You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by x nooby <xn...@yahoo.com> on 2005/11/28 16:14:03 UTC
Read access control with svnserver? (or must I use apache?)
Currently I am running a svnserver that a staff of
about 20 programmers use. We plan to give our clients
access to their source code, but not to eachother's
source code. I believe I have to switch our server to
run as an Apache module in order to have such
fine-grained access control. Is this true?
I have read that some people can use hook-scripts to
control access, but it appears to only allow you to
control write access.
Is there a way to control read access using svnserver?
thanks!
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Read access control with svnserver? (or must I use apache?)
Posted by Oliver Pajonk <ol...@gmail.com>.
2005/11/28, x nooby <xn...@yahoo.com>:
>
>
> So, to limit *read* access, I will have to use Apache
> 2.0?
>
> Doe the webserver really have to be Apache 2.0? I
> think I read it could not be Apache 1.3.
>
> We currently have Microsoft's IIS 6.0 webserver, I
> assume I cannot use Subversion on it.
>
> It sounds like I will have to install Apache 2.0 in
> order to get read access control.
>
Sadly I do not know if you can use Apache 1.x. Personally, I use mod_dav_svn
with Apache 2.0 on Linux, which is, of course, very easy to setup and
straightforward to use. I have never used svnserver though, so I cannot tell
anything about its possibilities.
--
Oliver Pajonk
Re: Read access control with svnserver? (or must I use apache?)
Posted by Garrett Rooney <ro...@electricjellyfish.net>.
On 11/28/05, x nooby <xn...@yahoo.com> wrote:
>
> > svnserve can limit read access in a few ways. In
>
> Are you saying 1.3 will be out in a few days? Or
> perhaps a beta-version will be out in a few days? I
> am running svnserve on a Windows box, and have only
> been downloading the "official" versions so far.
>
> On the status page, it says 1.3 will be out in
> December/January, do you mean that it might be out
> sooner? That would be great.
>
> "Subversion 1.3.0 (December 2005 / January 2006):
> Feature and bugfix release."
I'm saying that a release candidate will be out in the next day or
two, the actual release will follow about a month after that, after it
makes it through our soak period without any showstopper bugs being
found.
I imagine someone will make a windows build of the release candidate
soon after it is out, but I'm not sure exactly when that'll happen.
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Read access control with svnserver? (or must I use apache?)
Posted by x nooby <xn...@yahoo.com>.
> svnserve can limit read access in a few ways. In
Are you saying 1.3 will be out in a few days? Or
perhaps a beta-version will be out in a few days? I
am running svnserve on a Windows box, and have only
been downloading the "official" versions so far.
On the status page, it says 1.3 will be out in
December/January, do you mean that it might be out
sooner? That would be great.
"Subversion 1.3.0 (December 2005 / January 2006):
Feature and bugfix release."
I don't think I can wait until January, I would have
to use the Apache version if so. If it (1.3), or a
fix, is coming out in a few days, that would help a
lot.
We are trying to keep our customers code in the same
repo so we can more easily merge code between them,
thats why we have only one repo. The problem is we
can't give them read access to their code yet, because
then they could see eachothers.
thanks!
> versions prior to
> 1.3.x, you can limit read access on a per-repository
> basis (i.e. you
> require logins, and people without access to the
> repos can't read or
> write to it). In 1.3.x (not yet released, rc4
> should be out real soon
> now) you can limit read/write access on more fine
> grained levels (i.e.
> users bob and jack can read /project/trunk, but
> nobody else can).
>
> -garrett
>
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Read access control with svnserver? (or must I use apache?)
Posted by Garrett Rooney <ro...@electricjellyfish.net>.
On 11/28/05, x nooby <xn...@yahoo.com> wrote:
>
> So, to limit *read* access, I will have to use Apache
> 2.0?
>
> Doe the webserver really have to be Apache 2.0? I
> think I read it could not be Apache 1.3.
>
> We currently have Microsoft's IIS 6.0 webserver, I
> assume I cannot use Subversion on it.
>
> It sounds like I will have to install Apache 2.0 in
> order to get read access control.
>
svnserve can limit read access in a few ways. In versions prior to
1.3.x, you can limit read access on a per-repository basis (i.e. you
require logins, and people without access to the repos can't read or
write to it). In 1.3.x (not yet released, rc4 should be out real soon
now) you can limit read/write access on more fine grained levels (i.e.
users bob and jack can read /project/trunk, but nobody else can).
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Read access control with svnserver? (or must I use apache?)
Posted by x nooby <xn...@yahoo.com>.
So, to limit *read* access, I will have to use Apache
2.0?
Doe the webserver really have to be Apache 2.0? I
think I read it could not be Apache 1.3.
We currently have Microsoft's IIS 6.0 webserver, I
assume I cannot use Subversion on it.
It sounds like I will have to install Apache 2.0 in
order to get read access control.
thanks!
