Version Control with Subversion, 2nd Edition
by C. Michael Pilato, Ben Collins-Sussman, Brian W. Fitzpatrick
Path-Based Authorization
Both Apache and svnserve are capable of granting (or denying) permissions to users. Typically this is done over the entire repository: a user can read the repository (or not), and she can write to the repository (or not). It’s also possible, however, to define finer-grained access rules. One set of users may have permission to write to a certain directory in the repository, but not others; another directory might not even be readable by all but a few special people.
Both servers use a common file format to describe these path-based
access rules. In the case of Apache, one needs to load the mod_authz_svn module and then add the AuthzSVNAccessFile
directive (within the httpd.conf
file) pointing to your own rules file. (For a full explanation, see Per-directory access control.) If you’re using
svnserve, you need to make the authz-db variable (within svnserve.conf)
point to your rules file.