个人中心
gpt4 book ai didi

svn - 如何配置 DAV svn 访问?

转载 作者:行者123 更新时间:2023-12-04 20:51:32 26 4
gpt4 key购买 nike

我正在尝试限制对本地 subversion 服务器上存储库的访问。我已经使用 Apache 和 dav_svn_module 设置了它和 authz_svn_module .目前它运行良好,用户登录,并且可以正常提交。

我想要实现的是一个单一的存储库,它只能由一个用户读取和写入。

我的 /etc/httpd/conf.d/subversion.conf如下

<Location /svn>
   DAV svn
   SVNParentPath /var/www/svn

   # Limit write permission to list of valid users.
   <LimitExcept GET PROPFIND OPTIONS REPORT>
      # Require SSL connection for password protection.
      # SSLRequireSSL

      AuthType Basic
      AuthName "Subversion repositories"
      AuthUserFile /etc/svn-auth-users
      Require valid-user
      AuthzSVNAccessFile /etc/svnauthz.conf
   </LimitExcept>
</Location>

我的 /etc/svnauthz.conf如下所示, 
[groups]
devs = david.yell,user2,user3

[/]
$authenticated = rw
@devs = rw
* =

但是,这目前限制了对服务器上每个存储库的访问,这不太理想。如何将访问配置为特定于单个存储库?

另外,这是一个内部服务器,所以虽然我很欣赏生产方面的建议,但这不是必需的。

更新
我更新了我的 svnauthz.conf现在存档, 
[groups]
devs = david.yell,user2,user3

[ProtectedRepo:/]
david.yell = rw
* = 

[/]
$authenticated = rw
@devs = rw
* =

我试图以此作为引用, http://svnbook.red-bean.com/en/1.4/svn.serverconfig.pathbasedauthz.html但它在这里引用

To be more specific: the value of the section-names are either of the form [repos-name:path] or the form [path]. If you're using the SVNParentPath directive, then it's important to specify the repository names in your sections. If you omit them, then a section like [/some/dir] will match the path /some/dir in every repository.



这是否意味着我需要在服务器上声明每个 repo?目前大约30

最佳答案

Setup per-directory access control to distinguish the permissions of user for each WEBDAV repository/path.

In the case of Apache, one needs to load the mod_authz_svn module and then add the AuthzSVNAccessFile directive (within the httpd.conf file) pointing to your own rules-file. (For a full explanation, see the section called “Per-Directory Access Control”.) If you're using svnserve, then you need to make the authz-db variable (within svnserve.conf) point to your rules-file.

It's possible to set up finer-grained permissions using a second Apache httpd module, mod_authz_svn. This module grabs the various opaque URLs passing from client to server, asks mod_dav_svn to decode them, and then possibly vetoes requests based on access policies defined in a configuration file.

If you've built Subversion from source code, mod_authz_svn is automatically built and installed alongside mod_dav_svn. Many binary distributions install it automatically as well. To verify that it's installed correctly, make sure it comes right after mod_dav_svn's LoadModule directive in httpd.conf:


引用文献
  • Path-Based Authorization
  • Per-Directory Access Control
  • subversion source: authz.c

    • 关于svn - 如何配置 DAV svn 访问?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/6745586/

    26 4 0
    文章推荐: excel - 显示文本链接以从 Excel 打开特定的 PDF 页面
    文章推荐: sql - 影响连接的 where 子句
    文章推荐: wpf - WPF 中 ListBox 上的数据验证
    文章推荐: .net - XP上的vb.net系统提示音
    行者123
    个人简介

    我是一名优秀的程序员,十分优秀!

    滴滴打车优惠券免费领取
    滴滴打车优惠券
    全站热门文章
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com