
I am not able to access cvs via rsync today. Is the service down?
Yes. We should have sent email about it to r-devel but it has been a hectic several days. The bad news is that the newly installed cvs.r-project.org machine, which is also rsync.r-project.org, was compromised and we had to take it off the net. The good news is that, thanks to heroic efforts by Martin Maechler and Deepayan Sarkar, the CVS repository has been transformed to Subversion and is available at http://svn.r-project.org/R/ (and at https://svn.r-project.org/R/ but SSL is probably only needed by those doing commits). If you have a Subversion client (see http://subversion.tigris.org - those using Windows may also want to look at http://tortoiseSVN.tigris.org/) you can check out and update the current r-devel from http://svn.r-project.org/R/trunk/ and the current R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
______________________________________________ R-devel@stat.math.ethz.ch mailing list https://www.stat.math.ethz.ch/mailman/listinfo/r-devel
______________________________________________ R-devel@stat.math.ethz.ch mailing list https://www.stat.math.ethz.ch/mailman/listinfo/r-devel
"UweL" == Uwe Ligges <ligges@statistik.uni-dortmund.de>
on Mon, 19 Jul 2004 20:01:07 +0200 writes:
UweL> A.J. Rossini wrote:
>> The svn server appears to be down.
UweL> Actually, I'm just checking out a developer release from
UweL> https://svn.r-project.org/R/trunk/
UweL> Note that https is required,
UweL> ^
UweL> the unsecured http protocol seems not to be working...
On purpose: It's "firewalled out".
I'm sorry: I've never mentioned this explicitly in my e-mails to
Doug and R-core :
Since we (R-core and potentially other people working on
projects off svn.r-project.org) *will* need
authentication, I just wanted to make sure that no plain text authentication can
happen (and be sniffed and then misused for yet another cracker attack)
Please also note that the SSL certificate for https://svn.r-project.org/
Certificate information:
- Hostname: svn.r-project.org
- Valid: from Jul 16 08:10:01 2004 GMT until Jul 14 08:10:01 2014 GMT
- Issuer: Department of Mathematics, ETH Zurich, Zurich, Switzerland, CH
- Fingerprint: c9:5d:eb:f9:f2:56:d1:04:ba:44:61:f8:64:6b:d9:33:3f:93:6e:ad
may seem to be fishy to you, but do accept it.
AFAIK, only in certain places of the world (inside the US only?),
you can get free "trusted certificates".
I've been told (by our departmental webmaster) that for us, a
trusted certificate would cost around
1000.- swiss francs PER YEAR. In case anyone wants to
investigate: He mentioned http://www.verisign.com/products/site/secure/
But then, you can accept the certificate permanently and won't
be asked about it anymore.
Marc Schwartz <MSchwartz@MedAnalytics.com> writes:
Uwe, That did it. Using https: I am now able to do a checkout. It seems to be slow at the moment, but the files are coming through.
Seems to run comparable to anoncvs. Also seems to hiccup and barf, like anoncvs (infamouse server stalls). Thankfully, it's safer than anoncvs. Thanks! best, -tony
Anthony Rossini Research Associate Professor rossini@u.washington.edu http://www.analytics.washington.edu/ Biomedical and Health Informatics University of Washington Biostatistics, SCHARP/HVTN Fred Hutchinson Cancer Research Center UW (Tu/Th/F): 206-616-7630 FAX=206-543-3461 | Voicemail is unreliable FHCRC (M/W): 206-667-7025 FAX=206-667-4812 | use Email CONFIDENTIALITY NOTICE: This e-mail message and any attachme...{{dropped}}
"Marc" == Marc Schwartz <MSchwartz@medanalytics.com>
on Mon, 19 Jul 2004 12:57:12 -0500 writes:
Marc> On Mon, 2004-07-19 at 12:38, Douglas Bates wrote:
>> Marc Schwartz wrote:
>>
>> > I am not able to access cvs via rsync today. Is the service down?
>>
>> Yes. We should have sent email about it to r-devel but it has been a
>> hectic several days.
>>
>> The bad news is that the newly installed cvs.r-project.org machine,
>> which is also rsync.r-project.org, was compromised and we had to take it
>> off the net.
