Andrew Lentvorski wrote: > Administering an SCM in a multi-user academic environment is a *pain in > the ass*. I spent 40-50 hours simply setting up the repository so that > I could use it to do automated code checkout and automated tests. >
> The problem is that the SCM guys never give any thought to security. I > have 30 students. I should be able to check out and modify their > source, but they should not be able to see and modify each other. This would seem to be a solved problem with HTTP because lots of place now have intranets with appropriate security controls etc. Subversion can use HTTP to access the repository and it uses the standard Apache access controls. Done. At least that's how I've done it at my shop which has similar restrictions. Sure didn't take 40-50 hours. :) > So, how do I set that up without root access to the repository machine? You are in charge of administering the SCM but don't have access to the SCM system? Yes, that would be hard. A more practical situation would be that the SCM runs as a user, say for example, svn, and you have access to that user. You can run an apache/subversion as that user and control access as described above. You can even auth off of LDAP and use a nice GUI interface which talks to LDAP to control who has access to which. -- Tracy R Reed http://ultraviolet.org -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
