[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Can't figure out authzfile syntax for subdirectory access control

From: <Mathias.Weinert_at_gfa-net.de>
Date: 2006-04-27 17:41:44 CEST

Xn Nooby wrote:

>
> Hi,
>
>
> I'm trying to get path-based authorization to work on an existing
installation. I upgraded my svnserve from 1.2.3 to 1.3, and tried to make
the appropriate changes.
>
> I changed my svnserve.conf file by adding the line:
>
> authz-db = authzfile
>
> In the authzfile I added the following lines to block all access:
>
> [/]
> * =
>
> Then I added the following line to give myself read/write access (which
worked with commits):
>
> [/]
> * =
>
> [/]
> me = rw
>
> When I try to limit my access to specifc folders, it doesn't work:
>
> [/]
> * =
>
> [/svnrepo/clientname]
> me = rw
>
> This results in an "access denied" when I try to commit a change. I
believe the problem is with the pathname (and I tried many variations).
>
> My server is svnserve on a Windows 2003 Server. Svnserve is running as
a service. I have one repository, and all my clients are in one
high-level directory ("svnrepo"). I've been trying to follow the
directions here:
>
> http://svnbook.red-bean.com/en/1.1/ch06s04.html#svn-ch-6-sect-4.4.2
>
> But I do not understand the syntax of their pathname, why does it have a
repository name followed by a colon? I don't think I have a repository
name. For example:
>
> [calc:/branches/calc/bug-142]
> harry = rw
> sally = r
>
> Any suggestions? I need to figure out how to control access to
subdirectories in my repository.
>
> I trined many things like:
>
> [/svnrepo/clientname]
> [:/svnrepo/clientname]
> [/svnrepo]
> [svnrepo:/svnrepo/clientname]
> [:/svnrepo]
>
> Thanks!
>

You have to specify (in addition):

[/]
me = r

AFAIK this is supposed to be a bug which will be corrected
in an upcoming version (you can find some posts about this
in the users and the dev mailing lists).

If you don't want to be able to read folders other than
/svnrepo/clientname you also have to say

[/otherfolder_1]
me =

[/otherfolder_etc]
me =

Hope this helps.

Mathias

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Apr 27 17:43:11 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.