Re: svn + SSL?

On Sat, Dec 19, 2015 at 2:43 AM, Daniel Shahaf wrote: > Or perhaps stunnel, which has its pros and cons (e.g., an SSL > vulnerability won't compromise the svn process). > I thought about suggesting that, too, but I'm not sure it's workable. While it'd be easy to set up on the server side, it wou

Re: SVN Recovery from raw db files

On Sun, Aug 2, 2015 at 7:10 PM, Tim Tornid wrote: > Hello, > > > I had a catastrophic Subversion server loss, and I'm having some troubles > recovering. The server was using VisualSVN 3.2.3 which is Apache Subversion > 1.8.13. > > > What version is the new server running? I'd suggest using the e

Re: Square brackets in file names and authz (in VisualSVN 2.5.5)

like so: "tmp\#1.txt", but I'm not confident that will work. If svn can't > deal with this one you might have a case for it being a bug, since it is > technically a legal file name. emacs uses files starting and ending in "#" extensively for autosave recovery data, FWIW. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: how to disable svn's copy and move command?

-commit to disable copy and move, and is there > another way to do this? > I'm not sure this will accomplish what you want. It won't prevent users from checking out files, using their system's own filesystem commands to move them, then checking them in in a new location.

Re: Use of svnserve and Dropbox

Emacs all over again. People who have gotten used to the svn user interface (or CVS, for that matter) will find git clumsy; people who are used to git will find svn clumsy. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: How to control changes to path-based auth file?

t doesn't solve your access control requirement, though, just your logging requirement. I use it sometimes in situations where I don't want to version control a whole directory, just a few files -- config files under /etc, for example. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Trying (failing) to limit access to one user

On Wed, Apr 27, 2011 at 8:51 AM, Alan M. Evans wrote: > On Tue, 2011-04-26 at 16:07 -0700, David Brodbeck wrote: > > > So the short answer is there's probably no way to do what you want > > except by creating a group with everyone but jon in it. > > But I trie

Re: Trying (failing) to limit access to one user

are basically or'ed; the user gets a combination of permissions from all the lines that apply to them. So the short answer is there's probably no way to do what you want except by creating a group with everyone but jon in it. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Massive file duplication with several working copies / which linux filesystem to use

tion for Linux. > > http://www.kqinfotech.com/content.php?id=2 Be careful with ZFS deduplication. It still has some issues. Memory usage for it is quite massive, and there are cases of running a destroy operation on a deduped zpool taking literally days. -- David Brodbeck System Administra

Re: Logging repository accesses other than commits

* get read by non-interactive SSH sessions. Note that /etc/environment is not a shell script; the only things you can put in there are comments and simple variable assignments. ~/.ssh/environment is also an option. You have to turn on PermitUserEnvironment in sshd_config for that to work. -- David

Re: Behaviour on minor .control misconfiguration

access. On the other hand, in general the Subversion project maintainers' policy seems to be to discourage use of path-based access control (see the box on http://svnbook.red-bean.com/en/1.5/svn.serverconfig.pathbasedauthz.html), so it's possible you might get some people to agree that having

Re: mod_dav_svn + automatic per-directory user authorization

jects. You don't want students to be able to mess with each others' code, and you probably don't want to retain their data forever once the class is over. I don't know if that's the original poster's situation, but that's what it immediately reminded me of. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Windows over linux

ntegrating a new, "foreign" OS into existing backup, authentication, and network monitoring infrastructure can be a real challenge. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Fine and secure dining, was Re: svnadmin create and not being method agnostic

distributions (and maybe shouldn't be) but the configuration switches to turn them off are easy to find. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: svnadmin create and not being method agnostic

about rogue users distributing files in violation of company policy, you're going to have to keep them off the server, at a minimum. That doesn't solve the problem either -- you then have to start worrying about what they do with their working copies -- but it prevents them from run

Re: svnadmin create and not being method agnostic

;s really a matter of which risk you're more concerned about. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: svn Farm

On Wed, Oct 20, 2010 at 4:30 PM, David Brodbeck wrote: > If I have root access to the filesystem, it doesn't matter what SSH > does to try to encrypt the password... Typo. s/SSH/SVN/ -- David Brodbeck System Administrator, Linguistics University of Washington

Re: svn Farm

t any level of precaution sufficient to protect you from a rogue root user on a UNIX system. I'm not saying there aren't situations where it's a good idea to have SVN encrypt passwords, just that this isn't a very good example of one. If people can boot a LiveCD and get root a

Re: svn Farm

to shoot themselves in the foot, and willing to go to that much effort to do it, I don't think there's much you can do. They probably have their password on a sticky note on the bottom of their keyboard, too. ;) -- David Brodbeck System Administrator, Linguistics University of Washington

Re: svn Farm

On Thu, Oct 14, 2010 at 2:22 PM, Stefan Sperling wrote: > I hope the work-in-progress gpg-agent support I mentioned will fill that gap. > Would using gpg-agent work for you? Quite likely. I haven't really played with gpg-agent, but I don't know of any reason it shouldn

Re: svn Farm

p users really want, so bundling them as part of the GUI is sufficient. I don't blame Subversion for that, though. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: svn Farm

vial to create an suid-root shell binary, which a local user could then run and gain root privileges. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: An issue about SVN access deny

ther accounts. > I have tried sevral times, and it seems if a user do not have access right to > a subfolder, he can not create a tag for this folder. > Am I right ? or anyone has some solution? Tagging is a copy operation in SVN, so the person making the tag has to be able to read the sou

Re: Error "svn: Can't open file '/svn/mpfr/db/txn-current-lock': Permission denied"

problems for read operations. I suspect you have a hook script that isn't aware of the file format changes in 1.5.1. I had this problem with a hook script we use to check the size of transactions. Try temporarily disabling your commit hooks and see if it starts working. -- David Brod

Re: viewing svn logs?

roperly. It has its own fine-grained permission system that's independent of Subversion's, and it does a nice job formatting the log into a readable timeline. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Poor performance for large software repositories downloading to CIFS shares

lly, really does not deal with large directories well. Neither does NFS, but the way Windows handles directories tends to make it worse. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: How to choose between svn & http?