>>
>> The good news is that, thanks to heroic efforts by Martin Maechler and
>> Deepayan Sarkar, the CVS repository has been transformed to Subversion
>> and is available at http://svn.r-project.org/R/ (and at
>> https://svn.r-project.org/R/ but SSL is probably only needed by those
>> doing commits). If you have a Subversion client (see
>> http://subversion.tigris.org - those using Windows may also want to look
>> at http://tortoiseSVN.tigris.org/) you can check out and update the
>> current r-devel from http://svn.r-project.org/R/trunk/ and the current
>> R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
>>
Marc> Doug,
Marc> Thanks and thanks to Martin and Deepayan!
Marc> subversion is part of FC2 as is the svn client.
Thanks, good to know. It's also part of Debian "testing" and
newer; it's *not* part of RH Enterprise though.
Installing it from source, http://subversion.tigris.org/
is not hard. The important thing for the R-project though is to
use "configure --with-ssl ...."
because only then you get SSL support, i.e. only then you can use https://...
which is (currently) absolutely required as I just said in
another message on this thread.
Marc> Presuming that I am using the proper command:
Marc> svn co http://svn.r-project.org/R/branches/R-1-9-patches
Marc> Is the svn server down or is the command incorrect?
Use 'https' instead of 'http'.
This is a requirement for svn.r-project.org/ (on purpose).
Martin
Douglas Bates wrote:
Marc Schwartz wrote:
I am not able to access cvs via rsync today. Is the service down?
Yes. We should have sent email about it to r-devel but it has been a hectic several days. The bad news is that the newly installed cvs.r-project.org machine, which is also rsync.r-project.org, was compromised and we had to take it off the net. The good news is that, thanks to heroic efforts by Martin Maechler and Deepayan Sarkar, the CVS repository has been transformed to Subversion and is available at http://svn.r-project.org/R/ (and at https://svn.r-project.org/R/ but SSL is probably only needed by those doing commits). If you have a Subversion client (see http://subversion.tigris.org - those using Windows may also want to look at http://tortoiseSVN.tigris.org/) you can check out and update the current r-devel from http://svn.r-project.org/R/trunk/ and the current R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
______________________________________________ R-devel@stat.math.ethz.ch mailing list https://www.stat.math.ethz.ch/mailman/listinfo/r-devel
Duncan,
may I suggest to make the following change in .../src/gnuwin32/Makefile:
old:
rsync-recommended:
@(cd ../library; \
rsync -rvCt --delete --exclude=Makefile.in --exclude=.cvsignore \
--include=*.tar.gz --exclude=*.tgz $(CRANREC) . ); \
new:
rsync-recommended:
@(cd ../library; \
rsync -rvCt --delete --exclude=Makefile.in --exclude=.cvsignore \
--exclude=.svn --include=*.tar.gz --exclude=*.tgz $(CRANREC) . ); \
^^^^^^^^^^^^^^
Thanks,
Uwe
On Mon, 2004-07-19 at 13:29, Martin Maechler wrote:
"Marc" == Marc Schwartz <MSchwartz@medanalytics.com>
on Mon, 19 Jul 2004 12:57:12 -0500 writes:
Marc> On Mon, 2004-07-19 at 12:38, Douglas Bates wrote:
>> Marc Schwartz wrote:
>>
>> > I am not able to access cvs via rsync today. Is the service down?
>>
>> Yes. We should have sent email about it to r-devel but it has been a
>> hectic several days.
>>
>> The bad news is that the newly installed cvs.r-project.org machine,
>> which is also rsync.r-project.org, was compromised and we had to take it
>> off the net.
>>
>> The good news is that, thanks to heroic efforts by Martin Maechler and
>> Deepayan Sarkar, the CVS repository has been transformed to Subversion
>> and is available at http://svn.r-project.org/R/ (and at
>> https://svn.r-project.org/R/ but SSL is probably only needed by those
>> doing commits). If you have a Subversion client (see
>> http://subversion.tigris.org - those using Windows may also want to look
>> at http://tortoiseSVN.tigris.org/) you can check out and update the
>> current r-devel from http://svn.r-project.org/R/trunk/ and the current
>> R-patched from http://svn.r-project.org/R/branches/R-1-9-patches/
>>
Marc> Doug,
Marc> Thanks and thanks to Martin and Deepayan!
