You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Oliver Marshall <ol...@g2support.com> on 2009/01/21 13:40:26 UTC
SVN folder permissions in linux
Hi chaps,
What's the official stance on what the permissions should be for the svn repos folder on an SVN server running linux? Apache runs as www-data, so I'm guessing that our SVN parentpath (/svn here) has to be owned by www-data with r+w for just that user and +r for any other user.
Is that right, or are their specific exceptions for certain folders within each of the SVN repo structures ?
Olly
--
Important notice:
We have moved offices. Our new address is below.
G2 Support
Network Support : Online Backups : Server Management
Tel: 0870 904 3443
Email: oliver.marshall@g2support.com<ma...@g2support.com>
Web: http://www.g2support.com<http://www.g2support.com/>
Mail: 2nd Floor, 130a Western Rd, Brighton, Sussex, BN12LA
G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE
BN3 7LE. Our registered company number is OC316341.
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1041194
To unsubscribe from this discussion, e-mail: [users-unsubscribe@subversion.tigris.org].
Re: SVN folder permissions in linux
Posted by David Weintraub <qa...@gmail.com>.
It depends upon whether you use ssh+svn protocol or not.
All files under the repository directory need read and write
permission for the user who is running the server process. For
http://, this would be the Apache user which can be apache, www-run,
or www-data depending upon the Apache installation. I believe most
Linux distros run Apache as user "apache" as the default, but SUSE
runs it as "wwwrun". Directories, of course, need read/write/execute
permission for the server user.
Beyond that, giving groups and others "read only" access is up to you.
Normally, groups and others are given "read only" access, but I can
imagine some situations where you don't want users to be able to view
the Subversion repository or copy it out.
If you are running , ssh+svn, you need to make sure that the group
access is also read/write for files and directories. Again, you can do
this via the umask setting for the user running the svnserve process.
Typical for svnserve and httpd:
Files: rw-r--r--
Directories: rwx-r-xr-x
Owner is the user running the httpd or svnserve process
For ssh+svn:
Files: rw-rw-r--
Directories: rwxrwxr-x
Owner is the user running the svnserve process. Group must be
the development group that works on these files.
On Wed, Jan 21, 2009 at 8:40 AM, Oliver Marshall
<ol...@g2support.com> wrote:
> Hi chaps,
>
>
>
> What's the official stance on what the permissions should be for the svn
> repos folder on an SVN server running linux? Apache runs as www-data, so I'm
> guessing that our SVN parentpath (/svn here) has to be owned by www-data
> with r+w for just that user and +r for any other user.
>
>
>
> Is that right, or are their specific exceptions for certain folders within
> each of the SVN repo structures ?
>
>
>
> Olly
>
>
>
> --
>
> Important notice:
>
> We have moved offices. Our new address is below.
>
>
>
> G2 Support
>
> Network Support : Online Backups : Server Management
>
>
>
> Tel: 0870 904 3443
>
> Email: oliver.marshall@g2support.com
>
> Web: http://www.g2support.com
>
> Mail: 2nd Floor, 130a Western Rd, Brighton, Sussex, BN12LA
>
>
>
> G2 Support LLP is registered at Mill House, 103 Holmes Avenue, HOVE
>
> BN3 7LE. Our registered company number is OC316341.
>
>
>
>
>
>
--
--
David Weintraub
qazwart@gmail.com
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1041608
To unsubscribe from this discussion, e-mail: [users-unsubscribe@subversion.tigris.org].