--- Oliver Pajonk <ol...@gmail.com> wrote:
> 2005/11/28, Ryan Schmidt
> <su...@ryandesign.com>:
> >
> > On Nov 28, 2005, at 17:14, x nooby wrote:
> >
> > > Currently I am running a svnserver that a staff
> of
> > > about 20 programmers use. We plan to give our
> clients
> > > access to their source code, but not to
> eachother's
> > > source code. I believe I have to switch our
> server to
> > > run as an Apache module in order to have such
> > > fine-grained access control. Is this true?
> > >
> > > I have read that some people can use
> hook-scripts to
> > > control access, but it appears to only allow you
> to
> > > control write access.
> > >
> > > Is there a way to control read access using
> svnserver?
> >
> > I believe you will need authz for that. For
> Subversion 1.2.x and
> > earlier it's only available with the Apache
> module. If you can wait
> > until Subversion 1.3.0, authz will be available
> with svnserve as well.
> >
>
> Not exactly, you can just use an Apache directive
> like the following:
>
> <Limit POST PUT DELETE>
> Require user <userlist here>
> </Limit>
>
> directly inside your <Location> directive for your
> SVN repository. This will
> limit *write* access to a list of users, so
> effectively read access is
> limited to everyone who access to the repository at
> all.
>
> Of course this implies that you have to use Apache
> with mod_dav_svn.
>
> --
> Oliver Pajonk
>
__________________________________
Yahoo! Mail - PC Magazine Editors' Choice 2005
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Read access control with svnserver? (or must I use apache?)
Posted by Oliver Pajonk <ol...@gmail.com>.
2005/11/28, Ryan Schmidt <su...@ryandesign.com>:
>
> On Nov 28, 2005, at 17:14, x nooby wrote:
>
> > Currently I am running a svnserver that a staff of
> > about 20 programmers use. We plan to give our clients
> > access to their source code, but not to eachother's
> > source code. I believe I have to switch our server to
> > run as an Apache module in order to have such
> > fine-grained access control. Is this true?
> >
> > I have read that some people can use hook-scripts to
> > control access, but it appears to only allow you to
> > control write access.
> >
> > Is there a way to control read access using svnserver?
>
> I believe you will need authz for that. For Subversion 1.2.x and
> earlier it's only available with the Apache module. If you can wait
> until Subversion 1.3.0, authz will be available with svnserve as well.
>
Not exactly, you can just use an Apache directive like the following:
<Limit POST PUT DELETE>
Require user <userlist here>
</Limit>
directly inside your <Location> directive for your SVN repository. This will
limit *write* access to a list of users, so effectively read access is
limited to everyone who access to the repository at all.
Of course this implies that you have to use Apache with mod_dav_svn.
--
Oliver Pajonk
Re: Read access control with svnserver? (or must I use apache?)
Posted by x nooby <xn...@yahoo.com>.
I see that 1.3 is due in December/January, but I do
not see this feature on their list:
http://subversion.tigris.org/project_status.html
I can probably wait until December if its going to be
in there, where did you find the reference to this?
This is good new, thanks!
--- Ryan Schmidt <su...@ryandesign.com>
wrote:
> On Nov 28, 2005, at 17:14, x nooby wrote:
>
> > Currently I am running a svnserver that a staff of
> > about 20 programmers use. We plan to give our
> clients
> > access to their source code, but not to
> eachother's
> > source code. I believe I have to switch our
> server to
> > run as an Apache module in order to have such
> > fine-grained access control. Is this true?
> >
> > I have read that some people can use hook-scripts
> to
> > control access, but it appears to only allow you
> to
> > control write access.
> >
> > Is there a way to control read access using
> svnserver?
>
> I believe you will need authz for that. For
> Subversion 1.2.x and
> earlier it's only available with the Apache module.
> If you can wait
> until Subversion 1.3.0, authz will be available with
> svnserve as well.
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail:
> users-help@subversion.tigris.org
>
>
__________________________________
Yahoo! Music Unlimited
Access over 1 million songs. Try it free.
http://music.yahoo.com/unlimited/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Read access control with svnserver? (or must I use apache?)
Posted by Ryan Schmidt <su...@ryandesign.com>.
On Nov 28, 2005, at 17:14, x nooby wrote:
> Currently I am running a svnserver that a staff of
> about 20 programmers use. We plan to give our clients
> access to their source code, but not to eachother's
> source code. I believe I have to switch our server to
> run as an Apache module in order to have such
> fine-grained access control. Is this true?
>
> I have read that some people can use hook-scripts to
> control access, but it appears to only allow you to
> control write access.
>
> Is there a way to control read access using svnserver?
I believe you will need authz for that. For Subversion 1.2.x and
earlier it's only available with the Apache module. If you can wait
until Subversion 1.3.0, authz will be available with svnserve as well.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org