You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Matthias Fechner <id...@fechner.net> on 2008/03/13 11:38:21 UTC
Directory based access
Hi,
I have here my repository under /usr/local/svn/testrepo.
Access to it is realized with ssh and scponly as shell which works
perfectly.
The structure of the repository is:
/trunk
/branches
/tags
And under that directories are subdirectories.
Now I tried to limit access to it but I have no idea howto write the
directory in the authz file.
I have in svnserve.conf:
[general]
anon-access = none
auth-access = read
auth-access = write
authz-db = authz
realm = Test Repository
In the file authz:
[groups]
software-readonly = test
[/]
@software-readonly =
[testrepo:/trunk]
@software-readonly = r
But the access for the user test is denied, what is wrong here?
(If I disable the authz-db line in the svnserve.conf everything is
working again but without directory limitation).
Best regards,
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Directory based access
Posted by Matthias Fechner <id...@fechner.net>.
Hi Matt,
Matt imMute Sickler wrote:
> We will need more of the authz file inorder to help. What you gave us
> is not enough.
thx for your answer, I will try to sum it up again.
The repository is located under:
/usr/local/svn/test
The structure is:
/trunk
/trunk/sw
/trunk/hw
/branches
/tags
The users login via ssh (svn+ssh://).
What I want now is to limit access to /trunk/sw and /trunk/hw to two
different groups of users.
For that i defined groups in authz with:
[groups]
software-read = test
hardware-read = test2
Then I forbid access to the directory:
[/]
@software-read =
@hardware-read =
The I tried to allow accces for the groups but that fails and I have no
idea how to do it correctly:
[test:/trunk/hw]
@hardware-read = rw
[test:/trunk/sw]
@software-read = rw
I think the problem is the [test:/trunk/hw] but I found nothing in the
documentation howto really write that line correctly, can someone help
me here please?
Best regards,
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Directory based access
Posted by Matt imMute Sickler <im...@msk4.ath.cx>.
Matthias Fechner wrote:
> Hi,
>
> Matthias Fechner schrieb:
>> [/]
>> @software-readonly =
>>
>> [testrepo:/trunk]
>> @software-readonly = r
>>
>> But the access for the user test is denied, what is wrong here?
>> (If I disable the authz-db line in the svnserve.conf everything is
>> working again but without directory limitation).
>
> can here really no one help?
>
> Best regards,
> Matthias
>
We will need more of the authz file inorder to help. What you gave us
is not enough.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Directory based access
Posted by Matthias Fechner <id...@fechner.net>.
Hi,
Matthias Fechner schrieb:
> [/]
> @software-readonly =
>
> [testrepo:/trunk]
> @software-readonly = r
>
> But the access for the user test is denied, what is wrong here?
> (If I disable the authz-db line in the svnserve.conf everything is
> working again but without directory limitation).
can here really no one help?
Best regards,
Matthias
--
"Programming today is a race between software engineers striving to
build bigger and better idiot-proof programs, and the universe trying to
produce bigger and better idiots. So far, the universe is winning." --
Rich Cook
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org