Hi
I am trying to configure svn without much success.
I would like to offer anonymous access to my repositories and protect
commits by ssh authentification.
I also would like to offer a per directory access so that a know user of
a project cannot access another project.
I read all the articles I found on the subject but it doesn't seem to work.
First I have a system user svn (svn:x:109:116::/home/svn:/bin/bash) with
a group svn.
My repository is located at /var/svn/repository with the following
permissions :
// SVN SYSTEM ACCOUNT WITH a UMASK 0022 AND A PASSWORD
drwxr-xr-x 18 root root 4096 2007-12-02 23:29 var
drwxr-xr-x 3 root root 4096 2007-10-25 18:33 svn
+drwxr-xr-x 7 root svn 4096 2007-10-25 18:33 repository
->drwxr-sr-x 5 root svn 4096 2007-10-25 19:13 db
->...
First question :
when I created the account I read a tutorial where they explain to
create the account like this:
adduser svn --ingroup svn --shell=/bin/bash --system
I have also added in .bashrc
umask 002
but it seems that .bashrc is not loaded automatically.
Does it come from the fact I should not have created the account as a
system account ?
// SSH for SVN account
Since I am using a single unix account and I want ssh for commits I have
added a public/private key in /home/svn/.ssh/authorized_keys:
drwxr-xr-x 2 svn svn 4096 2007-12-09 18:48 .ssh
-rw------- 1 svn svn 682 2007-12-09 18:48 authorized_keys
command="/usr/bin/svnserve -t --tunnel-user=testme -r
/var/svn/repository" ssh
-dss AAAAB3N...== svn@mydomain.fr
//SVN CONFIG
I have configured the conf file like this :
[general]
### These options control access to the repository for unauthenticated
### and authenticated users. Valid values are "write", "read",
### and "none". The sample settings below are the defaults.
anon-access = read
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the conf directory.
### Uncomment the line below to use the default password file.
# password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the conf
### directory. If you don't specify an authz-db, no path-based access
### control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
# realm = My First Repository
//AUTHZ CONFIG
[groups]
admin = testme
# Users in admin group have ALL access
[/]
@admin = rw
Second question : has the testme user be a real user account or is
it just a svn account ?
Finally when I test this configuration with TortoiseSVN(First I have
converted my private key in Putty format .PPK and I have
declared a connection to my server) it doesn't work when commiting.
svn+ssh://svn@svn_mydomain_fr/myproject/trunk/test.h
I get the following error :
Can't create directory '/var/svn/repository/db/transactions/4-1.txn':
Permission denied
So my last question : WHAT AM I DOING WRONG ?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Dec 9 19:45:50 2007