[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Setup authz file

From: Holger Stratmann <tigris_at_finch.de>
Date: Wed, 09 Apr 2008 17:04:07 +0200

Styrberg Kenneth wrote:
> Hi,
> we have a simple setup with some projects in our repository. Now we
> want to restrict access to some projects by setting access to
> "no-access" but it does not work as we expect.
Have you read the documentation? ;-D

AFAIK, you need
instead of

Perhaps more importantly: is this the whole authz-file?! Where is group1
even defined?! You do have a [groups] - section, right? If you don't,
you just block access for everybody and this explains why (the
nonexistant) group1 cannot even checkout...

Good luck,


P.S.: If you don't need PATH-based authorization, but rather
"repository-based" authorization, this might be MUCH better placed in
Apache's httpd.conf!!
This can easily be achived with a single "Location" or "LocationMatch"
in Apache... (sth like "/svn/(proj1|proj2|projn)/")
Read the brown(ish) box on the page I linked above...

> Here is the authz file:
> [/]
> *=r
> [proj1]
> @group1=rw
> *=
> [proj2]
> @group1=rw
> What we want is to have no access to proj1 unless member of group1 and
> read access to proj2 unless member of group1.
> Simple enough? Problem is that group1 cannot even checkout proj1, with
> error "Read access denied for root of edit". If we set [/] to *=rw,
> then checkout is possible, but our access rules isnt what we want.
> Can someone shed a light on how to configure this properly.
> Svn version 1.4.0
> Regards
> Kenneth

To unsubscribe, e-mail: users-unsubscribe_at_subversion.tigris.org
For additional commands, e-mail: users-help_at_subversion.tigris.org
Received on 2008-04-09 17:04:48 CEST

This is an archived mail posted to the Subversion Users mailing list.