Hi all,
(I've read through authz: what has precedence when user..., but this
does not cover my problem, I think.)
svn 1.3.1 running as an apache DSO.
Access to the entire webserver ony for authenticated users.
Snipplet from httpd.conf:
</Location>
<Location /foo/>
Include conf/subversion.conf
SVNParentPath /svn/svn/foo
AuthzSVNAccessFile conf/svnaccess/svnaccess.foo
AuthName "Access to HR area"
</Location>
Snipplet from subversion.conf:
DAV svn
SVNIndexXSLT "/svnindex.xsl"
SVNListParentPath on
AuthType Basic
[AuthLDAP stuff]
require valid-user
Now for svnaccess.foo:
[groups]
restrictgroup = external1, external2
agroup = internal1, internal2
[/]
@restrictgroup =
* = r
[aproject:/]
@agroup = rw
I would think:
1.: external1 end external2 are not alllowed to see the root ([/]).
2.: As access controls are inherited, both also cannot see aproject.
But they see all :-(
If I use this:
[aproject:/]
@restrictgroup =
@agroup = rw
external1 and external2 cannot access aproject. But I do not want to use
this, since I have a lot of projects and sometimes I may forget to deny
access.
What I want to have: members of restrictgroup shall only see a certain
directory in a certain project. They also must not read the root
(SVNParentPath).
How would you do this?
Thanks,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue May 23 15:48:15 2006