[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Recommendation for path-based authorisation auditing tool?

From: Joseba Ercilla Olabarri <joseba.ercilla_at_gmail.com>
Date: Mon, 30 Sep 2013 06:58:56 +0200

Hi David,
Not sure if your needs could be covered by a 'better UI' for authz file
but, just in case, take a look to this contribution we made some days ago
to the Svnedge projec (and open source project from Collabnet):
https://ctf.open.collab.net/sf/discussion/do/listPosts/projects.svnedge/discussion.user_questions.topc7106

Just click in the 'Repositories -> Access Rules' option and see if it meet
your needs.

By the way, just advise this contribution is currently waiting to be
reviewed and approved, so is not included in the current release, but we
hope it would be soon.

Best regards,

______________________

Joseba Ercilla Olabarri
+34 902 002 293

www.gailen.es
______________________

On Fri, Sep 27, 2013 at 2:40 AM, Geoff Field <Geoff_Field_at_aapl.com.au>wrote:

> Hi David,
>
> I hate to sound like I'm stating the bleeding obvious, but what about just
> looking at the authz file with a text editor?
>
> It's not hard to interpret if your usernames are sensible. I've recently
> spent a little while making sure the projects are sorted in a sensible
> order, so finding particular projects is quite easy (apart from just using
> the built-in search functions).
>
> Having said that, we use a home-grown tool (written by a long-gone
> colleague in C# and backed by an SQL database for administration items) for
> some network administration tasks. Mostly, this is useful as a lazy way of
> adding or deleting projects. I still use the text editor for modifying
> user permissions (because it's faster and easier).
>
> Regards,
>
> Geoff
>
> From: David Aldrich
> Sent: Friday, 27 September 2013 1:08 AM
>
> Hi Mark
>
> Thanks, that's a very helpful suggestion.
>
> Best regards
>
> David
>
>
>
> From: Mark Phippard
> Sent: 26 September 2013 16:06
>
> On Thu, Sep 26, 2013 at 11:02 AM, David Aldrich wrote:
>
> Hi Mark
>
> Thanks for replying. By auditing, I mean the ability to
> easily see who has access to a specified folder. I think we already have
> the recording of changes covered. svnauthz_accessof looks interesting, but
> it reports whether a specified user has access. I would prefer to ask 'who
> has access?' to a specified folder.
>
> OK. I am not aware of any tools commercial or otherwise that
> provide the information that way. If you use groups and have a finite
> number of them, it seems like it would be a fairly simple script to check
> each group against the path using the command line tool and report which
> ones have access.
>
> --
> Thanks
>
> Mark Phippard
> http://markphip.blogspot.com/
>
> --
> Apologies for the auto-generated legal boilerplate added by our IT
> department:
>
>
> - The contents of this email, and any attachments, are strictly private
> and confidential.
> - It may contain legally privileged or sensitive information and is
> intended
> solely for the individual or entity to which it is addressed.
> - Only the intended recipient may review, reproduce, retransmit, disclose,
> disseminate or otherwise use or take action in reliance upon the
> information
> contained in this email and any attachments, with the permission of
> Australian Arrow Pty. Ltd.
> - If you have received this communication in error, please reply to the
> sender
> immediately and promptly delete the email and attachments, together with
> any copies, from all computers.
> - It is your responsibility to scan this communication and any attached
> files
> for computer viruses and other defects and we recommend that it be
> subjected to your virus checking procedures prior to use.
> - Australian Arrow Pty. Ltd. does not accept liability for any loss or
> damage
> of any nature, howsoever caused, which may result
> directly or indirectly from this communication or any attached files.
>
>
>
Received on 2013-09-30 07:00:04 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.