On Aug 14, 2009, at 11:47 PM, Ryan Schmidt wrote:
> On Aug 15, 2009, at 00:47, Erick Calder wrote:
>
>>> Stop right there. Proceed *DIRECTLY* to the use of svn+ssh to get a
>>> much better security model. Subversion's tendency to store passwords
>>> in clear text is very nasty, and this is the most reliable fix for
>>> it,
>>> one used by Slashdot and other security conscious systems
>>
>> the svn+ssh model is problematic because I really don't want to give
>> system accounts to those that will use svn...
>
> Fortunately, you don't need to. :) Everyone can share a single
> account to access Subversion on the server via svn+ssh. See this FAQ:
>
> http://subversion.tigris.org/faq.html#ssh-authorized-keys-trick
thanks for the link, I read through the docs and got it to work. it
would have helped to indicate that I now have to access the repo like
svn+ssh://myserver/repo-path/project, instead of svn://myserver/
project... but I figured it out. I checked out a project, made a
change to a file and tried to commit it but I get the following error:
ekkis_at_aprilis:~/Development/janus/DB/Ent/trunk # svn commit
Sending trunk/Ent.pm
Transmitting file data .svn: Commit failed (details follow):
svn: Can't open file '/var/svn/db/txn-current-lock': Permission denied
my repo is located at /var/svn and I've set its ownership to svn:svn
so I'm guessing my account doesn't have write permissions... my
question is: since my account "ekkis" does not exist on the server (I
used the --tunnel-user option in the "command" portion of the
authorized_keys2 file), how do I add it to the svn group?
or else... how is this supposed to work?
TIA - ekkis
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2386626
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-24 06:39:32 CEST