Linux : How to set up "global" user / passwords / groups file in svn

Simmoniz picture Simmoniz · May 31, 2012 · Viewed 7.8k times · Source

I'm trying to set up global user / group access to all my svn repositories on Linux. Since I am very new to svn / linux stuff can someone take a look at what I have set up. I still get a "Invalid authz configuration". Here is how I proceed :


Svn installed / properly working. Serving path home/svn/repos/.

"my_project" created, works using simple auth. Path is home/svn/repos/my_project/.

My "global" user / password + groups file /home/svn/passwd

[groups]
team_a = tom, sim
team_b = jake, roy
prod = frank
[users]
tom = j9uems
sim = 90uifs
jake = fd9j8p
roy = 8ujwek
frank = 8jfjel

My configuration file home/svn/repos/my_project/conf/svnserve.conf

[general]
anon-access = none
auth-access = write
password-db = /home/svn/passwd
authz-db = authz

My authorization file home/svn/repos/my_project/conf/authz

[/]
# this project is a team_a project. But jake can have a read acces to it
@team_a = rw
@team_b =
jake = r
@prod = r

Answer

Simmoniz picture Simmoniz · May 31, 2012

Ok I Found out a better way to set up a global authentifications / access. If that info could help...

To remove or create a new user, I used a a global "passwd" file (no groups!) /home/svn/passwd

[users]
tom = j9uems
sim = 90uifs
jake = fd9j8p
roy = 8ujwek
frank = 8jfjel

To manage groups and global access to repositories on the server, I used a global "authz" file /home/svn/authz

[groups]
team_a = tom, sim
team_b = jake, roy
prod = frank

[my_project:/]
# access denied for everyone
* =
@team_a = rw
jake = r
@prod = r

All repositories must have the same svnserve.conf home/svn/repos/my_project/conf/svnserve.conf

[general]
anon-access = none
auth-access = write
password-db = /home/svn/passwd
authz-db = /home/svn/authz

Note that access may be granted to any groups / users to any path of any repos. For example if "prod" group needs to have full access to "production" folder of that project, that is possible :

[my_project:/production]
@prod = rw