Billy Buzzard wrote on Fri, Sep 02, 2016 at 17:48:34 +0000: > Daniel the configuration is very similar to mine and it only partially > works. Did you test your configuration by using "svn log" from the > command line? I did and it still has the same problem. > > D:\projects\foo>svn log svn://myrepo/projects/foo > svn: E220001: Item is not readable > > The only way the "svn log" works that I have read about or found is > when the admin adds * = r to the root folder in the authz file.
'svn log' does not need access to the repository root. 'svn log URL' only needs access to URL. I think the issue is that your client anchors 'svn log ^/projects/foo' on ^/projects rather than on ^/projects/foo, so for the operation to succeed with that client the user needs to have the 'r' permission on /projects too, not just on subdirs thereof. I'm not sure if there's a way to force the client (which version?) to anchor the operation on ^/projects/foo. As a workaround, you could switch the authz file from a whitelist cpproach to a blacklist approach, give @untrusted rw on / and specifically deny them authz on /projects/bar. That does mean new projects would be visible to @untrusted by default; whether that's a good thing depends on your context. (It's a social question, not a technical one.) Cheers, Daniel
