[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svnadmin create and not being method agnostic

From: Les Mikesell <lesmikesell_at_gmail.com>
Date: Wed, 29 Dec 2010 11:32:09 -0600

On 12/29/10 11:03 AM, Philip Prindeville wrote:
>
>> That's unclear, I agree. I've taken it in a slightly different
>> direction, trying to address his concerns.
>
> So my concern is this: I want to be able to easily, clearly, and with high
> confidence set up SVN to *only* work via Apache, and no other way. And I think
> that it's not unreasonable for the admin to be able to tell "svnadmin create"
> which access method he plans on using.

If you don't want people to run svnserve, just remove the binary. If you don't
want file:/// access, don't give anyone access to the filesystem or ssh
connections. It really seems like a waste of time to me to try to control what
a developer with access to both the source code and the filesystem in question
can or can't do. I agree that making it harder to do something stupid is a good
idea, but starting wars between developers and administrators isn't going to be
a good idea unless the only access the machine is over http(s).

> And I can say, as an admin a decade ago, that software that is simple and clear
> to setup and operate is a joy in an otherwise largely thankless job (since
> people only talk to you when things are broken, not when they work correctly).

But even that is a mixed bag. If you have an existing infrastructure for
authentication and/or client ssl certificates you are going to want software
that is versatile enough to use it instead of forcing you to use its own
different mechanisms.

-- 
   Les Mikesell
    lesmikesell_at_gmail.com
Received on 2010-12-29 18:32:52 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.