[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Fine grained access control over ra_dav using... mod_authz_svn

From: John Locke <mail_at_freelock.com>
Date: 2003-06-11 16:42:24 CEST

On Wed, 2003-06-11 at 06:20, Sander Striker wrote:

> Unfortunately, because of the current way the auth hooks work and
> are called in httpd, you cannot have one module implement group membership
> and let another benefit from it. This will probably change in some
> future version of httpd (read: whenever one of us has time to implement it).
I was afraid you'd say that...

> There are three options, one being
> discussed:
> - load the access file per connection instead of per request
> - load the access file at startup time and reload when the timestamp changes
> (requires locking)
> - load the access file at startup and require a (graceful) restart when
> someone changes it.

+1 for either of the first two options.

I'm looking for behavior like the .htaccess file, where a user can
potentially update the ACLs for their repository without requiring shell
access/ SetUID/GID scripts/ etc.

I know (and use) graceful restarts, though I have a PHP debugging module
that makes httpd segfault on a graceful restart, taking down my web site
until I do a hard restart. (I've learned to only turn this module on
when I need it!).

Still, what you've done so far fills the bill... thanks again!


John Locke
Recently published: "Extend the reach of users' email with IMAP"
Play sports? Check in at http://teamcheckin.com
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Jun 11 16:43:16 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.