[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: authz repository syntax

From: Jehan PROCACCIA <Jehan.Procaccia_at_int-evry.fr>
Date: 2006-10-27 10:20:04 CEST

Lieven Govaerts wrote:
> Jehan PROCACCIA wrote:
>> I found the changelog
>> http://svn.collab.net/repos/svn/trunk/CHANGES
>> however, I didn't find anything about supporting [repository:/folder]
>> syntax in authz file for svnserve is a 1.4 :-(
>> Then shall I consider this as a bug ?
> That syntax has been supported since 1.3, there's nothing changed in 1.4
> concerning authz and svnserve as far as I know.
> I suggest you describe in detail what your setup looks like, how your
> authz file looks like and which action exactly fails + the error message
> you get.
> Lieven.
1) I configure svnserve to read a common (central) to all repositories
authz file, here /svn/authz.s2ia, note that syntax is [repository:/folder]

[svn@share /svn/s2ia/procacci/conf]
$ grep authz svnserve.conf
authz-db = /svn/authz.s2ia
#authz-db = authz

/svn/authz.s2ia contains
s2ia = procacci,tutu
@s2ia = r
* =
procacci = rw
* =
procacci = rw

then procacci wants to write to its repository , but he's get a
authorization failed :-(
[procacci@anaconda ~/checkout]
$svn checkout svn+ssh://svn@share.int-evry.fr/svn/s2ia/procacci/ ; cd
$svn add test.sh
A test.sh
[procacci@anaconda ~/checkout/procacci/trunk/scripts]
$svn commit -m "added test.sh"
svn: Commit failed (details follow):
svn: Authorization failed

2) If I set a local authz file for the repository

[svn@share /svn/s2ia/procacci/conf]
$ grep authz svnserve.conf
#authz-db = /svn/authz.s2ia
authz-db = authz

/svn/s2ia/procacci/conf/authz contains: (note that syntax is now [/folder] )

procacci = rw
* = r
procacci = rw
* =

user procacci can now add the file

[procacci@anaconda ~/checkout/procacci/trunk/scripts]
$svn commit -m "add test.sh"
Adding scripts/test.sh
Transmitting file data .
Committed revision 3.

So I concluded that [repository:/folder] syntax is not "honored" by
svnserve . all my exemples with the central /sv/authz.s2ia file acl
works very fine with Dav acces .

3) An other proof of my problem, now that test.sh has been added, I
switch back to /svn/authz.s2ia for svnserve config (authz-db =
I modifie locally test.sh
[procacci@anaconda ~/checkout/procacci/trunk/scripts]
$svn commit -m "mod test.sh"
Sending scripts/test.sh
Transmitting file data .svn: Commit failed (details follow):
svn: Access denied

What's wrong ? why some on this list mention the same problem and for
other (on 1.4 !) that does work ?


PS: svn+ssh works trough the svn account this way
and ssh authorized_keys in svn account contain public keys of users,
allowing them to start the command svnserve -t --tunnel-user=login
[svn@share ~/.ssh]
$ cat authorized_keys
command="svnserve -t --tunnel-user=procacci" ssh-rsa AAAAB_LONG_KEY ...=

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Oct 27 10:20:30 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.