[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Problems with svn auth and acess control

From: Trevor Harrison <trevorsharrison_at_gmail.com>
Date: 2007-04-28 05:28:35 CEST

I'm having problems setting up a public and private repos.

I have a private repo (/var/subversion/private) and a public repo
(/var/subversion/public).

In apache, I'm using the svnparentpath pointing to /var/subversion,
and I've setup the auth options as described in the red book (example
6.3 A sample configuration for mixed authenticated/anonymous access.)

<VirtualHost *:80>
        ServerName svn.domain.com
        ErrorLog logs/error.log
        CustomLog logs/access.log common

        <Location />
                DAV svn
                SVNParentPath /var/subversion
                AuthzSVNAccessFile /var/subversion/svnaccess

                AuthType Basic
                AuthName "Subversion Access"
                AuthUserFile /var/subversion/userpw
                Satisfy Any
                Require valid-user
        </Location>
</VirtualHost>

My svnaccess file looks like:
---------------------------------------
[groups]
everyone=trevor,david
admin=trevor

[/]
@admin=rw

[private:/]
@everyone=r
trevor=rw

[public:/]
*=r
everyone=rw
--------------------------------------

Access to the private repo works fine as expected. Access to the
public repo work fine for browsing and checking out copies.

However, write operations don't work if I have the *=r line:

$ svn ci -m "Test commit3"
Sending subdir/test.txt
Authentication realm: <http://svn.domain.com:80> Subversion Access
Password for 'trevor':
svn: Commit failed (details follow):
svn: CHECKOUT of '/public/!svn/ver/3/subdir/test.txt': 403 Forbidden
(http://svn.domain.com)

If I remove the *=r line, I can commit. After successsfully commiting
and caching my credentials, putting the *=r line back in errors out
the same, just without requesting my password.

Am I following the directions from the red book correctly?

How do I allow anonymous readonly access to a repo and read-write to
authed users?

-Trevor

-ps. svn is 1.3.2 and apache is 2.0.58.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat Apr 28 05:28:59 2007

This is an archived mail posted to the Subversion Users mailing list.