You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@subversion.apache.org by Calvin <sz...@hotmail.com> on 2005/07/20 16:48:03 UTC

svn:ignore

I set the svn:ignore property, but I can still check in files which is
ignored.

Is it a property only affect svn:status, or actually enforced on server side
to ignore the files?

Thanks,

Calvin


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: How to enable user to change their own password

Posted by Theo Van Dinter <fe...@kluge.net>.

On Wed, Jul 20, 2005 at 02:35:01PM -0700, Nick Pappas wrote:
> For Apache, you would need to give the user your server runs under
> ('nobody' commonly) access to the password binary.  A simple PHP
> script could run it off the server with whatever parameters you need.

I have a perl CGI example of this available at
http://www.kluge.net/~felicity/random/htpasswd-pl.txt

Hope it helps. :)

-- 
Randomly Generated Tagline:
Inoculatte: To take coffee intravenously when you are running late.
         - Washington Post

Directory Matching in Access Policy file

Posted by Calvin <sz...@hotmail.com>.

I have to specify the actual direct name in order to set access policy. Is
there anyway for me to set directory wildcard?

Like this:

[repo:/trunk/*/bin]
* =

To disable check in any bin folder?

Thanks,
Calvin

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: How to enable user to change their own password

Posted by Kris Deugau <kd...@vianet.ca>.

Calvin wrote:
> Sounds like we need web interface for the user to change their
> password. It's unacceptable that he has to tell his password to
> admin.
> 
> I guess somebody has already done that?

Just like the handling for authentication through Apache, changing
passwords can be done using the many, MANY solutions already available -
this is NOT something unique to Subversion.  The only place where
Subversion actually handles password processing of any kind on the
server is when running svnserve, IIRC.

A quick search for "Apache authentication" should turn up a VERY long
list of useful and a few not-so-useful resources.  Add some more
keywords if you're looking for details on one particular type of
authentication backend.

-kgd
-- 
Get your mouse off of there!  You don't know where that email has been!

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

RE: How to enable user to change their own password

Posted by Calvin <sz...@hotmail.com>.

Sounds like we need web interface for the user to change their password.
It's unacceptable that he has to tell his password to admin.

I guess somebody has already done that?

Calvin

-----Original Message-----
From: Nick Pappas [mailto:nwpappas@gmail.com] 
Sent: Wednesday, July 20, 2005 5:35 PM
To: users@subversion.tigris.org
Subject: Re: How to enable user to change their own password

You could probably write a script to do this.  Not sure if there is a
setting you can change to let it happen automatically (I've never seen
an interface to change a password).

svnserver saves its password in clear text, which would be a snap to
write a script for letting users change their password online.

For Apache, you would need to give the user your server runs under
('nobody' commonly) access to the password binary.  A simple PHP
script could run it off the server with whatever parameters you need.

Aside from glaring security issues involved with giving any user the
right to run an admin binary, especially from the web server, I would
generally stay well clear of any script that runs a server script that
isn't well isolated.  One error in your script and/or one jerk who
access your script = major trouble.

On 7/20/05, Calvin <sz...@hotmail.com> wrote:
> Is there anyway to do this?
> I am using Apache, auth_svn_mod.
> 
> Thanks,
> 
> Calvin
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
> 
> 

-- 
Whatever you do - don't congratulate yourself too much, or berate
yourself either.
Your choices are half chance, and so are everybody else's.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: How to enable user to change their own password

Posted by Nick Pappas <nw...@gmail.com>.

You could probably write a script to do this.  Not sure if there is a
setting you can change to let it happen automatically (I've never seen
an interface to change a password).

svnserver saves its password in clear text, which would be a snap to
write a script for letting users change their password online.

For Apache, you would need to give the user your server runs under
('nobody' commonly) access to the password binary.  A simple PHP
script could run it off the server with whatever parameters you need.

Aside from glaring security issues involved with giving any user the
right to run an admin binary, especially from the web server, I would
generally stay well clear of any script that runs a server script that
isn't well isolated.  One error in your script and/or one jerk who
access your script = major trouble.

On 7/20/05, Calvin <sz...@hotmail.com> wrote:
> Is there anyway to do this?
> I am using Apache, auth_svn_mod.
> 
> Thanks,
> 
> Calvin
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
> 
> 

-- 
Whatever you do - don't congratulate yourself too much, or berate
yourself either.
Your choices are half chance, and so are everybody else's.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: How to enable user to change their own password

Posted by Jonathan Coles <jc...@rogers.com>.

I use a Perl script. It runs in a ScriptAlias location that requires 
authentication,
so I know who is calling the script. It then uses the Apache htpasswd 
utility
to change the password with the command:

/usr/local/apache2/bin/htpasswd -bm /home/svn/users $username  $newpasswd 2

/home/svn/users is my password file. Passwords use MD5 encryption.

Here is the entire script. I am new to Perl, so I would not be surprised
if people here find flaws or suggest improvements to it:

#!/usr/bin/perl -w
use strict;
use CGI qw(:standard);
print header;
print "<html><head>";
print "<title>Change password</title>";
print "</head><body>";
print "<FORM action=chpasswd.cgi method=GET>";
print "<table><tr><td>New password: </td>";
print "<td><input name=newpasswd type=password></td></tr>";
print "<tr><td>Confirm:</td>";
print "<td><input name=confirmpasswd type=password></td></tr>";
print "<tr><td></td><td align=center><input type=submit value='Change 
password'></td></tr></table>";
print "</FORM>";

my $username=$ENV{REMOTE_USER};
my $newpasswd = param('newpasswd');
if ($newpasswd ne undef) {
    my $confirmpasswd = param('confirmpasswd');
    if ($newpasswd eq $confirmpasswd) {
        print "<pre>";
        system ("/usr/local/apache2/bin/htpasswd -bm /home/svn/users 
$username  $newpasswd 2> /home/svn/result && cat /home/svn/result");
        print "</pre>";
     }
    else { print "<p>Confirmation doesn't match password. Try again.</p>"; }
}
else {print "<br>";}
print "<p><a href=http://172.20.120.102/>Return</a></p>";
print "</body></html>\n";


Calvin wrote:

>Is there anyway to do this?
>I am using Apache, auth_svn_mod.
>
>Thanks,
>
>Calvin
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
>For additional commands, e-mail: users-help@subversion.tigris.org
>
>
>  
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

How to enable user to change their own password

Posted by Calvin <sz...@hotmail.com>.

Is there anyway to do this?
I am using Apache, auth_svn_mod.

Thanks,

Calvin


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: svn:ignore

Posted by Günter Dannoritzer <da...@web.de>.

Calvin,

Calvin wrote:

> I set the svn:ignore property, but I can still check in files which is
> ignored.
> 
> Is it a property only affect svn:status, or actually enforced on server side
> to ignore the files?
> 
> Thanks,
> 
> Calvin

As I understand the property, the svn status command does not show the
status of files for which this property is set. If you explicitly svn
add a file and then svn commit it, it is still committed to the repository.

The other option is that svn:ignore files are not imported with a svn
import command.

Regards,

Guenter

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org