[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

failure notice

From: <MAILER-DAEMON_at_tigris.org>
Date: 2003-05-26 04:51:25 CEST

Hi. This is the qmail-send program at tigris.org.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<dev@svn.tigris.org>:
mail to svn.tigris.org has been disabled

--- Below this line is a copy of the message.

Return-Path: <rspier@pobox.com>
Received: (qmail 462 invoked from network); 26 May 2003 02:51:25 -0000
Received: from pimout3-ext.prodigy.net (207.115.63.102)
  by two.tigris.org with SMTP; 26 May 2003 02:51:25 -0000
Received: from localhost.localdomain (adsl-63-205-47-96.dsl.lsan03.pacbell.net [63.205.47.96])
        by pimout3-ext.prodigy.net (8.12.9/8.12.3) with ESMTP id h4Q2pNJ9017142
        for <dev@svn.tigris.org>; Sun, 25 May 2003 22:51:24 -0400
Received: from bear.rls.cx (bear [127.0.0.1])
        by localhost.localdomain (8.12.8/8.12.8) with ESMTP id h4Q2pMKf029622
        for <dev@svn.tigris.org>; Sun, 25 May 2003 19:51:22 -0700
Date: Sun, 25 May 2003 19:51:22 -0700
Message-ID: <m3fzn2xvx1.wl_rspier@pobox.com>
From: Robert Spier <rspier@pobox.com>
To: dev@svn.tigris.org
Subject: mod_dav_svn: apache authentication
User-Agent: Wanderlust/2.10.0 (Venus) XEmacs/21.4 (Military Intelligence)
MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen")
Content-Type: text/plain; charset=US-ASCII

I've hunted through the archives and the documentation, and I've come
to the unhappy conclusion that when using apache (mod_dav_svn), the
only way to selectively control write access is with a pre-commit
hook.

The reason: operations that modify the repository tend to use a URL
such as: /repos/!svn/act/90790d4d-32be-0310-9aa5-d593d764d6b9 -- which
could be modifying almost anything, and there's no way for apache to
tell.

So, <Limit> can be used to granularly control _read_ access to the
repository, (because those happen at recognizable paths,) but not
write access.

A big hammer could be used,
 <Location /repos/!svn/>
  <Limit>
   require group svncommit
  </Limit>
 </Location>

But, that means that anyone in the svncommit group can write to any
part of the repository.

Am I missing something obvious, or is this the way of the world? If I
want granular commit controls, I have to use a pre-commit hook?

Thanks!

-R

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon May 26 04:56:34 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.