[lug] setting subversion permissions with apache/mod_dav

[D. Stimits]

Amar Vattakandy wrote:

> Hi,
>
> If I understand the issue right, if everything else is setup right, 
> all you need is the line
> Require valid-user in your .conf file.

Instead of valid-user I have valid-group, which has a list of users. 
Each user has a password required. The problem is it only prompts for a 
password from a web client like mozilla, it still allows full read/write 
to everyone using the svn client.

> A (could be) useful note, rather than using basic auth, for ease of 
> administration, it might be worth using the NIS password 
> authentication. A google search on this should get you to an example. 
> Basically it uses
> the perl module Apache::AuthenNIS. Hopefully someone could comment on 
> the strength of this method.

It's looking like something like NIS might be useful...I'll have to look 
into it. My main problem is I'm only able to research and work on these 
things on the weekend, no time available during weekdays (sadly, there 
are still other things I also have to do on weekends)...I tend to get a 
lot less time for research.

> ...
>
>
>     <Location /svn>
>        Options Indexes MultiViews
>        AllowOverride None
>        Order deny,allow
>        DAV svn
>        SVNParentPath /var/www/svn
>        SSLRequireSSL
>        AuthType Basic
>        AuthName "Subversion Repository"
>        AuthUserFile /etc/passwd-httpd
>        AuthGroupFile /etc/group-httpd
>        Require group devel
>     </Location>
>
...

D. Stimits, stimits AT comcast DOT net