;chatty" file storage technologies such as CIFS, which can > seriously slow the checkout of bulky working copies with lots of > files. (I've run into this recently: what took 2.5 minutes to NFS > shares took 25 minutes to CIFS shares. It was embarassing!) Virus scanning o

Re: How to speed up subversion

On May 25, 2010, at 9:59 AM, Les Mikesell wrote: > On 5/25/2010 11:44 AM, David Brodbeck wrote: >> >> On May 24, 2010, at 2:05 PM, Les Mikesell wrote: >> >>> On 5/24/2010 3:51 PM, David Brodbeck wrote: >>>> >>>> On May 21, 2010, at 8:23 AM

Re: How to speed up subversion

On May 24, 2010, at 2:05 PM, Les Mikesell wrote: > On 5/24/2010 3:51 PM, David Brodbeck wrote: >> >> On May 21, 2010, at 8:23 AM, Hyrum K. Wright wrote: >>> Actually, Subversion is a bit more intelligent about it, attempting to use >>> modification times and s

Re: How to speed up subversion

s have particularly bad performance if there are lots of files in a single directory, as well. This is especially true of NFS. In one extreme example, I've seen a simple "ls" take tens of minutes to produce any output in an NFS-mounted directory with ~1,000,000 files. --

Re: SVN Authentication fail

wned for you. >> >> ??? >> >> Have you read this part of the svn book >> http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.svnserve.sshauth >> ?? >> >> BOb >> > I'm just using svn:// I was hoping to not have to

Re: Filenames with non-ASCII characters

k/a?\195?\167?\195?\163o1.txt" into > iso8859-1 but I had no luck. I made the pre-commit hook scrips using python. That looks like Unicode being escaped as individual byte values. When I do: perl -e 'print chr(195).chr(167).chr(195).chr(163)."\n"' I get: çã on a Unicode terminal. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Problem with "bogus date" on NFS

ug_id=6854659 One workaround is to use NFSv3. Another is to put some data in the zero-length file. The fix is in snv_126, which means it should be fixed in the next version of OpenSolaris that comes out (the one that was supposed to be 2010.03, before the Oracle merger delayed everything.) -- David Brodbeck System Administrator, Linguistics University of Washington

Re: killer feature -- HEAD+1

wandisco.com/forums/13-things-id-like-to-see-in-subversion/265-forwading-history-support.html#266 > > Though I've developed it, but in Java. > > Pablo. > > 2010/4/20 David Brodbeck > > On Apr 20, 2010, at 3:44 AM, Daniel Shahaf wrote: > > > kost BebiX wrote

Re: killer feature -- HEAD+1

t a new project, then check out HEAD+8972 and get finished, debugged code! ;) -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Infamous "Item is not readable" for svn log

situations but not others would just add to their perplexity. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: tracking growth of repositories

uses, using Cacti (which is a fancy front end to rrdtool.) Since my repository is on its own filesystem, I use the same SNMP disk monitoring I use on all my systems. This is mostly just to help me plan storage upgrades. -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Question about authz file syntax.

On Feb 12, 2010, at 1:27 AM, Johan Corveleyn wrote: > On Fri, Feb 12, 2010 at 12:44 AM, David Brodbeck > wrote: >> Actually, I take that back, the manual says it's the *first* match: >> "Another important fact is that the first matching rule is the one whic

Re: Question about authz file syntax.

Actually, I take that back, the manual says it's the *first* match: "Another important fact is that the first matching rule is the one which gets applied to a user." (http://svnbook.red-bean.com/nightly/en/svn.serverconfig.pathbasedauthz.html) On Feb 11, 2010, at 1:52 PM, David

Re: Question about authz file syntax.

ctory, if I take "* >> =" out, then, The permissions are properly applied. >> >> My problem is, my manager wants a "default deny" ACL, so, for many of >> the directories, I need to have "* = ". >> >> >> * Note: I tried to put "* =" before all the other ACL's, in the end, >> in the middle, doesn't seem to make difference. >> >> >> thanks in advance, >> >> Lauro > > -- David Brodbeck System Administrator, Linguistics University of Washington

Re: Variables

gt; >> >> On Jan 19, 2010, at 12:06 PM, Andy Levy wrote: >> >>> On Tue, Jan 19, 2010 at 13:00, Young, Darren >>> wrote: >>>> Does SVN offer a $Log$ keyword like CVS? >>> >>> http://subversion.tigris.org/faq.html#log-in-source &

Re: svn dump and load not preserving all files

ystem that obsolete, but if they are, they probably know it. There *are* filesystems that still have that limit under Linux, but none of them are filesystems you're likely to host a repository on. Examples would be VFAT and SMBFS. -- David Brodbeck System Administrator, Linguistics University of Washington