Comments on: Read-Only and Read-Write SVN Repositories

By: Matteo

Matteo — Thu, 22 May 2014 08:53:47 +0000

The problem is that if I do a chekcout of the anonymous-enabled subpath "public"as follows:
svn co https://repo_url/public
Apache always ask for a username and password

By: Matteo

Matteo — Thu, 22 May 2014 08:49:43 +0000

Hi Barney,
I need exaclty what you explained in this post: a repo with RW acces to authenticated users, but with a subpath with anonymous readonly access. So i configured apache as you suggested:

…
# Authorization
AuthzSVNAccessFile my_auth_file
Satisfy any
Require valid-user

And the authz file is as follows
[repo:/]
matteo = rw
[repo:/public]
* = r
mbrunettini = rw

But it does not work on subversion 1.6.17
Where Am I wrong?
Thanks for you help.
Matteo

By: Karthik

Karthik — Thu, 09 Jan 2014 23:07:41 +0000

Barney – Thanks for your reply. I have got it working now. Yes, my repo name is all in caps (SVNCOPY) but the actual issue was that I didn't have to specify the repo name at all. Since I declared realm name as SYNCOPY, I guess it only needed to know the parent folder names at the root level. When I corrected, it started working as expected.

Cheers,
Karthik Durairajan

By: barneyb

barneyb — Thu, 09 Jan 2014 22:48:46 +0000

Karthik,

I've never done path-based auth with multiple repositories (i.e., using SVNParentPath), but that seems like it should do what you want. Note that I think you have to repository-qualify all your paths (so the first section won't do anything). Also, I'm pretty sure the repo names are case sensitive; is your path really in all caps on the filesystem?

By: Karthik

Karthik — Wed, 08 Jan 2014 06:08:31 +0000

Hi Barney

Iâ€™ve got both authentication and authorization working as they should be in my setup. However, path based restrictions donâ€™t seem to work for sub folders. Please see Authz snippet below:

[groups]
ctrlMusers = user1, user2, user3

[/]@ctrlM = r

[SVNCOPY:/ControlM]
@ctrlM = rw
@developers = r
* =

From the above, Iâ€™m restricting write access only to ctrlMusers. But sadly, ControlM folder has too many sub directories (SVNCOPY/ControlM/trunk/AciCore/build/release1)

user3 is not able to commit a file under SVNCOPY/ControlM/trunk/AciCore/build/release1 even though he has RW access at the parent folder level (ControlM). How do I go about resolving this issue? Thanks.
Karthik

By: barneyb

barneyb — Wed, 19 Dec 2012 17:42:16 +0000

sanjog, if you don't give read access to "*", then the folder won't be visible. I don't know what your setup is, but if you have a the root set to allow anonymous read, you need only define a section for the folder you want to restrict and not give read access to it. Basically the reverse of the first example:

[/]
* = r
barneyb = rw

[/bicycle_dashboard]
barneyb = rw

Now the repository will be readable, except for the 'bicycle_dashboard' folder which is only accessible to 'barneyb'.

By: sanjog

sanjog — Wed, 19 Dec 2012 12:48:31 +0000

Hello barneyb,

I am very new to svn.
I just have setup the server and client.
I have created some repositories.
My question is –>

How do i restrict the access to some folder in a repository ? (That is, those folder should not even be visible to the user).

Kindly suggest with the code.

By: satheesh

satheesh — Thu, 26 Jul 2012 06:34:52 +0000

Am using svnserve 1.4 in windows 7. i want to set permission in authz file.
i want to give the rw permission to the subfolder if root folder is read protected . why bcoz in my repository i have lot of files & folder. so want to give rw permission for some of files & sub folders only . other folders are invisible to the user…. means…. I want to give the rw permissions to the some of the sub folders only not the entire directory….. & sub directory

    [/root]
    group1 =
    [/root/A/new/Data]
    group1 = rw
    [/root/C/Ex/Files]
    group1 = rw

If i give above code. Nothing is displayed…. Bcoz

    [/root]
    group1 =

If i give

    [/]
    group1 = rw

All folders are visible to the "group1″. I dont want like this…

other option is

    [root/B]
    group1 =
    [root/c]
    group1 =

….
like all sub folder that are not needed for group1. i dont want do like this….

pls anyone help me…………..

By: Kalpesh Soni

Kalpesh Soni — Fri, 04 May 2012 17:36:37 +0000

I have a reverse problem

I wanted every one with valid user id having write access

and a guest account with blank password having readonly access

[groups]
readonly=guest

[/]
@readonly=r
*=rw

this does not work

apache matched guest account with second line (as it is also part of *)

and hence guest gets read write access!

what do i do now?

By: vishal

vishal — Wed, 21 Dec 2011 05:31:17 +0000

Santhosh, you can use system passwd file to authenticate the SVN on SVN server, so if user want to change their password they can login to the server and change their system password which will be used by SVN authentication .

I think above solves your problem.