CVS keeps changing file permissions; why does it do that?

In general, CVS doesn't do a very good job of preserving permissions on files. When you import a project and then check it out, there is no guarantee that the file permissions in the new working copy will be the same as when the project was imported. More likely, the working copy files will be created with the same standard permissions that you normally get on newly created files.

However, there is at least one exception. If you want to store executable shell scripts in the project, you can keep them executable in all working copies by making the corresponding repository file executable:

     floss$ ls -l /usr/local/newrepos/someproj

     total 6

     -r--r--r--   1 jrandom  users         630 Aug 17 01:10 README.txt,v

     -r-xr-xr-x   1 jrandom  users        1041 Aug 17 01:10 scrub.pl,v*

     -r--r--r--   1 jrandom  users         750 Aug 17 01:10 hello.c,v

Notice that although the file is executable, it is still read-only, as all repository files should be (remember that CVS works by making a temporary copy of the RCS file, doing everything in the copy, and then replacing the original with the copy when ready).

When you import or add an executable file, CVS preserves the executable bits, so if the permissions were correct from the start, you have nothing to worry about. However, if you accidentally add the file before making it executable, you must go into the repository and manually set the RCS file to be executable.

The repository permissions always dominate. If the file is nonexecutable in the repository, but executable in the working copy, the working copy file will also be nonexecutable after you do an update. Having your files' permissions silently change can be extremely frustrating. If this happens, first check the repository and see if you can solve it by setting the appropriate permissions on the corresponding RCS files.

A feature called PreservePermissions has recently been added to CVS that may alleviate some of these problems. However, using this feature can cause other unexpected results (which is why I'm not recommending it unconditionally here). Make sure you read the nodes config and Special Files in the Cederqvist before putting PreservePermissions=yes in CVSROOT/config.