[ Accidentally replied only to Thorsten, sending to list. ]
2011/7/18 Nico Kadel-Garcia <nka...@gmail.com>: > 2011/7/18 Thorsten Schöning <tschoen...@am-soft.de>: >> Guten Tag David Mehler, >> am Samstag, 16. Juli 2011 um 18:46 schrieben Sie: >> >>> I'm wanting to ensure encryption of data while traveling from the >>> server to the client so am looking in to cyrus-sasl, though not >>> finding what i'm looking for. >> >> What exactly are you missing? >> >> http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.svnserve.sasl > > And is there any reason not to use svn+ssh:// or https:// > >>> I'm also needing to separate users. For example, user1 has access to >>> only repos1 while user2 has only access to repos2 but not repos1. >>> Under their respective repos' each user can commit their own projects >>> and manage them. >> >> This is easy, each repository has it's own user configuration per >> default and per repository you can use path based access control, if >> needed. >> >> http://svnbook.red-bean.com/nightly/en/svn-book.html#svn.serverconfig.svnserve.auth >> >>> I would have gone with an svn+ssh access, but don't want to give out >>> system accounts, and none of my user's want their repos visible to an >>> httpd server so apache is out. >> >> How about creating new users just for svn access? Else, a simple VPN >> using OpenVPN could be solution, too, depending on how you trust your >> users etc. > > Oh, my! You don't have to give system accounts!!! You use a shared > account, called "svn", for write access. > > The URL's would be "svn+ssh://svn@hostname/reponame", and you'd use > SSH keys with a "command" option, as documented at > http://svnbook.red-bean.com/en/1.5/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.sshtricks.fixedcmd. > > There's a missing option in the documentation, the "--root" option. > For a set of shared SVN repostories at "/var/svn/", the saved keys > would look something like this: > > command="svnserve -t --tunnel-user=username > --root=/var/svn",no-port-forwarding,no-agent-forw > arding,no-X11-forwarding,no-pty TYPE1 KEY1 usern...@example.com > > The repo at /var/svn/repo1 would be accessed with the URL > svn+ssh://svn@hostname/repo1/ > >> >> Mit freundlichen Grüßen, >> >> Thorsten Schöning >> >> -- >> Thorsten Schöning >> AM-SoFT IT-Systeme - Hameln | Potsdam | Leipzig >> >> Telefon: Potsdam: 0331-743881-0 >> E-Mail: tschoen...@am-soft.de >> Web: http://www.am-soft.de >> >> AM-SoFT GmbH IT-Systeme, Konsumhof 1-5, 14482 Potsdam >> Amtsgericht Potsdam HRB 21278 P, Geschäftsführer: Andreas Muchow >> >> >
