On Sat, Apr 29, 2006 at 10:22:50PM +1000, Michael Lake wrote:
I have a question on ownerships and permissions of subversion respositories.
I'll be using svn+ssh.
I have set up repos on an open/free OS for use with svn+ssh. svn+ssh means that repo access is protected by normal Unix user/group controls. Our users already have ssh access to the machine holding the repos, so no special ssh stuff is required - just their normal login keys. Each distinct work group has all members belonging to the same /etc/group, and I set the group of all repo files to match. This just means you need to put all workers for the same project into the same /etc/group - but they're probably already there. If the project needs different group membership, it needs a different group, and a different repo. My repos are all fsfs. I put wrappers around all svn binaries to set umask to 002, and do chown -R svn:<group> <repo> chmod -R ug+rwX,o= <repo> Because I don't use web or other access to these repos, I don't really care whether the ownership is svn or something else, as all access to this stuff happens because of g+rw. If you do want public read access, you might change repo modes to ug+rwX,o+rX. A not so good alternative might be to chown it to the user they all get to read as (say something www-ish) - in which case you might want u+rX,u-w. (My repos are not public, so I haven't tried either of these out.) -- Christopher Vance -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
