subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy Canfield <andy.canfi...@pimco.mobi>
Subject Re: Subversion: list of respositories
Date Mon, 01 Aug 2011 04:02:41 GMT

On 07/18/2011 09:48 AM, Geoff Hoffman wrote:
>
> On Sat, Jul 16, 2011 at 11:06 PM, Andy Canfield 
> <andy.canfield@pimco.mobi <mailto:andy.canfield@pimco.mobi>> wrote:
>
>     How do you get a list of repositories from svnserver? The only way
>     I can figure out is:
>     *    ssh username@example.com <mailto:username@example.com>
>         sudo bash
>         ls -ld /var/svn/**
>     And, of course, this makes an assumption about where on the server
>     the repositories are located. There 'ought' to be an easier way.
>
>
>
> Andy,
> I read (skimmed) all your posts, and I'm a little confused but I think 
> I know where you're going. I'm not sure if you're using Apache to 
> serve your repositories. If you are, you should check out this:Â 
> http://davidwinter.me/articles/2006/03/03/access-control-for-subversion-with-apache2-and-authz/
 
> and  this https://help.ubuntu.com/community/Subversion
>
> I recently followed the blog above and got everything setup how I 
> think you want it. You can control user access to multiple repos in 
> three ways, the blog explains it all, except one thing. I found that 
> this is for folder-level control on one repository:
>
> |[/]
> @team = r
> bob = rw
>
> [/wowapp/trunk]
> @team = r
> @devteam = rw
> brenda = rw|
>
> In my authz control file, multiple repositories are done like this 
> (note the repo name and colon):
>
> |[repoA:/]
> @team = r
> bob = rw
>
> [repoB:/]
> @team = r
> @devteam = rw
> brenda = rw|
>
> I also put websvn on it, and use the configuration optionÂ
>
> $config->useAuthenticationFile('/path/to/your/authz/file');
>
> which I found on this stackoverflow QA 
> <http://serverfault.com/questions/13853/how-do-i-restrict-repository-access-via-websvn>.Â

>
> http://serverfault.com/questions/13853/how-do-i-restrict-repository-access-via-websvn
WebSVN is now working for me. However http://SERVER/svn is not. I point 
my browser to "http://SERVER/svn"and I get "403 Forbidden".

My dav_svn.conf file includes these lines:
     SVNParentPath /Subversion
     SVNListParentPath on
     Deny from all
     Satisfy any
     AuthzSVNAccessFile /Subversion/conf/authz

The authz file includes these lines:
     [groups]
     everybody = andy,louis,spencer
     [/]
     @everybody = r
     [subdoc:/]
     andy = rw
     [gamble:/]
     @everybody = rw
     [fred3:/]
     spencer = rw
Now AFAIK this should mean that there is a group named "everybody" which 
includes all Subversion users, and that group everybody has read access 
to every repository, and user andy has read/write access to 'subdoc', 
and group everybody has read/write access to 'gamble', and that only 
user spencer has write access to 'fred3'.

I am user andy. I can point my browser to "http://SERVER/svn/subdoc" or 
even "http://SERVER/svn/fred3" with no problem, but not 
"http://SERVER/svn" -- 403 Forbidden.  I think I've done everything that 
the documentation says I should do, but it doesn't work.

FYI, I am running Subversion 1.6.12dfsg-4ubuntu2.1.

So how do I give group everybody (but not all users on the server, i.e. 
@everybody but not *) read access to $SVNParentPath ?


Mime
View raw message