How to configure SVN web access for different write permissions?
Solution 1
Changing Apache config
<Location /svn>
to
<Location /svn/>
fixes the problem of 403 error on directory listing
Solution 2
SVNPath is for one repository, SVNParentPath is for a root directory containing several repositories. So you should remove your second location in the Apache configuration file because it conflicts with the first if you try to access http://<host>/svn/foobar.
You should put absolute paths for the access and authentication files, make sure the Apache service has read/write access to the parent directory and all the repositories, and read access to those access and authentication files, it is often overlooked in manual installations.
For example:
<Location /svn>
RedirectMatch ^(/svn)$ $1/
SVNParentPath E:\SVN
DAV svn
SVNListParentPath on
AuthType Basic
AuthName "Subversion repositories"
Require valid-user
AuthUserFile C:\SVN\conf\svn-auth.txt
AuthzSVNAccessFile C:\SVN\conf\svn-acl.txt
</Location>
You will find all the necessary information in Version Control with Subversion (this is the link to the latest version, though the Apache configuration settings haven't changed lately).
Then you should be able to specify global or individual permissions for groups and users, for your repositories. Examples of that can be found here, with the name you gave:
[groups]
full = abatishchev, anotherguy
main = abatishchev
[/]
* = r
@full = rw
abatishchev = rw
[foobar:/]
* =
@main = rw
full = r
[otherproject:/]
@main = rw
full = r
In this example, you have set general rules in [/], then particular rules that will prevail for foorbar (and everything below), and otherproject. You can even specify specific rules for individual directories of a repository.
Solution 3
This is not a direct answer to your question, and it is always great to learn stuff from the ground up as you are doing it now, but seeing as you're on a Windows machine I thought I'd mention VisualSVN server. It's a point-and-click, very nice to configure wrapper to the SVN binaries that provides a web access of its own as well.
abatishchev
This is my GUID. There are many like it but this one is mine. My GUID is my best friend. It is my life. I must master it as I must master my life. Without me, my GUID is useless. Without my GUID I am useless.
Updated on June 04, 2022Comments
-
abatishchev almost 2 years
I'm trying to configure SVN web access on Apache2 under Windows Server 2008 for different write permissions.
I have next Apache2 conf:
<Location /svn> SVNParentPath "E:\SVN" DAV svn SVNListParentPath on AuthType Basic AuthName "Subversion repositories" Require valid-user AuthUserFile svn-auth.txt AuthzSVNAccessFile svn-acl.txt </Location> <Location /svn/foobar> SVNParentPath "E:\SVN\foobar" DAV svn SVNListParentPath on AuthType Basic AuthName "Subversion repositories" Require valid-user AuthUserFile svn-auth.txt AuthzSVNAccessFile svn-acl.txt </Location>E:\SVNis a root directory for all repositories - I want to list the all. It containsE:\SVN\test- is a project repository.and
E:\SVN\foobar- is a sub-root directory containingE:\SVN\foobar\fooandE:\SVN\foobar\bar- project repositories.File
svn-auth.txtcontains a number of user passwords generated byhtpasswd.exeFile
svn-acl.txtcontains a write access rules, but it doesn't work! Event it contains only one global permission:[/] * = rwWhat is the different between
SVNPathandSVNParentPathin Apache2 config for SVN? Maybe it would be make a sense?And of course it doesn't work too if I add a group or a user:
[groups] full = abatishchev [/] * = r @full = rw abatishchev = rwI'm getting
403 Forbiden.What am I doing wrong? TIA!
Update: I found a record from error.log:
The URI does not contain the name of a repository. [403, #190001]What could it mean?