I think you will need to enable read/write on / and use a pre-commit hook to disallow commits to /.
Russ
Sent wirelessly via BlackBerry from T-Mobile.
-----Original Message-----
From: Jehan PROCACCIA <Jehan.Procaccia@int-evry.fr>
Date: Tue, 10 Oct 2006 15:29:00
To:users@subversion.tigris.org
Subject: svn authz users strategies
hello,
I am trying to fine grained acces controls, here's a simple scenario, my
authz file (called from svnserve.conf) contain that:
[svn@share /var/www/svnweb/repos/s2ia/conf]
$ cat authz
[groups]
s2ia = procacci,tutu
[/]
@s2ia = r
[/procacci]
procacci = rw
tutu =
[/tutu]
tutu = rw
procacci =
I want both users procacci and tutu to have full access to their
personnal "subdirectory" in the s2ia repository, but no rights to others
directory.
It seems to work, exept that now there's a only a Read acces to / for
the group , tutu is unable to perform it's initial import:
[tutu@anaconda ~]
$svn import ./tutu -m "import initial tutu"
svn+ssh://svn@share.int-evry.fr/var/www/svnweb/repos/s2ia/tutu
svn: Access denied
I don't want to set rw on / because I don't want users to "garbage" the
repository with /xxx "subdirectories" anywhere, I want them to be able
to write only below their username (/login). You might says that I could
create a repository for each and every users, but I don't want to manage
hundreds of repository config :-( .
Any advice ?
PS: by the way, I also tried to set "absolute" path in authz file, like
[s2ia:/procacci] procacci = rw, but then I always get authorization
refused for every svn command as user procacci :-( ! why I can't set the
repository in front of the access rule ?
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Oct 10 15:53:55 2006