[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: PAM + AuthzSVNAccessFile

From: Bernd Kuemmerlen <bkuemmer_at_gmx.net>
Date: 2005-06-02 09:37:34 CEST

>> Subject:
>> Re: PAM + AuthzSVNAccessFile
>> From:
>> Christopher Frauenberger <frauenberger@iem.at>
>> On 1 Jun 2005, at 18:46, Frank Gruman wrote:
>>
>>> Try adding this after the "Satisfy Any"
>>> Order Allow,Deny
>>> Allow from all
>>>
>>> This makes sure that all users get some sort of access.
>>>
>> Unfortunatly that doesnt change anything: still no access for
>> authorised users...
>>
>> It seems that it ignores the file given as AuthzSVNAccessFile; I
>> could provide even non-existing files resulting in the same
>> behaviour. I have double checked permissions and name of the file, it
>> is certainly there and readable...

I am not sure if this exactly what you want, but the following
configuration works for us:

<Location /svn>
   DAV svn
   SVNParentPath /srv/svn

   AuthPAM_Enabled On
   AuthType Basic
   AuthAuthoritative off
   AuthName "Subversion server access"
   AuthUserFile /srv/htpasswd

   AuthzSVNAccessFile /srv/svnaccess

   require valid-user
</Location>

and an svnaccess file like this:

  [/]
  # Allow everyone read on the entire repository
  * = r

I think in our case the relevant line which made this work was
   AuthAuthoritative off
in the apache server configuration.

This gives full r/w-access for users authorized through PAM and
read-only access for users authorized through the apache AuthUserFile.

Hope this helps
Cheers
        Bernd

-- 
"I'm a doctor, I am supposed to tell people where it hurts (so I can
fix it and make money)."
					-- Mark S.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jun 2 09:39:39 2005

This is an archived mail posted to the Subversion Users mailing list.