[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn authz users strategies

From: Russ <rsivak_at_istandfor.com>
Date: 2006-10-10 15:52:59 CEST

I think you will need to enable read/write on / and use a pre-commit hook to disallow commits to /.

Russ
Sent wirelessly via BlackBerry from T-Mobile.

-----Original Message-----
From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>
Date: Tue, 10 Oct 2006 15:29:00
To:users@subversion.tigris.org
Subject: svn authz users strategies

hello,
I am trying to fine grained acces controls, here's a simple scenario, my
authz file (called from svnserve.conf) contain that:
[svn@share /var/www/svnweb/repos/s2ia/conf]
$ cat authz
[groups]
s2ia = procacci,tutu
[/]
@s2ia = r
[/procacci]
procacci = rw
tutu =
[/tutu]
tutu = rw
procacci =

I want both users procacci and tutu to have full access to their
personnal "subdirectory" in the s2ia repository, but no rights to others
directory.
It seems to work, exept that now there's a only a Read acces to / for
the group , tutu is unable to perform it's initial import:

[tutu@anaconda ~]
$svn import ./tutu -m "import initial tutu"
svn+ssh://svn@share.int-evry.fr/var/www/svnweb/repos/s2ia/tutu
svn: Access denied

I don't want to set rw on / because I don't want users to "garbage" the
repository with /xxx "subdirectories" anywhere, I want them to be able
to write only below their username (/login). You might says that I could
create a repository for each and every users, but I don't want to manage
hundreds of repository config :-( .
Any advice ?

PS: by the way, I also tried to set "absolute" path in authz file, like
[s2ia:/procacci] procacci = rw, but then I always get authorization
refused for every svn command as user procacci :-( ! why I can't set the
repository in front of the access rule ?

Thanks.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Oct 10 15:53:55 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.