Re: Can't figure out authzfile syntax for subdirectory access control

From: Xn Nooby <xnooby_at_gmail.com>
Date: 2006-04-27 21:29:20 CEST

Thanks you, I will try this out!

On 4/27/06, Mathias.Weinert@gfa-net.de <Mathias.Weinert@gfa-net.de> wrote:
>
> Xn Nooby wrote:
>
> >
> > Hi,
> >
> >
> > I'm trying to get path-based authorization to work on an existing
> installation. I upgraded my svnserve from 1.2.3 to 1.3, and tried to make
> the appropriate changes.
> >
> > I changed my svnserve.conf file by adding the line:
> >
> > authz-db = authzfile
> >
> > In the authzfile I added the following lines to block all access:
> >
> > [/]
> > * =
> >
> > Then I added the following line to give myself read/write access (which
> worked with commits):
> >
> > [/]
> > * =
> >
> > [/]
> > me = rw
> >
> > When I try to limit my access to specifc folders, it doesn't work:
> >
> > [/]
> > * =
> >
> > [/svnrepo/clientname]
> > me = rw
> >
> > This results in an "access denied" when I try to commit a change. I
> believe the problem is with the pathname (and I tried many variations).
> >
> > My server is svnserve on a Windows 2003 Server. Svnserve is running as
> a service. I have one repository, and all my clients are in one
> high-level directory ("svnrepo"). I've been trying to follow the
> directions here:
> >
> > http://svnbook.red-bean.com/en/1.1/ch06s04.html#svn-ch-6-sect-4.4.2
> >
> > But I do not understand the syntax of their pathname, why does it have a
> repository name followed by a colon? I don't think I have a repository
> name. For example:
> >
> > [calc:/branches/calc/bug-142]
> > harry = rw
> > sally = r
> >
> > Any suggestions? I need to figure out how to control access to
> subdirectories in my repository.
> >
> > I trined many things like:
> >
> > [/svnrepo/clientname]
> > [:/svnrepo/clientname]
> > [/svnrepo]
> > [svnrepo:/svnrepo/clientname]
> > [:/svnrepo]
> >
> > Thanks!
> >
>
> You have to specify (in addition):
>
> [/]
> me = r
>
> AFAIK this is supposed to be a bug which will be corrected
> in an upcoming version (you can find some posts about this
> in the users and the dev mailing lists).
>
> If you don't want to be able to read folders other than
> /svnrepo/clientname you also have to say
>
> [/otherfolder_1]
> me =
>
> [/otherfolder_etc]
> me =
>
> Hope this helps.
>
> Mathias
>
>
Received on Thu Apr 27 21:31:08 2006

This message: [ Message body ]
Next message: bruce: "RE: Large Repository .vs Many Smaller ones.."
Previous message: Ryan Schmidt: "Re: Should this question be on dev --> Apache 2.2 mod_dav_svn.so for Subversion 1.3 on Windows XP"
In reply to: Mathias.Weinert_at_gfa-net.de: "Re: Can't figure out authzfile syntax for subdirectory access control"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]