[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn????????

From: Olivier Sannier <obones_at_free.fr>
Date: Thu, 30 Apr 2009 16:26:15 +0200

Johan Corveleyn wrote:
> Well that would be fine, except for security: you'd need to have a generic "build user" (not corresponding to a real person), with fixed password, that has write access to the repository (needs to commit version info, make branches, tags, ...). In our case this means this "user" has to exist in our LDAP in the developers group (only that LDAP group has write access currently).
> Our sysadmins don't like such generic user accounts (for one thing: their password tends to be fixed over time to help all the automation, contrary to normal accounts, which are forced to change their password every x months).
Can't you configure the svn server (or apache) to use a second
authentication method so that you can have your "build" user outside the
LDAP directory?
And I must agree with Bob on this issue, if it's not possible, it's not
much to change a password every few months. You could even automate this
in your script. If the LDAP server is kicking you out, then change the
password. There must be command line tools that allow you to do that.


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-04-30 16:27:16 CEST

This is an archived mail posted to the Subversion Users mailing list.