[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: permissions for a multi-repository svn store

From: <subversion_at_millenix.mailshell.com>
Date: 2004-01-05 01:54:20 CET

Jeffrey McManus wrote:
> Hey everybody, long-time listener, first-time caller. I hope this question
> isn't too boneheaded, but there's only one way to find out, so here goes...
>
> I am running Subversion (0.35.1 on Apache on, cough, Windows 2000 Server, if
> that matters) and I have several repositories. Currently the way I have
> things set up, only I have access to all of the the repositories on my
> server (that is, only I can check in, and only I can check out -- it's the
> opposite of a roach motel). This all works OK for replicating my own stuff
> between home and work.
>
> I accomplished this by mangling httpd.conf thusly:
>
> <Location /svn/>
> DAV svn
> SVNParentPath d:\svn
> AuthType Basic
> AuthName "Subversion repository"
> AuthUserFile passwd
> Require valid-user
> </Location>
>
> and plugging my username and password into the passwd file. No problem
> there.
>
> But I've got several repositories on this machine that I would like to
> provide different levels of access to. I'd like /svn/repos-1 to continue to
> be accessible for check-in and check-out by me only, for /svn/repos-2 to be
> accessible for check-in by me only and check-out by anybody, and
> /svn/repos-3 to be accessible for both check-in and check-out by my crack
> team of ninjas bent on world domination.
>
> How do I do this? Admonitions to RTFM would be welcome *if* the FM actually
> has a section that covers these scenarios (in which case, let me know where
> it's at and I'll skulk away in shame). I suspect that these scenarios will
> wind up being pretty common in the real world in the future, but it also
> seems possible that the specific procedure for this may be hidden in the
> interstellar void between Subversion documentation and Apache documentation.
> I did take a look at the SVN docs (specifically, the "Permissions,
> Authentication and Authorization" section) and couldn't really find an
> example that covers what I want to do. But again, that could just be me
> being a bonehead.

Have you tried something akin to the following:

<Location /svn/>
    DAV svn
    SVNParentPath d:\svn
    AuthType Basic
    AuthName "Subversion repository"
    AuthUserFile passwd
</Location>

<Location /svn/repos-1>
    Require user jeffreyp
</Location>

<Location /svn/repos-2>
# Note, I'm not sure these are the only requests needed for checkout
# Can someone else (one of the devs?) fill that in?
    <LimitExcept GET PROPGET>
       Require user jeffreyp
    </LimitExcept>
</Location>

<Location /svn/repos-3>
     Require group crack-team-of-ninjas-bent-on-world-domination
</Location>

I figured this all out from the relevant sections in Apache 2's manual,
found at http://httpd.apache.org/docs-2.0/mod/core.html
I believe the Subversion book (being written now) refers to this stuff for
more detail. Hopefully it will remain accessible online after print
publication. That can be found (in a currently out of date version, since
the authors have added a lot recently) at http://svnbook.red-bean.com/

Philip Miller

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Jan 5 01:54:25 2004

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.