[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Queries about SVN (Security related)

From: Cooke, Mark <mark.cooke_at_siemens.com>
Date: Fri, 25 Nov 2011 09:57:26 +0000

[Please reply in-line, it makes it easier to see the full context...]

> -----Original Message-----
> From: Jerryleen S [mailto:jerryleen.s_at_prdcinfotech.com]
> Sent: 25 November 2011 09:43
> To: Cooke, Mark; users_at_subversion.apache.org
> Cc: channaveeraswamy
> Subject: RE: Queries about SVN (Security related)
> -----Original Message-----
> From: Cooke, Mark [mailto:mark.cooke_at_Siemens.com]
> Sent: Friday, November 25, 2011 12:48 PM
> To: Jerryleen S; users_at_subversion.apache.org
> Cc: channaveeraswamy
> Subject: RE: Queries about SVN (Security related)
> > -----Original Message-----
> > From: Jerryleen S [mailto:jerryleen.s_at_prdcinfotech.com]
> > Sent: 25 November 2011 06:32
> > Subject: Queries about SVN (Security related)
> >
> > Dear Sir,
> >
> > We are in the process of selecting SVN system in our company,
> > could you please clarify following points.
> >
> > 1. Restricting branching activity based on roles specified.
> > That is denying branch functionality to users based on
> > their roles.
> > 2. Denying delete/add folder to certain users, it is not just
> > r or r/w. if user has r/w access but shouldn't have delete or
> > add access, only modify commit should be accessible.
> This functionality is not "baked in". It might well be
> possible to do with a pre-commit hook but you (your admin
> team) would need to write and maintain the script.
> Personally I have not tried to do such things.
> Dear Mark,
> Thanks for prompt reply, is it possible to give hook script
> for first 2 queries as I have done exhaustive search in
> search forums but haven't found hook script to do the following action

Sorry, I have no experience in doing this having only done a few simple post-commit hooks on windows. I too find it difficult to find good hook examples, especially for windoze.

Have you looked at the default pre-commit.tmpl that is installed in your hooks directory? That shows how to get the author name and references a perl script to do some authorisation checking...

> > > 3. Is it possible host repos in 2 different physical locations?
> >
> > What do you mean by host? There is built-in support for
> > providing read-only mirrors (also as write-through proxies)
> > but if you want multiple 'master' repositories then you need
> > to look to WanDISCO's proprietry MultiSite extension.
> >
> I meant in Collabnet admin GUI we can give location of only
> one data location, i.e., if we want to place repos in more
> than one machine or physical location, is it possible.
Do you mean separate repositories? That is down to how you configure apache. I have not used the Collabnet admin GUI having decided at the start that I wanted to understand what was going on. You can easily declare multiple SVNParentPath locations (I do this for hosting separate groups of projects) within the one apache config. However, AFAIK you need the data files on storage "local" to the server (networked storage does not seem to be recommended). I use a virtualised windoze server box with virtual local disk space but we have modest storage requirements so far.

To use a separate server I would assume you need to setup apache & subversion on that server too...

~ mark c

> > 4. How to delete folders or file permanently.
> I assume you mean "remove completely from all history"?
> Ignoring all the arguments about if a source control product
> should even allow this, it is only currently possible by
> 'dump', 'dumpfilter' and 'reload'ing the whole repository.
> It is a feature on the roadmap
> (http://subversion.apache.org/roadmap.html) called
> 'obliterate' but not soon.
> > As of now we are using following software for svn access:
> >
> > Collabnet Subversion Edge 2.0.1
> > SVN 1.6
> > Tortoise 1.6.
> >
> > We are using SVN system as trail basis before adapting for
> > entire company. So please clarify above issues.
> I assume you have found and read the online subversion book?
> http://svnbook.red-bean.com/en/1.7/index.html

> Yes I have PDF copy of this file, it is very informative. I
> have been maintaining SVN since 2 months using this document.
> Thanks & Regards,
> Jerryleen S
> Project Coordinator, PRDC
Received on 2011-11-25 10:58:14 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.