Access control for multiple projects using SVN
I am new to SVN and trying to configure access control for multiple projects on SVN. I want to use a single password file and a single authentication file for access control for all the projects. But, it isn't working. Below is my configurations. My directory structure:
/srv
|--svn
|--repos
|-- conf
|-- passwd
|-- authz
|-- projectX
|-- projectY
|-- projectZ
projectX/conf/svnserve.conf entries for projectX:
[general]
anon-access = none
auth-access = write
password-db = /srv/svn/repos/conf/passwd
authz-db = /srv/svn/repos/conf/authz
realm = Project Repository
Same configuration is used for projectY and projectZ. Entries for /srv/svn/repos/conf/passwd:
[users]
user1 = password
user2 = password
user3 = password
Entries for /srv/svn/repos/conf/authz:
[/]
* =
user1 = rw
[projectX:/]
user2 =开发者_StackOverflow rw
user3 = r
[projectY:/]
user3 = rw
user2 = r
[projectZ:/]
user2 = r
user3 = r
So, user2 should have read-write access to projectX and user3 should have read-only access to projectX. But, only user1 can access all these repositories. user2 and user3 can never access any of the repositories. Every time it gives the error message: Commit failed (Authorization failed!) Can anyone please help me finding my error? I am using version 1.6.5 of Subversion on the server and 1.6.4 on the client.
I've successfully used this structure with Subversion 1.4:
Subversion
|-- Config
|-- a-users
|-- b-users
|--Repositories
|-- x-repos
|-- conf
|-- svnserve.conf
|-- y-repos
|-- conf
|-- svnserve.conf
... where the svnserve.conf files contained a line like this:
password-db = ../../../Config/a-users
This way I can use one password-db file for any number of repositories or I can have a separate password-db file for each repository.
If you are using Subversion > 1.4, you'll need to to take a look at how configuration has changed in newer versions. One point is that, at least in 1.4, relative paths do work. Hope this helps.
Update: I'm on unix (Mac OS X).
I think, the line
* =
is causing your trouble. Also, I would recommend using a [groups] section and add your users to groups, even if you currently have only one user per group.
Make sure you have the CaSe of the repositories (projectX...) are correct in both authz and on the client URL. Subversion has a nasty issue when using authz where checkouts are case insensitive but commits are case sensitive.
Here's an example:
svn co svn://server/projectx/trunk . // success
... // do work
svn ci // fail
svn co svn://server/projectX/trunk . // success
... // do work
svn ci // success
I've also had an issue where the last line in authz and passwd was not a blank line, i.e. adding CRLF to the last line fixed it. That was ages ago though so maybe that's fixed now.
I think it's because user2 and user3 don't have access to [/].
It is just my guess; I don't really know how to configure SVN.
精彩评论