* Sean Laurent <sean@neuronfarm.com> [20041027 21:26]: wrote:
> (replying to list)
> On Wednesday 27 October 2004 11:42 am, Odhiambo Washington wrote:
> > * Sean Laurent <sean@neuronfarm.com> [20041027 19:29]: wrote:
> > > On Tuesday 26 October 2004 11:50 am, Odhiambo Washington wrote:
> > > > /HTTPD/ is owned by www:www - my web server user. Apache runs
> > > > as www:www
> > > >
> > > > /usr/local/subversion is owned by svn:svn
> > >
> > > As Ulrich already pointed out, this will very likely cause problems for
> > > you. Either make the repository/repositories owned by the web server user
> > > or add the web server user to the svn group.
> >
> > That is what I will do.
> > However, let me ask: What if I let apache run as the svn user while
> > accessing the repos? If I add the following directive to the virtual
> > host -
> >
> > SuexecUserGroup svn svn
> >
> > Will that still complicate the matter?
>
> Honestly, I don't know. I'm far being an Apache expert, so I really don't
> know enough about the SuexecUserGroup directive, although I suspect it won't
> solve the problem. You might be better off using the Group directive and
> forcing Apache to run as part of the svn group. Perhaps someone on the list
> knows more?
I am sure I will be able to handle that one, one way or the other.
It actually works, because /usr/local/subversion is owned by svn:svn.
> > > >[Tue Oct 26 19:42:09 2004] [error] [client 62.8.64.108]
> > > >Access denied: 'wash' GET systems:/
> > >
> > > Your httpd.conf snippet shows that you've specified the svn access file
> > > as /HTTPD/etc/svn_access. Does this file exist? Who owns it? Could you
> > > show us the contents?
> >
> > Sure. Here goes ....
> >
> > <cut>
> >
> > [systems:/usr/local/subversion/systems]
> > wash = rw
> > fdisk = rw
> > wanderi = r
> > gitau = r
> > mucheru = rw
> > smuchai = rw
> >
> > # Give Wanderi and others RW access to the 'testing' subdir
> > [systems:/usr/local/subversion/systems/testing]
> > wanderi = rw
> > gitau = rw
> > willie = rw
> >
> > [networks:/usr/local/subversion/networks]
> > gitau = rw
> > wash = rw
> > wanderi = rw
> > willie = r
> > mucheru = rw
> > smuchai = rw
> > sethkoko = r
> > samuel = r
> > emily = r
> > rnjoroge = rw
> > rkaniaru = rw
> >
> > [web:/usr/local/subversion/web]
> > wash = rw
> > willie = rw
> > wanderi = rw
> > gitau = r
> > mucheru = r
> > smuchai = rw
> >
> > # Groups Configuration
> > [groups]
> > systems-admins = wash, wanderi, fdisk
> > network-engineers = smuchai, gitau, rnjoroge, rkaniaru, samuel, sethkoko,
> > emily web-developers = willie, wash, fdisk, mucheru, wanderi
> > everyone = wash, wanderi, fdisk, smuchai, gitau, rnjoroge, rkaniaru,
> > samuel, sethkoko, emily </cut>
>
> Okay. From this perspective, I can't tell if you want to have 3 repositories
> (systems, networks and web) or 1 repository with 3 main subdirectories, but I
> do see a problem.
I would like to have three repositories: systems, networks, web. All
will be in the directory /usr/local/subversion.
> However, the very first thing I would do is fix your repositories. Frankly,
> I would start simple and make sure you can get things working. Try following
> the instructions in the book
> (http://svnbook.red-bean.com/svnbook-1.1/index.html) and setup a single
> repository under /usr/local/subversion (which you specified with the
> SVNParentPath directive):
>
> $ mkdir /usr/local/subversion
> $ svnadmin create /usr/local/subversion/systems
I was reading the SVN Book, the only problem perhaps is that I am trying
to make big leaps, unlike a newbie ;)
> Re-read the section in the book on per-directory access control
> (http://svnbook.red-bean.com/svnbook-1.1/ch06s04.html#svn-ch-6-sect-4.4.2).
> Note that the format for entries in your svn_access file is:
>
> [repos-name:path]
> username = access level
>
> The path is ~not~ the absolute path on disk, but is actually the path within
> the repository. So, if you want to give yourself read-write acces to
> everything in the systems repository, you need any entry in the svn_access
> file like this:
>
> [systems:/]
> wash = rw
>
> Try that and see if that works.
Sure. That works!!
Now I just to read more of the doco in order to try to understand how it
works before I start putting my configuration files in there.
cheers
- wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) |
<wash at wananchi dot com> . 1ere Etage, Loita Hse, Loita St., |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
--from a /. post
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Oct 28 08:15:29 2004