Urs Rau wrote:
> The problem:
> I have a website files with a variety of files on them, php, cgi (mod_perl),
> html, javascipt, postgresql
> scripts etc, all on a dedicated server and they get changed by many
> different types of users, webmasters, designers, support staff, data entry
> personnel and I have no way to get them, and the different tools they are
> using, to all go through a svn repository. But I would now like to use svn
> to track those changes 'after the fact' so to speak. I do know this is a bit
> like trying to close the gate after the horse has bolted .... but, it's the
> best in an undesireable situation.
>
>
>
"Undesirable" I think is an understatement.
> Hoped for benefits:
>
> - be able to follow the history of changes and generate reports
>
> - be able to reverse any 'bad' changes if things have been broken
>
> - rudimentary unauthorized changes detection tool
>
> Questions:
>
> - has anybody done this and are either scripts or notes about this sort of
> strange scm setup available online or on request?
>
> - how would you solve this task from a security viewpoint? Would it be more
> adviseable to remotely 'sshfs' mount the webservers filesystems from the
> internet back to the svn repository server on our offcie LAN and then have
> the svn checkin script run against those 'local' sshfs-files, rather
> than it running on the webserver and submitting back to the svn repository
> server inside our office network inside an ssh tunnel?
>
> Regards,
>
>
Question 1 - I don't have as convoluted a system as yours, but we use
the WebDAV functionality through Apache to allow several people to
change / modify / update documentation projects. We get versions out of
these that can be rolled around a little bit.
Question 2 - Use the Subversion authentication mechanism with Apache to
control who gets access to what folders. AND - if you use the latest
(1.3.0) you will have the added opportunity to get the DAV methods
logged in with your Apache log. This could be your "rudimentary
unauthorized changes tool", although to get to the files someone has to
be authorized to some level, anyway.
Hope that helps.
Regards,
Frank
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jan 17 21:26:27 2006