Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
02-18-2011, 11:14 AM
|
#1
|
LQ Newbie
Registered: Jan 2009
Posts: 24
Rep:
|
A question about rights and SVN server usage
Hello,
I am setting up an SVN server (svn+ssh) that will be used by students at the university where I work. I was considering in the beginning, one single repository and eventually creating directories for each project inside the repository.
It seems to me now, that it is not very secure way of doing things. The directory on the server will be with rights 770 and this means that every student can come on the server and sweep out the whole repository. Also mistakenly or not, every student can 'svn delete' the whole repository, which could be a nightmare to recover from.
An issue might be to create groups and then assign users to groups and then create many repositories and each repository to be assigned with group. This means that I will have to manage tens or hundreds of repositories -- maybe not very common task.
Could someone please give me an advice of how could what is an optimal solution for this working environment.
Thanks in advance,
E.
|
|
|
02-18-2011, 03:35 PM
|
#2
|
Senior Member
Registered: Dec 2004
Posts: 1,056
Rep:
|
Just out of curiosity, why would the svn dir be 770? Can you not give just an SVN user access to the dir and delegate permissions within SVN to sub-folders? I'm not sure SVN supports this, but it seems like it should.
|
|
|
02-21-2011, 07:14 AM
|
#4
|
LQ Newbie
Registered: Jan 2009
Posts: 24
Original Poster
Rep:
|
Quote:
Originally Posted by sneakyimp
|
Thank you for this link and the answer. In fact I would like to use svn+ssh in order to use my NIS database with couple of hundred of users inside. It would be more difficult IMHO to add users by hand. Any ideas ?
|
|
|
02-21-2011, 11:12 AM
|
#5
|
Senior Member
Registered: Dec 2004
Posts: 1,056
Rep:
|
I must admit I don't have much experience as svn admin. SVN has more detailed documentation here. I suppose it will be necessary to determine all the files that are affected when you add a user and permissions and write some kind of script to generate the files.
|
|
|
02-21-2011, 11:17 AM
|
#6
|
Senior Member
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278
|
Quote:
Originally Posted by Evstrati
Hello,
I am setting up an SVN server (svn+ssh) that will be used by students at the university where I work. I was considering in the beginning, one single repository and eventually creating directories for each project inside the repository.
It seems to me now, that it is not very secure way of doing things. The directory on the server will be with rights 770 and this means that every student can come on the server and sweep out the whole repository. Also mistakenly or not, every student can 'svn delete' the whole repository, which could be a nightmare to recover from.
An issue might be to create groups and then assign users to groups and then create many repositories and each repository to be assigned with group. This means that I will have to manage tens or hundreds of repositories -- maybe not very common task.
Could someone please give me an advice of how could what is an optimal solution for this working environment.
Thanks in advance,
E.
|
A single repository with multiple projects will work. You just have to manage the users in the 'conf/passwd' file, and also manage user or group permissions to each directory in the 'conf/authz' file. From the authz file you can give 'read, write or none' permissions to users or groups of users. This fits the description of what you would like to do.
|
|
|
All times are GMT -5. The time now is 03:41 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|