[英]How can I setup the permissions in Linux so that two users can update the same SVN working copy on the server?
My server has both Subversion and Apache installed, and the Apache web directory is also a Subversion working copy. 我的服务器安装了Subversion和Apache,Apache web目录也是Subversion工作副本。 The reason for this is that the simple command
svn update /server/staging
will deploy the latest source to the staging server. 原因是简单的命令
svn update /server/staging
将最新的源部署到登台服务器。
Apache public web directory: /server/staging
— (This is an SVN working copy.) Apache公共Web目录:
/server/staging
- (这是SVN工作副本。)
I have two users on my server, 'richard' and 'austin'. 我的服务器上有两个用户,'richard'和'austin'。 They both are members of the 'developers' group.
他们都是'开发者'小组的成员。 I recursively set permissions on the /server directory to richard:developers, using "sudo chown -R richard:developers /server".
我递归地将/ server目录的权限设置为richard:开发人员,使用“sudo chown -R richard:developers / server”。
I then set the permissions to read, write and execute for both 'richard' and the 'developers' group. 然后,我为'richard'和'developers'组设置了读,写和执行权限。
So surely, 'austin' should now be able to use the svn update /server/staging
command? 那么'奥斯汀'现在应该可以使用
svn update /server/staging
命令吗? However, when he tries, he gets the error: 但是,当他尝试时,他得到错误:
svn: Can't open file '/server/staging/.svn/lock': Permission denied
If I recursively change the owner of /server to austin:developers, he can run the command just fine, but then 'richard' can't. 如果我递归地将/ server的所有者更改为austin:开发人员,他可以正常运行命令,但是'richard'不能。
How do I fix the problem? 我该如何解决这个问题? I want to create a post-commit hook with to automatically deploy the staging site when files are committed, but I can't see a way for that to work for both users.
我想创建一个提交后挂钩,以便在提交文件时自动部署登台站点,但我看不到这种方法可以为两个用户工作。 The hook would be:
钩子将是:
/usr/bin/svn update /server/staging
Using the same user account for both of them wouldn't really be an acceptable solution, and I'm not aware of any way to run the command inside the hook as 'root'. 对它们使用相同的用户帐户实际上并不是一个可接受的解决方案,我不知道有什么方法可以在钩子里面运行命令“root”。
Any help is appreciated! 任何帮助表示赞赏!
Directory Set Group ID 目录集组ID
If the setgid bit on a directory entry is set, files in that directory will have the group ownership as the directory, instead of than the group of the user that created the file. 如果设置了目录条目上的setgid位,则该目录中的文件将具有组所有权作为目录,而不是创建该文件的用户组。
This attribute is helpful when several users need access to certain files. 当多个用户需要访问某些文件时,此属性很有用。 If the users work in a directory with the setgid attribute set then any files created in the directory by any of the users will have the permission of the group.
如果用户在设置了setgid属性的目录中工作,则任何用户在目录中创建的任何文件都将具有该组的权限。 For example, the administrator can create a group called spcprj and add the users Kathy and Mark to the group spcprj.
例如,管理员可以创建一个名为spcprj的组,并将用户Kathy和Mark添加到组spcprj中。 The directory spcprjdir can be created with the set GID bit set and Kathy and Mark although in different primary groups can work in the directory and have full access to all files in that directory, but still not be able to access files in each other's primary group.
可以使用设置的GID位和Kathy和Mark创建目录spcprjdir,尽管在不同的主组中可以在目录中工作并且可以完全访问该目录中的所有文件,但仍然无法访问彼此主要组中的文件。
The following command will set the GID bit on a directory: 以下命令将在目录上设置GID位:
chmod g+s spcprjdir
The directory listing of the directory "spcprjdir": 目录“spcprjdir”的目录列表:
drwxrwsr-x 2 kathy spcprj 1674 Sep 17 1999 spcprjdir
The "s'' in place of the execute bit in the group permissions causes all files written to the directory "spcprjdir" to belong to the group "spcprj" . 代替组权限中的执行位的“s”导致写入目录“spcprjdir”的所有文件属于“spcprj”组。
edit: source = Linux Files and File Permissions 编辑:source = Linux文件和文件权限
I would set up svnserve
which is a simple Subversion server using the svn://
protocol. 我将使用
svn://
协议设置svnserve
,这是一个简单的Subversion服务器。 You can set this up so it runs under its own user account, then the repository would only be accessed by that one user. 您可以对其进行设置,使其在自己的用户帐户下运行,然后只有该用户才能访问该存储库。 This user could then have the correct privileges to run
svn update /server/staging
on a post-commit hook. 然后,此用户可以具有在提交后挂钩上运行
svn update /server/staging
的正确权限。
in your svn repo, you can find a 'conf' directory where you set permissions. 在你的svn repo中,你可以找到一个设置权限的'conf'目录。 you have 3 files there:
那里有3个文件:
you set in the authz file which users have which kind of acces, per user or per group. 您在authz文件中设置了哪些用户具有哪种访问权限,每个用户或每个组。 you set groups there, SVN groups not linux user groups (hashed lines are comments):
你在那里设置组,SVN组不是linux用户组(哈希线是注释):
[groups]
# harry_and_sally = harry,sally
projectgroup = richard,austin
# [/foo/bar]
# harry = rw -- user harry has read/write access
# * = -- everybody have no access
# [repository:/baz/fuz]
# @harry_and_sally = rw -- harry_and_sally group members have read/write access
# * = r -- everyone has read access
[/server/staging]
@projectgroup = rw
* = r
work around this example and set your config. 解决此示例并设置您的配置。 in the 'passwd' file you set up users passwords.
在'passwd'文件中设置用户密码。 execute
执行
cat passwd
you'll get commented file with explanation how to set it up. 你会得到评论文件,解释如何设置它。
我使用WebDAV - 所有SVN更新和提交都是通过apache处理的,我从来没有遇到过这样的问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.