On Sun, 2006-08-06 at 14:26 +0200, Aust, Christian wrote: > Hi, > > I'm trying to use a subversion svnaccess file to have precise > restrictions on my multi-projects apache2 trac setup. I'm running > Debin sarge on the server and manually updated mod_python, sqlite > (sqlite3) and pysqlite to their latest stable versions. trac is > working fine, except for giving attention to my permission settings. > > Besides from the standard directives, this is my apache2 config: > > <Location /> > SetHandler mod_python > PythonHandler trac.web.modpython_frontend > PythonOption TracEnvParentDir /var/trac > PythonOption TracUriRoot / > </Location> > > <LocationMatch "/[^/]+/login"> > AuthType Basic > AuthName "Trac" > AuthUserFile /home/my-support/domains/trac/.htaccess > AuthGroupFile /home/my-support/domains/trac/.htgroups > require valid-user > </LocationMatch> > > <Location /svn> > Dav svn > SVNParentPath "/var/svn" > ModMimeUsePathInfo on > AuthzSVNAccessFile "/home/my-support/domains/trac/svnaccess" > AuthName "Subversion repository" > AuthUserFile /home/my-support/domains/trac/.htaccess > AuthGroupFile /home/my-support/domains/trac/.htgroups > Require valid-user > DavDepthInfinity on > </Location> > > The trac.ini contains: > > [trac] > default_charset = iso-8859-15 > ignore_auth_case = false > permission_store = DefaultPermissionStore > check_auth_ip = true > database = sqlite:db/trac.db > repository_dir = /var/svn/Heimeier > authz_file = /home/my-support/domains/trac/svnaccess > authz_module_name = Heimeier > templates_dir = /usr/share/trac/templates > default_handler = WikiModule > metanav = login,logout,settings,help,about > mainnav = wiki,timeline,roadmap,browser,tickets,newticket,search > > I'm not sure about the correctness of the value "authz_module_name" > however this reflects both the name of my trac environment under > TracEnvParentDir as well as the name of the svn repository under > SVNParentPath. My svnaccess file contains:
Yes, the authz_module_name is correct. > [groups] > admin = christian > > [/] > * = > @admin = rw > > [Heimeier:/] > @admin = rw > * = r > > Since it doesn't seem to pick up the permissions, I wonder if... > > (1) I need to manually add permissions to trac? > (2) I would know if trac is picking up the right configuration? > (3) my svnaccess file is correct at all. > > Can anybody please assist me in getting this to work? Kind regards, How are you testing the permissions? You've given everyone read access to the "Heimier" repository, so since Trac doesn't write to the database you won't notice any differences in its behavior. You'd only see the effects if you tried to commit to the repository as another user, since only "christian" will be able to commit. -- Matthew Good <[EMAIL PROTECTED]> _______________________________________________ Trac mailing list [email protected] http://lists.edgewall.com/mailman/listinfo/trac
