You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@subversion.apache.org by Christian Foerg <ch...@alfavision.de> on 2006/09/14 13:33:55 UTC

Not authorized

Hi everybody!

I got an autorisation problem on svn.
I'm running svnserve and do the authorisation with a passwd and a authz  
file.
Here the content:

svnserve.conf:
   anon-access = read
   auth-access = write
   password-db = passwd
   authz-db = authz
   realm = alfa
passwd:
   [users]
   foerg = something
authz:
   [groups]
   alfa = foerg
   [/]
   @alfa = rw
   * = r
   [/Libs]
   @alfa = rw
   * = r
   [/Header]
   @alfa = rw
   * = r
   [/Source]
   @alfa = rw
   root = r
   * =

Everything on the authentification works just perfect except:
(I use RapidSVN from Windows)
If I try to checkout the directory "/Source", at logged-in state, of  
course.
I get the error message "Not authorized to open root of edit operation".
If I set "* = r" it works. But i'dont want everyone to checkout the  
sources.

Any idea???


Thx
Christian

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

RE: Not authorized

Posted by Thomas Hemmer <th...@go-engineering.de>.

You're right, sorry.
anon-access = none is mandatory for my suggestion to work.


Best regards,

Thomas




> -----Original Message-----
> From: ??? [mailto:zhengxinxing@gmail.com]
> Sent: Friday, September 15, 2006 12:46 PM
> To: Thomas Hemmer
> Cc: Christian Foerg; users@subversion.tigris.org
> Subject: Re: Not authorized
>
> 2006/9/14, Christian Foerg <ch...@alfavision.de>:
> > svnserve.conf:
> >    anon-access = read
> >    auth-access = write
> >    password-db = passwd
> >    authz-db = authz
> >    realm = alfa
> > passwd:
> >    [users]
> >    foerg = something
> > authz:
> >    [groups]
> >    alfa = foerg
> >    [/]
> >    @alfa = rw
> >    * = r
> >    [/Libs]
> >    @alfa = rw
> >    * = r
> >    [/Header]
> >    @alfa = rw
> >    * = r
> >    [/Source]
> >    @alfa = rw
> >    root = r
> >    * =
> >
> > Everything on the authentification works just perfect except:
> > (I use RapidSVN from Windows)
> > If I try to checkout the directory "/Source", at logged-in
> state, of
> > course.
> > I get the error message "Not authorized to open root of
> edit operation".
> > If I set "* = r" it works. But i'dont want everyone to checkout the
> > sources.
> >
>
> change your svnserve.conf:
>
>     from
>         anon-access = read
>         auth-access = write
>
>     to
>         #anon-access = read
>         auth-access = write
>
>     or
>
>         anon-access = none
>         auth-access = write
>
>
> I got the same error several days ago. See
> http://subversion.tigris.org/servlets/ReadMsg?listName=users&m
> sgNo=54699
> I guess may be it is a bug.
>
>
> 2006/9/15, Thomas Hemmer <th...@go-engineering.de>:
> > Christian,
> >
> > simply omit the line
> >
> > * =
> >
> > within the [/source] section, and it should work fine.
>
> Delete "* =" within the [/source] section cannot work.
> The only solution in my system is to get rid of the anonymous
> read from svnserve.conf. Did I miss something?
>
> Thanks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: Not authorized

Posted by 郑新星 <zh...@gmail.com>.

2006/9/14, Christian Foerg <ch...@alfavision.de>:
> svnserve.conf:
>    anon-access = read
>    auth-access = write
>    password-db = passwd
>    authz-db = authz
>    realm = alfa
> passwd:
>    [users]
>    foerg = something
> authz:
>    [groups]
>    alfa = foerg
>    [/]
>    @alfa = rw
>    * = r
>    [/Libs]
>    @alfa = rw
>    * = r
>    [/Header]
>    @alfa = rw
>    * = r
>    [/Source]
>    @alfa = rw
>    root = r
>    * =
>
> Everything on the authentification works just perfect except:
> (I use RapidSVN from Windows)
> If I try to checkout the directory "/Source", at logged-in state, of
> course.
> I get the error message "Not authorized to open root of edit operation".
> If I set "* = r" it works. But i'dont want everyone to checkout the
> sources.
>

change your svnserve.conf:

    from
        anon-access = read
        auth-access = write

    to
        #anon-access = read
        auth-access = write

    or

        anon-access = none
        auth-access = write


I got the same error several days ago. See
http://subversion.tigris.org/servlets/ReadMsg?listName=users&msgNo=54699
I guess may be it is a bug.


2006/9/15, Thomas Hemmer <th...@go-engineering.de>:
> Christian,
>
> simply omit the line
>
> * =
>
> within the [/source] section, and it should work fine.

Delete "* =" within the [/source] section cannot work.
The only solution in my system is to get rid of the anonymous read
from svnserve.conf. Did I miss something?

Thanks

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

RE: Not authorized

Posted by Thomas Hemmer <th...@go-engineering.de>.

Christian,

simply omit the line

* =

within the [/source] section, and it should work fine.

This is because initially nobody at all has access (neither read nor write) to
/Source, so there is no need to explicitly revoke permissions for "everyone".
After all research I have done on this topic it seems to me as if a "deny"
always wins over an "allow" that is placed on the same item which is why you
can't follow the approach "first of all deny everything from everyone and then
grant permissions as needed".


Hope this helps,

Thomas



> -----Original Message-----
> From: Christian Foerg [mailto:christian.foerg@alfavision.de]
> Sent: Thursday, September 14, 2006 3:34 PM
> To: users@subversion.tigris.org
> Subject: Not authorized
>
>
> Hi everybody!
>
> I got an autorisation problem on svn.
> I'm running svnserve and do the authorisation with a passwd
> and a authz file.
> Here the content:
>
> svnserve.conf:
>    anon-access = read
>    auth-access = write
>    password-db = passwd
>    authz-db = authz
>    realm = alfa
> passwd:
>    [users]
>    foerg = something
> authz:
>    [groups]
>    alfa = foerg
>    [/]
>    @alfa = rw
>    * = r
>    [/Libs]
>    @alfa = rw
>    * = r
>    [/Header]
>    @alfa = rw
>    * = r
>    [/Source]
>    @alfa = rw
>    root = r
>    * =
>
> Everything on the authentification works just perfect except:
> (I use RapidSVN from Windows)
> If I try to checkout the directory "/Source", at logged-in
> state, of course.
> I get the error message "Not authorized to open root of edit
> operation".
> If I set "* = r" it works. But i'dont want everyone to
> checkout the sources.
>
> Any idea???
>
>
> Thx
> Christian
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org