Don Bockenfeld/FVI wrote:
><snip>
>I'm standing on my head to avoid a nontechnical fight. Is this approach
>safe (that is, doesn't break svn), or should I take the bull by the horns
>and pick a fight?
></snip>
>
>
>
I wouldn't say you have to pick a fight at all. If your primary IT team
says to locate all code in the US on one server, then go for it. Are
they actually truly saying that it all has to exist in one single code
repository?? If not, then you can drop them anywhere you want on that
single server, and then set up multiple <Location> directives in Apache
(I am assuming Apache) and build your permissions from that. This way,
if you ever get audited you will have separation of your
export-restricted code from the other and yet you could still have
everything appear to be one united system. Or you could use
SVNParentPath and create multiple repositories under the one directory
and then use the AuthzSVNAccessFile to control who gets access to what.
But this doesn't quite make it in my book because then a user from the
US could travel outside the states and still access the data. Is this
an allowed function?? If so, the second option might be easier.
[Option 1]
<Location /svn/us>
SVNPath /code_repos/export/us/code
AuthType {blah blah blah}
...
...
</Location
<Location /svn/global>
SVNPath /code_repos/global/code
AuthType {blah blah blah}
...
...
</Location>
[Option 2]
<Location /svn>
SVNParentPath /code_repos
...
...
</Location>
Regards,
Frank
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Sep 13 17:11:57 2005