[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: block the file:/// access in AFS

From: Riccardo-Maria Bianchi <riccardomaria.bianchi_at_physik.uni-freiburg.de>
Date: 2007-01-09 16:58:12 CET

Thanks!! I try it! :)

Bye,

    Ric.

Miller, Eric wrote:
> Riccardo-Maria Bianchi wrote:
>>> Can I block the file:/// access protocol, in order to use only the
>>> svnserve?
>
> chmod the repository as write only by some user (say svnuser). Users will then access the repository like this:
>
> svn+ssh://svnuser@host/path/to/repos
>
> This will cause the svnserve process to be launched under svnusers pid thus allowing access to the repository. You then need to modify ~svnuser/.ssh/authorized_keys to add permitted users via public key access and use the command feature of that file to start "svnserve --tunnel userA". This makes it so that locking, commits, etc. happen by userA, not svnuser.
>
> Check out the svn book for more details. You can write a wrapper around svnserve to validate access based on unix groups as well (which is why I explored this avenue).
>
> Ulrich Eckhardt wrote:
>> Well, that's how it work: SVN+SSH just tunnels (file-)access over SSH. If
>> they can login to the machine and use file:/// it is mostly the same.
>
> That is not accurate. SVN+SSH does exactly what it sounds like - tunnels svnserve transactions across SSH. Everytime an ssh connection is initiated a svnserve process is started to handle it.
>
> Hope that helps,
>
> Eric
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jan 9 16:58:29 2007

This is an archived mail posted to the Subversion Users mailing list.