Hello Gunnar!
On Saturday 13 February 2010 Gunnar Thielebein wrote:
> >> The solution is to create the folder via svn_config_ensure,
> >> somewhere before svn_cmdline_setup_auth_baton.
> >
> > Fine, can you commit that?
>
> Committed with [2426].
Thank you.
> >> Credentials should be stored userwise so we reuse svn's user path in
> >> svn_cmdline_setup_auth_baton. I hope thats OK for fsvs in all remote
> >> access scenarios.
> >
> > Do I understand you correctly that you want to use $HOME/... as
> > config_dir?
>
> No, the config_dir should always be in /etc, /etc/fsvs or whatever you
> configure it for. All global settings for ssl/ssh-svn access should be
> stored in the servers file in subfolder /svn, e.g.
...
> What svn and now also fsvs creates looks like that:
> > ls ~/.subversion/auth/
> > svn.simple svn.ssl.client-passphrase svn.ssl.server svn.username
Could you write some documentation about that? Maybe another HOWTO would be
appropriate.
> Only caveat i've seen by now is that with the use of sudo the folder in
> home is created with root privileges so when using the normal svn client
> this folder will only be accessible by root. One option is to switch from
> ~/.subversion to ~/.fsvs to keep the configuration seperate. Other would
> be suid to the SUDO_USER when creating the folders.
As it's only the creation that makes problems, a single FSVS run as user or
"sudo chown" should fix that, right?
I'd like to avoid doing things like setuid() in FSVS ... that makes security
much worse.
> Btw. do you know about problems when creating files in nfs-based
> homefolders with uid 0?
Only if there's root_squash defined.
Regards,
Phil
--
Versioning your /etc, /home or even your whole installation?
Try fsvs (fsvs.tigris.org)!
------------------------------------------------------
http://fsvs.tigris.org/ds/viewMessage.do?dsForumId=3923&dsMessageId=2447266
To unsubscribe from this discussion, e-mail: [[email protected]].