Marc> subversion is part of FC2 as is the svn client.
Thanks, good to know. It's also part of Debian "testing" and
newer; it's *not* part of RH Enterprise though.
subversion 1.0.2 ships with FC2 and subversion 1.0.4 is available via yum/up2date repository updates. 1.0.5 appears to not have made it to the FC update sites yet. There is a security advisory for versions <= 1.0.4 at: http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt
Installing it from source, http://subversion.tigris.org/ is not hard. The important thing for the R-project though is to use "configure --with-ssl ...." because only then you get SSL support, i.e. only then you can use https://... which is (currently) absolutely required as I just said in another message on this thread. Marc> Presuming that I am using the proper command: Marc> svn co http://svn.r-project.org/R/branches/R-1-9-patches Marc> Is the svn server down or is the command incorrect? Use 'https' instead of 'http'. This is a requirement for svn.r-project.org/ (on purpose).
Good idea. Thanks Martin! Regards, Marc
"tony" == A J Rossini <rossini@blindglobe.net>
on Mon, 19 Jul 2004 11:29:28 -0700 writes:
tony> Marc Schwartz <MSchwartz@MedAnalytics.com> writes:
>> Uwe,
>>
>> That did it. Using https: I am now able to do a checkout.
>>
>> It seems to be slow at the moment, but the files are coming through.
tony> Seems to run comparable to anoncvs. Also seems to hiccup and barf,
tony> like anoncvs (infamouse server stalls).
Note one difference subversion <-> CVS :
subversion being a 21th century child it rather
optimizes bandwidth over the expense of disk space:
It keeps files 'pristine' and your modification.
I.e. you need more than double the diskspace
but you can be offline to "diff" files !
Martin
"Marc" == Marc Schwartz <MSchwartz@medanalytics.com>
on Mon, 19 Jul 2004 13:22:43 -0500 writes:
Marc> Uwe,
Marc> That did it. Using https: I am now able to do a checkout.
Marc> It seems to be slow at the moment, but the files are coming through.
---------------------------------
that should have improved now.
The default apache2 configuration (for RH Enterprise) had
'KeepAlive Off' which I now have replaced with 'On'.
For this to take effect, I had to restart the server --
this pretty brutally terminates all running svn requests, which
in this case lead to the need for "svnadmin recover"ing the
archive... Well, well, we're getting there eventually.
If anybody has good experiences to share about
Apache performance tweaking, please let me hear.
But note that the idea (of the server setup) really was to serve
R-core (and maybe ESS-core and maybe some really small few-person
collaboration projects). If too many people (such as "hundreds
of R-devel readers") are going at the server it will become
pretty unusable, and I will have to make it accessible only
"non-anonymously" {and find another one doing rsync...} eventually.
Martin Maechler
Looks like it's down again? (this, after it almost worked a while back). I'm glad I'm GNU arch'ing it... best, -tony Martin Maechler <maechler@stat.math.ethz.ch> writes:
"Marc" == Marc Schwartz <MSchwartz@medanalytics.com>
on Mon, 19 Jul 2004 13:22:43 -0500 writes:
Marc> Uwe,
Marc> That did it. Using https: I am now able to do a checkout.
Marc> It seems to be slow at the moment, but the files are coming through.
---------------------------------
that should have improved now.
The default apache2 configuration (for RH Enterprise) had
'KeepAlive Off' which I now have replaced with 'On'.
For this to take effect, I had to restart the server --
this pretty brutally terminates all running svn requests, which
in this case lead to the need for "svnadmin recover"ing the
archive... Well, well, we're getting there eventually.
If anybody has good experiences to share about
Apache performance tweaking, please let me hear.
But note that the idea (of the server setup) really was to serve
R-core (and maybe ESS-core and maybe some really small few-person
collaboration projects). If too many people (such as "hundreds
of R-devel readers") are going at the server it will become
pretty unusable, and I will have to make it accessible only
"non-anonymously" {and find another one doing rsync...} eventually.
