mod_authz_svn的奇怪行为

时间:2015-03-27 08:00:49

标签: apache svn mod-dav-svn authz

我已经在apache2上配置了我的svn服务器,如下所示:

<Location /svn_test>
    DAV svn
    SVNParentPath /path/to/SvnTest
    AuthType Basic
    AuthName "Subversion repository"
    AuthUserFile "/path/to/passwd"
    AuthzSVNAccessFile "/path/to/authz"
    Require valid-user
    SVNAdvertiseV2Protocol Off
    AuthzSVNAnonymous Off
</Location>

authz文件配置如下:

[groups]
g=hy

[test:/]
hy=r
*=

[test:/subdir]
hy=r
*=

[test:/subdir1]
hy=rw
*=

问题是,我想将subdir的权限与其他目录分开控制,但如果我将subdir1的权限更改为&#34; rw&#34;,我可以写入subdir,如果我将subdir1的权限更改为&#34; r&#34;,子目录的权限变为&#34; r&#34;如预期的那样。

事实上,如果我将任何目录的权限更改为&#34; rw&#34;,那些我想让它成为只读的目录,就会变成可写的。

我在下面粘贴了一些apache日志,以防它有用。

每次我重新启动apache2时,都会抱怨python版本不匹配,但尽管如此,一切正常,我确定它是否相关:

[Fri Mar 27 15:55:44.381138 2015] [mpm_worker:notice] [pid 10693:tid 140245999884160] AH00295: caught SIGTERM, shutting down
[Fri Mar 27 15:55:45.111049 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python version mismatch, expected '2.7.5+', found '2.7.4'.
[Fri Mar 27 15:55:45.111523 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python executable found '/usr/bin/python'.
[Fri Mar 27 15:55:45.111556 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python path being used '/usr/lib/python2.7/:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.
[Fri Mar 27 15:55:45.111585 2015] [:notice] [pid 13438:tid 139851301021568] mod_python: Creating 8 session mutexes based on 6 max processes and 25 max threads.
[Fri Mar 27 15:55:45.111600 2015] [:notice] [pid 13438:tid 139851301021568] mod_python: using mutex_directory /tmp 
[Fri Mar 27 15:55:45.122215 2015] [mpm_worker:notice] [pid 13438:tid 139851301021568] AH00292: Apache/2.4.6 (Ubuntu) SVN/1.7.9 mod_python/3.3.1 Python/2.7.4 configured -- resuming normal operations
[Fri Mar 27 15:55:45.122280 2015] [core:notice] [pid 13438:tid 139851301021568] AH00094: Command line: '/usr/sbin/apache2'

1 个答案:

答案 0 :(得分:3)

http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html

  

默认情况下,根本没有任何人可以访问存储库。

因此,您无需明确拒绝路径访问。

我会按如下方式重写您的配置:

[groups]
g = hy

[test:/]
hy = r

# Permissions are inherited from parent to child directory 
# and hy already has read access to the root of the repo and its subdirectories,
# so this can be skipped:
#[test:/subdir]
#hy = r

[test:/subdir1]
hy = rw
相关问题
最新问题