On 08/13/2016 05:31 PM, Nico Kadel-Garcia wrote:
> Don't hurt yourself getting too clever. And don't forget that once
> ingested, Subversion is designed to *never let go* of content.
> Deleting any in the master simply won't ever clear the content from
> the core repository and its history, *ever*.
>
> Why do I bring this up? Because if it's MP3's and you discover a
> copyright violation, you cannot expunge the content without a *very*
> painful dump, iflter, and reload operation on a quite large
> repository.
The mp3 files, in this case, are indeed audio recordings but they
represent an aspect of an expanding instrumentation system that is part
of a specific [controlled ownership] environment. I don't think I have
overlooked any relevant copyright issues related to the storage of the
data. An indelible record is the goal (for now).
>> Since, in my case, the binary files should/must never change, is there a
>> way to configure a read-only attribute on specific files in the
>> repository such that any subsequent attempt to check-in a change to any
>> of those files will be rejected and an alert raised? The directory
>> structures should remain changeable.
>
> That's what user privileges in "svnserve.conf" that would provide
> "write once" control are designed for. It would *not* prevent
> operations on the local file system by an administrator, using
> "file:///" based access. I assume that if an admin performs that kind
> of access, they mean what they're doing and are aware they're avoiding
> the filters.
What would an "svnserve.conf" file with "write once" access control look
like? The book[1] shows something like this:
----------------------------------------------
[general]
password-db = userfile
realm = example realm
# anonymous users aren't allowed
anon-access = none
# authenticated users can both read and write
auth-access = write
----------------------------------------------
[1]:
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.auth.general
I intend to host this repository from a FreeBSD-10.3(x86) system where
`svnserve --version` is:
----------------------------------------------
svnserve, version 1.9.4 (r1740329)
compiled Jul 28 2016, 02:56:08 on i386-portbld-freebsd10.1
Copyright (C) 2016 The Apache Software Foundation.
This software consists of contributions made by many people;
see the NOTICE file for more information.
Subversion is open source software, see http://subversion.apache.org/
The following repository back-end (FS) modules are available:
* fs_fs : Module for working with a plain file (FSFS) repository.
* fs_x : Module for working with an experimental (FSX) repository.
----------------------------------------------
The manual page on that system `man svnserve.conf` describes:
auth-access = none|read|write
Received on 2016-08-14 00:20:50 CEST