LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 02-18-2011, 11:14 AM   #1
Evstrati
LQ Newbie
 
Registered: Jan 2009
Posts: 24

Rep: Reputation: 0
A question about rights and SVN server usage


Hello,

I am setting up an SVN server (svn+ssh) that will be used by students at the university where I work. I was considering in the beginning, one single repository and eventually creating directories for each project inside the repository.

It seems to me now, that it is not very secure way of doing things. The directory on the server will be with rights 770 and this means that every student can come on the server and sweep out the whole repository. Also mistakenly or not, every student can 'svn delete' the whole repository, which could be a nightmare to recover from.

An issue might be to create groups and then assign users to groups and then create many repositories and each repository to be assigned with group. This means that I will have to manage tens or hundreds of repositories -- maybe not very common task.

Could someone please give me an advice of how could what is an optimal solution for this working environment.

Thanks in advance,
E.
 
Old 02-18-2011, 03:35 PM   #2
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Rep: Reputation: 78
Just out of curiosity, why would the svn dir be 770? Can you not give just an SVN user access to the dir and delegate permissions within SVN to sub-folders? I'm not sure SVN supports this, but it seems like it should.
 
Old 02-18-2011, 03:36 PM   #3
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Rep: Reputation: 78
Yes I believe SVN has users that are distinct from the linux user:
http://help.joyent.com/index.php?id=55&pg=kb.page
 
Old 02-21-2011, 07:14 AM   #4
Evstrati
LQ Newbie
 
Registered: Jan 2009
Posts: 24

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by sneakyimp View Post
Yes I believe SVN has users that are distinct from the linux user:
http://help.joyent.com/index.php?id=55&pg=kb.page
Thank you for this link and the answer. In fact I would like to use svn+ssh in order to use my NIS database with couple of hundred of users inside. It would be more difficult IMHO to add users by hand. Any ideas ?
 
Old 02-21-2011, 11:12 AM   #5
sneakyimp
Senior Member
 
Registered: Dec 2004
Posts: 1,056

Rep: Reputation: 78
I must admit I don't have much experience as svn admin. SVN has more detailed documentation here. I suppose it will be necessary to determine all the files that are affected when you add a user and permissions and write some kind of script to generate the files.
 
Old 02-21-2011, 11:17 AM   #6
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,278

Rep: Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694Reputation: 1694
Quote:
Originally Posted by Evstrati View Post
Hello,

I am setting up an SVN server (svn+ssh) that will be used by students at the university where I work. I was considering in the beginning, one single repository and eventually creating directories for each project inside the repository.

It seems to me now, that it is not very secure way of doing things. The directory on the server will be with rights 770 and this means that every student can come on the server and sweep out the whole repository. Also mistakenly or not, every student can 'svn delete' the whole repository, which could be a nightmare to recover from.

An issue might be to create groups and then assign users to groups and then create many repositories and each repository to be assigned with group. This means that I will have to manage tens or hundreds of repositories -- maybe not very common task.

Could someone please give me an advice of how could what is an optimal solution for this working environment.

Thanks in advance,
E.
A single repository with multiple projects will work. You just have to manage the users in the 'conf/passwd' file, and also manage user or group permissions to each directory in the 'conf/authz' file. From the authz file you can give 'read, write or none' permissions to users or groups of users. This fits the description of what you would like to do.
 
  


Reply

Tags
rights, svn


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Svn client on FC10: remote SVN server update errs: timed out waiting for srvr ... Amol Tupe Linux - Software 0 10-01-2010 04:25 AM
SVN Server Question athomas Linux - Server 3 04-26-2010 05:47 AM
SVN Question athomas Linux - Server 1 04-19-2010 09:32 AM
Nagios check_asterisk_peers needs rights to question the Asterisk-server jonaskellens Linux - Server 1 12-02-2009 09:57 AM
question concerning rights and apache akthr Linux - General 1 01-22-2002 04:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration