Referring to the how-to located here:
1) Am I to understand that this method is intended to support multiple
SVN users by using a single account rather than placing all users into
a common user group on the server, and setting the mess of
permissions? That is, in order to avoid something like...
$ mkdir repos/
$ chgrp yetanothersvngroup repos/
$ chmod g+s repos/
$ svnadmin create repos/
$ chmod -R ug+rwX repos/
2) Regarding the public key setup discussed in the how-to:
a) Does this setup (using the command="..." in the authorized_keys
file) mean that all users will only be able to use the svnuser account
for public-key, non-interactive login, which is further restricted to
invoking the command supplied as command="..."?
b) We have multiple logical groups (senior design teams, research
groups, class project groups) in my academic department, and would
like to restrict each group to a specific repository or set of
repositories. If we have a separate directory for each group's
repository or set of repositories, can <ReposRootPath> be used to
strictly enforce this group-level access while still having everyone
login via svnuser?
And if a user belongs to more than one logical group, would we just
need an additional line in authorized_keys for each group to which he/
she belongs, with a different corresponding <ReposRootPath> for each?
c) To make sure: will the <author> text override 'svnuser' as far as
what shows up in the logs and in $Author$ keyword substitutions?
d) The blurb about <Comment> being used to map a user's real name: are
they just saying this is a useful place to document who the key is
used for to ease future maintenance of the authorized_keys file?
Thanks in advance. This could really be helpful in my academic
department, where it is impractical to create a new UNIX group for
every semester-long endeavor.
To unsubscribe, e-mail: users-unsubscribe_at_tortoisesvn.tigris.org
For additional commands, e-mail: users-help_at_tortoisesvn.tigris.org
Received on 2008-07-16 17:28:52 CEST