[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re:Re: Re: please help about SVN authentication

From: alinagra <alinagra_at_163.com>
Date: Thu, 2 Sep 2010 15:02:38 +0800 (CST)

actually I use svnserve, no Apache/http access.
and I have several repositories under the svn directory.
It looks like this:
svn
---prj1 repo
---prj2 repo
---prj2 repo

and this issue happens in every repo.

At 2010-09-01 17:36:29,"Erik Andersson" <kirean_at_gmail.com> wrote:

2010/9/1 alinagra<alinagra_at_163.com>
Here is the repo arch:

/trunk
    ----/folder a
    ----/folder b

    ----/folder c
    ----/access

/tag

I think this is the most common case, and it seems if one doesn't have access right, he can not create a tag for /trunk.
or is there something wrong with my configuration?

Are you using the SVNParentPath or SVNPath directive?
Can you show us your Subversion section for Apache?

At 2010-09-01 14:11:07,"Erik Andersson" <kirean_at_gmail.com> wrote:

2010/9/1 alinagra<alinagra_at_163.com>
Hi, buddies,

I have setup a SVN server and I use SASL authentication. But right now I have a authz question:
I can create tags with accont TIM, but when I try to create a tag with the account not jim, it reports "access denied" error.

Where do you create tags?
Does anyone know why? Thanks in advance

Here is my authz file:
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
### - a single user,
### - a group of users defined in a special [groups] section,
### - an alias defined in a special [aliases] section,
### - all authenticated users, using the '$authenticated' token,
### - only anonymous users, using the '$anonymous' token,
### - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').

[groups]
# harry_and_sally = harry,sally
aa = TIM

[test:/]
* = rw

[test:/trunk/access]
@aa = rw
* =

and here is the svnserve.conf:
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)

### Visithttp://subversion.tigris.org/ for more information.

[general]
### These options control access to the repository for unauthenticated
### and authenticated users. Valid values are "write", "read",
### and "none". The sample settings below are the defaults.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
#password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
realm = dreamlink

[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
min-encryption = 128
max-encryption = 256

您想拥有和网易免费邮箱一样强大的软件吗?

网易邮箱,没有垃圾邮件的邮箱。
Received on 2010-09-02 09:03:50 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.