[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Repository design for multisite development & export restrictions

From: Frank Gruman <fgatwork_at_verizon.net>
Date: 2005-09-13 17:08:51 CEST

Don Bockenfeld/FVI wrote:

>I'm standing on my head to avoid a nontechnical fight. Is this approach
>safe (that is, doesn't break svn), or should I take the bull by the horns
>and pick a fight?

I wouldn't say you have to pick a fight at all. If your primary IT team
says to locate all code in the US on one server, then go for it. Are
they actually truly saying that it all has to exist in one single code
repository?? If not, then you can drop them anywhere you want on that
single server, and then set up multiple <Location> directives in Apache
(I am assuming Apache) and build your permissions from that. This way,
if you ever get audited you will have separation of your
export-restricted code from the other and yet you could still have
everything appear to be one united system. Or you could use
SVNParentPath and create multiple repositories under the one directory
and then use the AuthzSVNAccessFile to control who gets access to what.
But this doesn't quite make it in my book because then a user from the
US could travel outside the states and still access the data. Is this
an allowed function?? If so, the second option might be easier.

 [Option 1]
  <Location /svn/us>
    SVNPath /code_repos/export/us/code
    AuthType {blah blah blah}

  <Location /svn/global>
    SVNPath /code_repos/global/code
    AuthType {blah blah blah}

[Option 2]
<Location /svn>
  SVNParentPath /code_repos


To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Sep 13 17:11:57 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.