> > From: K F [mailto:cmkfo...@yahoo.com] > > Sent: 05 May 2010 20:43 > > > > The repo in on a Unix box located at svnrepo/sandbox > > accessing via tortoise on a windows machine with the latest > > releases. When I try to do a commit as user dev1, psswd dev1, > > I get the following error: > > > > Command: Commit > > Error: Commit failed (details follow): > > Error: Authorization failed > > Finished!: > > > > I am not sure what is wrong. I did some searching on the web > > and can't find anything wrong with what I am doing. Here is > > what I have in the pertinent files. > > > > passwd file: > > dev1 = dev1 > > dev2 = dev2 > > dev3 = dev3 > > > > authz file: > > [aliases] > > > > [groups] >
> deva = dev1, dev2 > > devb = dev3 > > > > [svnrepo/sandbox:/] > > deva = rw > > devb = r > > Personally I had some issues with using [groups] that I > unfotunately did > not have time to resolve. I suggest that you start by using the > usernames (dev1 etc) directly in the authz file to test: > > Also, I think that [svnrepo/sandbox:/] is wrong. I would only ever > expect to see one name before the slash (a specific repo in a > parentpath > setup) then the path within the repo comes after the ":/". > > [sandbox:/] > dev1 = rw > dev2 = rw > dev3 = r > > If you only have one repo / are not using parentpath then you can just > set the default global access level: > > [/] > dev1 = rw > dev2 = rw > dev3 = r > > Are you using parentpath in your setup? Unless your client > is 1.6.11+, > you need to grant read access to the root (you do seem to be > doing that, > just thought it worth mentioning). > > Finally, a link to path-based authorization in the nightly red book: > http://svnbook.red-bean.com/nightly/en/svn.serverconfig.pathbasedauthz.h tml > > > ~ mark c > > > svnserve.conf file: > > [general] > > anon-access=none > > auth-access=write > > > > password-db=passwd > > > > authz-db=authz > > > From: K F [mailto:cmkfo...@yahoo.com] > Sent: 06 May 2010 13:36 > > Mark, > > I looked at the link you offered for Path-Based Authorization > and really didn't see anything that I haven't tried. Based on > your suggestions, to get it to work I am not using groups and > am simply using the usernames. > > [/] > dev1 = rw > dev2 = rw > dev3 = r > > As you can see I am also using the global level access. This > all seems to work. I would still like to try and get the > groups to work if anyone has any other ideas. > > Thanks, > Rich > Dang! I missed the obvious problem which is that according to the Red Book link you need to prefix group names with '@' which gives:- > authz file: > [aliases] > > [groups] > deva = dev1, dev2 > devb = dev3 > > [svnrepo/sandbox:/] > @deva = rw > @devb = r ...let me know if it works! (and for completeness: Aliases need to be prefixed by '&' which does work for me) Hmm, perhaps my problem with groups was trying to create groups just of aliases e.g. [aliases] user1=joe90 user2=adameve user3=spod [groups] devs=&user1, &user2 test=&user2, &user3 [/] @devs = rw @test = r Can anyone else confirm if this should /does (not) work? ~ mark c Mark, I had seen that in the book also and tried it with no luck. My latest try was: [aliases] dev10 = dev1 dev20 = dev2 dev30 = dev3 [groups] deva = &dev10, &dev20 devb = &dev30 [/] &deva = rw &devb = r This returns an error on commit of: Error: Commit failed (details follow): Error: An authz rule refers to alias '&deva', which is undefined Still looking at it to see if it something I am just missing sometjhing or doing something wrong. Rich =========== So I inserted an & instead of a @ at the bottom and that fixed things. @deva = rw @devb = r Just to clarify, in order to use authz you need to set up aliases? Unless I set aliases up it doesn't appear to work. Looking at the book, I do not see why aliases are required. If anyone can explain the reasoning or explain why I am wrong I would appreciate it. Thanks, Rich