Martin Maechler
______________________________________________ R-devel@stat.math.ethz.ch mailing list https://www.stat.math.ethz.ch/mailman/listinfo/r-devel
Anthony Rossini Research Associate Professor rossini@u.washington.edu http://www.analytics.washington.edu/ Biomedical and Health Informatics University of Washington Biostatistics, SCHARP/HVTN Fred Hutchinson Cancer Research Center UW (Tu/Th/F): 206-616-7630 FAX=206-543-3461 | Voicemail is unreliable FHCRC (M/W): 206-667-7025 FAX=206-667-4812 | use Email CONFIDENTIALITY NOTICE: This e-mail message and any attachme...{{dropped}}
On Mon, 2004-07-19 at 14:57, Martin Maechler wrote:
"Marc" == Marc Schwartz <MSchwartz@medanalytics.com>
on Mon, 19 Jul 2004 13:22:43 -0500 writes:
Marc> Uwe,
Marc> That did it. Using https: I am now able to do a checkout.
Marc> It seems to be slow at the moment, but the files are coming through.
---------------------------------
that should have improved now.
The default apache2 configuration (for RH Enterprise) had
'KeepAlive Off' which I now have replaced with 'On'.
For this to take effect, I had to restart the server --
this pretty brutally terminates all running svn requests, which
in this case lead to the need for "svnadmin recover"ing the
archive... Well, well, we're getting there eventually.
If anybody has good experiences to share about
Apache performance tweaking, please let me hear.
But note that the idea (of the server setup) really was to serve
R-core (and maybe ESS-core and maybe some really small few-person
collaboration projects). If too many people (such as "hundreds
of R-devel readers") are going at the server it will become
pretty unusable, and I will have to make it accessible only
"non-anonymously" {and find another one doing rsync...} eventually.
Martin Maechler
Martin, To play 'devil's advocate', if you want to limit access for the group(s) that you have identified above, you may wish to consider having references to the use of rsync/CVS (now subversion) access removed from the CRAN Source Code Page (ie. http://cran.r-project.org/sources.html) and from pages 1 - 2 of the R-admin manual. The rest of us can always download the daily stable, patched or devel tarballs periodically, though of course losing the 'incremental download' functionality by doing so. I am not sure that most of us folks need to have access to hourly updated source code. It's a question of being proactive or reactive... Of course, now that I have stepped face first into it today, it's in the archives... ;-) Best regards, Marc
On Mon, 19 Jul 2004 13:15:37 -0700, rossini@blindglobe.net (A.J. Rossini) wrote :
Looks like it's down again? (this, after it almost worked a while back).
Yes, I'm now getting errors when I try an update:
$ svn update svn: PROPFIND request failed on '/R/trunk' svn: Could not open the requested SVN filesystem
Duncan Murdoch
On Monday 19 July 2004 14:03, Martin Maechler wrote:
Note one difference subversion <-> CVS : subversion being a 21th century child it rather optimizes bandwidth over the expense of disk space: It keeps files 'pristine' and your modification. I.e. you need more than double the diskspace but you can be offline to "diff" files !
And similarly, when committing, only the diff's are sent over the network. Deepayan
Deepayan Sarkar <deepayan@stat.wisc.edu> writes:
On Monday 19 July 2004 14:03, Martin Maechler wrote:
Note one difference subversion <-> CVS : subversion being a 21th century child it rather optimizes bandwidth over the expense of disk space: It keeps files 'pristine' and your modification. I.e. you need more than double the diskspace but you can be offline to "diff" files !
And similarly, when committing, only the diff's are sent over the network.
Just like all modern revision control systems. Thankfully, there are many to choose from. best, -tony
Anthony Rossini Research Associate Professor rossini@u.washington.edu http://www.analytics.washington.edu/ Biomedical and Health Informatics University of Washington Biostatistics, SCHARP/HVTN Fred Hutchinson Cancer Research Center UW (Tu/Th/F): 206-616-7630 FAX=206-543-3461 | Voicemail is unreliable FHCRC (M/W): 206-667-7025 FAX=206-667-4812 | use Email CONFIDENTIALITY NOTICE: This e-mail message and any attachme...{{dropped}}