I've found the problem. The user didn't belong to the %PROJECT unix group, which is very weird, since it belongs to the project on the Savane main page.
Any ideas on why the user is not being added to the %PROJECT unix group? Had to do this manually. Thanks again. -- Mário Lopes On 8/22/05, Timothee Besset <[EMAIL PROTECTED]> wrote: > Mário Lopes wrote: > > >Yeah, you seem right. WebDAV isn't very secure, at least, not as > >secure as tunneling through SSH. > > > >I decided to do this because I was having problems with permissions > >using SSH. When I try to commit something, it returns permission > >denied. The repository is set to root/%PROJECT-GROUP so what could be > >the problem? Isn't the sv_membersh running as the same unix group? > > > > > That may just be a problem with umask and such. Also related to the > backend choice, we use fsfs because the bdb ones have weird permission > requirements to work correctly ( if I remember right, with bdb group > read is not enough, you also need to have group write to write to the > repo .. well it's just screwed up enough that you don't want to use it > really ). > > TTimo > > >Thanks again for your kind replies. > > > >-- Mário Lopes > > > >On 8/22/05, Timothee Besset <[EMAIL PROTECTED]> wrote: > > > > > >>Well it's pretty much all there: > >>http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html > >> > >>If you need write access control for webdav, you need to maintain global > >>AuthzSVNAccessFile and AuthUserFile. They say you can modify it live > >>while the server is running. > >> > >>A more scalable solution would be an LDAP backend or such for authz, but > >>that requires apache API changes ( which have been proposed and are > >>discussed, but are not there yet ). > >> > >>So that's basically the reasons we're not doing it at gna: > >> > >>- we only have ssh keys, we don't actually have passwords anywhere > >>- password over http isn't safe compared to svn over ssh with ssh keys > >>auth. I guess we'd want it at least https, even better may be with > >>client side certificates ( then it reaches about the same security level > >>as svn+ssh ) > >>- the apache server runs as www-data. don't have write permissions to > >>the repositories at all atm. if you are going to run apache with enough > >>priviledges to write to the repo, you have to carefully setup > >>permissions so you don't break write for the svn+ssh. > >> > >>TTimo > >> > >>[EMAIL PROTECTED] wrote: > >> > >> > >> > >>>Timothee, do you have any idea regarding Mario Lopes issue? > >>> > >>> > >>> > >>> > >>> > >>>>I've been trying to set up savane with subversion for the last > >>>>couple of days. My desire was to have subversion available from > >>>>Apache with WebDAV, and for anonymous access, everything is running > >>>>fine. > >>>> > >>>>Since WebDAV doesn't support authentication through MySQL nor unix > >>>>users/groups, I was wondering how to manage authentication. Is there > >>>>any script that manages this? I'm using 1.0.7 > >>>> > >>>>Unfortunately, there isn't any tutorial available on this subject. I > >>>>don't mind at all to write one as soon as I manage to solve this. > >>>> > >>>>Any help on this subject would be great. Thanks in advance. > >>>> > >>>>Kind Regards, > >>>> > >>>>Mário Lopes > >>>> > >>>> > >>>> > >>>> > >> > >> > >
