[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Svn configuration help needed.

From: Chien-Chung Lu <cclu_at_yahoo.com>
Date: 2005-12-27 16:58:57 CET

Is there a way to utilize the existing group in NIS?
In your svnaccess.conf, are account1,account2, and account3 nis users or I
need to create account1, account2, and account3 locally?
Thanks you for your help.
-Lu

-----Original Message-----
From: Lieven Govaerts [mailto:lgo@mobsol.be]
Sent: Tuesday, December 27, 2005 2:16 AM
To: cclu@yahoo.com
Cc: users@subversion.tigris.org
Subject: Re: Svn configuration help needed.

Hi Lu,

you need 'Per-Directory Access Control' for that, which can be achieved
using the authz_svn module ( which you already include ).

In httpd.conf, in your /svn Location, add:

# access control policy
          AuthzSVNAccessFile /svn/config/svnaccess.conf ( change path and
filename according to your environment )

and drop the 'Require eng' line. You will be doing this in another way.

Then create a new file svnaccess.conf like this:
------------------------------
[groups]
eng = account1, account2
arch = account1, account3
tools = account1, account3

[/]
* =

[repos1:/public]
eng = rw

[repos1:/secured]
arch = rw

[repos2:/secured]
tools = rw
-------------------------------

Disadvantage is that you have to maintain the list of users ( which user
belongs to which group ) in the svnaccess.conf file.

Check the Subversion book for a better explanation:
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html#svn.serve
rconfig.httpd.authz.perdir

regards,

Lieven.

> -----Original Message-----
> From: Chien-Chung Lu [mailto:cclu@yahoo.com]
> Sent: dinsdag 27 december 2005 7:47
> To: users@subversion.tigris.org
> Subject: Svn configuration help needed.
>
> Hi, All,
>
> I am very new at svn and appreciate if anyone can give me some
> pointers,
>
> Here is my current setup -
> svn, version 1.2.3 (r15833) with Apache 2.0 I have setup repositories
> as http://wwwin/svn/repos1/secured/trunk
> http://wwwin/svn/repos1/secured/branches
> http://wwwin/svn/repos1/secured/tags
>
> http://wwwin/svn/repos1/public/trunk
> http://wwwin/svn/repos1/public/branches
> http://wwwin/svn/repos1/public/tags
>
> and same on repos2
> http://wwwin/svn/repos2
>
>
> Under /etc/httpd/conf/httpd.conf, I have
>
> LoadModule access_module modules/mod_access.so LoadModule auth_module
> modules/mod_auth.so LoadModule auth_anon_module
> modules/mod_auth_anon.so LoadModule auth_dbm_module
> modules/mod_auth_dbm.so LoadModule auth_digest_module
> modules/mod_auth_digest.so LoadModule auth_pam_module
> modules/mod_auth_pam.so LoadModule auth_sys_group_module
modules/mod_auth_sys_group.so
> LoadModule dav_svn_module /usr/lib/httpd/modules/mod_dav_svn.so
> LoadModule authz_svn_module /usr/lib/httpd/modules/mod_authz_svn.so
>
> <Location /svn>
> DAV svn
> SVNParentPath /import/svn
> AuthType Basic
> AuthName "Subversion Repository"
> Require group eng
> </Location>
>
> Under nis, I have group eng, arch, tools How do I modify httpd.conf so
> # eng group can access repos1/public, but not repos1/secured.
> # only arch group can access repos1/secured # only tools group can
> access repos2/secured
>
> How do I modify <Location /svn> to achive what I need?
> Appreciate your help.
> Thanks.
> -Lu

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Dec 27 17:02:09 2005

This is an archived mail posted to the Subversion Users mailing list.