On Thu, 2011-11-10 at 06:59 +0000, Cooke, Mark wrote: > > > The second problem is that we run trac, and (as recommended > > by the trac project) use post-commit hooks to log repository > > changes into the trac timeline. This fails when svn+ssh:// > > is used, as the process owner does not have permission to > > use trac-admin in that way. > > ...as a trac user (but being a windoze shop, not svn+ssh) I was wondering, is > this a fundamental trac problem or a local configuration issue? If it is > trac then it should be reported to trac-users too... Normally your svn+ssh process runs as the user who's credentials were supplied. Trac-admin does not allow general users to do much of anything on a linux box, not sure about windows.
I would say it was a fundamental trac problem, resulting from a collision of 2 sets of assumptions for security. That is, svnserve will run as a local, authenticated user for security, audit trail, etc. trac-admin will only update the timeline (or make any other change) if it is superuser (or somesuch). There might be a way to configure trac-admin to allow anyone to make those changes, but that exposes the trac installation to greater risk. Sigh - I will just strongly suggets to our engineers that they use http:// protocol only, most do already. Tony > > ~ mark c