On Wed, May 03, 2006 at 03:17:31PM +0200, John Biddiscombe wrote:
> Is there some way that the admins can allow me to create
> projects/repositories/users and change access rights etc without me
> being a root user and without allowing me to break the entire system
First of all: Apache should /never/ run as root, so for configuring
apache there are no root privileges needed.
For the user management I use this (short to give you just an idea):
in httpd.conf:
<Location /it/>
Include conf/subversion.conf
SVNParentPath /svn/svn/it
AuthzSVNAccessFile conf/svnaccess/svnaccess.it
AuthName "Access to IT area"
</Location>
In svnaccess.it, I have (among other things):
[jsubversion01:/]
@it = rw
[jsubversion01:/svnaccess.ics]
tsenger = rw
In the it repository, I have a post-commit hook:
cd /usr/local/httpd-ssl-2.0.58/conf/svnaccess && \
/usr/local/subversion-with-ssl-1.3.1/bin/svn up file:///svn/svn/it/jsubversion01/ .
So, /usr/local/httpd-ssl-2.0.58/conf/svnaccess is a wc for the
repository [jsubversion01:/].
Every member of the group it has been granted full access to
/usr/local/httpd-ssl-2.0.58/conf/svnaccess, and the user tsenger has
only access to /usr/local/httpd-ssl-2.0.58/conf/svnaccess/svnaccess.ics.
Since changes on these files take effect without restarting apache, I
can control acces to svn by using svn itself :-)
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed May 3 15:44:21 2006