[svnbook commit] r1265 - in trunk/src/nb: . book
sunny256
svnbook-dev at red-bean.com
Thu May 5 18:04:18 CDT 2005
Author: sunny256
Date: Thu May 5 18:04:17 2005
New Revision: 1265
Modified:
trunk/src/nb/LAST_UPDATED
trunk/src/nb/TODO
trunk/src/nb/book/appc.xml
trunk/src/nb/book/ch00.xml
trunk/src/nb/book/ch03.xml
trunk/src/nb/book/ch04.xml
trunk/src/nb/book/ch05.xml
trunk/src/nb/book/ch06.xml
trunk/src/nb/book/ch07.xml
trunk/src/nb/book/ch09.xml
Log:
Merge changes between r1240:1264 in the English book into the Norwegian
version.
* src/nb/LAST_UPDATED
Updated by nmake sync.
* src/nb/TODO
Merged r1247, r1249, r1258, r1259, r1262.
* src/nb/book/appc.xml
* src/nb/book/ch00.xml
* src/nb/book/ch03.xml
* src/nb/book/ch05.xml
* src/nb/book/ch07.xml
Merged r1247.
* src/nb/book/ch04.xml
Merged r1243.
* src/nb/book/ch06.xml
Merged r1258.
* src/nb/book/ch09.xml
Merged r1248.
Modified: trunk/src/nb/LAST_UPDATED
==============================================================================
--- trunk/src/nb/LAST_UPDATED (original)
+++ trunk/src/nb/LAST_UPDATED Thu May 5 18:04:17 2005
@@ -1 +1 @@
-1240
+1264
Modified: trunk/src/nb/TODO
==============================================================================
--- trunk/src/nb/TODO (original)
+++ trunk/src/nb/TODO Thu May 5 18:04:17 2005
@@ -10,7 +10,6 @@
Maybe this can go into our existing best-practices doc?
-
To be fixed by someone:
- When using shared working copies, a user changing the permissions
@@ -25,14 +24,16 @@
- we seem to inconsistently assume repositories live either in
/usr/local/svn/ or /usr/local/repositories/ throughout the book.
- We ought to consistify.
-
- - Use either 'use case' or 'use-case', not a mixture of both.
+ We ought to consistify to /var/svn.
- Chapter 8 Section 1.1 "Repository Layer" documents the pre-FSFS state
of affairs.
- - Appendix D should be reviewed and updated from project_links.html
+ - Appendix D should be reviewed and updated from project_links.html,
+ listing only projects that the book authors wish to promote. A
+ generic and full list of related projects can always be found at
+ project_links.html -- we hold the power of bias and
+ recommendation, and we should wield it.
--------------------------------------------------------------
@@ -111,11 +112,6 @@
This probably needs to be an "advanced topics" chapter 7
section (MIKE).
- * New 'SVNPathAuthz Off' directive, to disable path-based authz in
- apache (and increase speed.)
-
- (BEN) will mention this in chapter 6, but:
-
* Need 'definitive list' of all mod_dav_svn directives.
(FITZ) new chapter 9 section.
@@ -131,6 +127,9 @@
(FITZ) this is chapter 9 touchup work.
+ * Need to verify that all reference command line syntaxes in
+ <programlisting> tags in chapter 9 are synced with real "svn help"
+ output. And then need to do the same for 1.2.
List of 1.2 features/changes (that still need to be documented)
@@ -143,7 +142,7 @@
touches chapters 2, 3, 5, 9 at a minimum. (we should all work on this)
* ch05: comparison of bdb and fsfs: make it clear that fsfs is now
- the default, need --fs-type bdb to get bdb. (mike)
+ the default, need --fs-type bdb to get bdb. (MIKE)
* ch06: client-cred-caching: mention win32 encryption in
mod_authz_svn: groups can contain other groups (BEN)
@@ -170,6 +169,17 @@
(FITZ), chapter 9.
* rewrite huge chunks of autoversioning appendix C (BEN)
+ Remember to look at r14262, the relevant part of which reads:
+
+ Make autoversioning more friendly, by cooperating with httpd's
+ mod_mime.
+ - let mod_mime attempt to set 'svn:mime-type' during an
+ autoversioning PUT.
+ - let mod_mime attempt to set the Content-type: header when
+ a non-svn DAV client does a GET (and only when 'svn:mime-type'
+ isn't set.)
+ In order to make the PUT part work, set 'ModMimeUsePathInfo on'.
+ In order to make the GET part work, set 'TypesConfig conf/mime.types'.
Modified: trunk/src/nb/book/appc.xml
==============================================================================
--- trunk/src/nb/book/appc.xml (original)
+++ trunk/src/nb/book/appc.xml Thu May 5 18:04:17 2005
@@ -361,7 +361,7 @@
created.</para>
<para>Because so many operating systems already have integrated
- WebDAV abilities, the use-case for this feature borders on
+ WebDAV abilities, the use case for this feature borders on
fantastical: imagine an office of ordinary users running
Microsoft Windows or Mac OS. Each computer
<quote>mounts</quote> the Subversion repository, which appears
Modified: trunk/src/nb/book/ch00.xml
==============================================================================
--- trunk/src/nb/book/ch00.xml (original)
+++ trunk/src/nb/book/ch00.xml Thu May 5 18:04:17 2005
@@ -509,7 +509,7 @@
<listitem>
<para>Discusses branches, merges, and tagging, including
best practices for branching and merging, common
- use-cases, how to undo changes, and how to easily swing
+ use cases, how to undo changes, and how to easily swing
from one branch to the next.</para>
</listitem>
@ENGLISH }}} -->
Modified: trunk/src/nb/book/ch03.xml
==============================================================================
--- trunk/src/nb/book/ch03.xml (original)
+++ trunk/src/nb/book/ch03.xml Thu May 5 18:04:17 2005
@@ -1297,7 +1297,7 @@
<para>Earlier in this chapter, we said that you have to commit
any changes that you make in order for the repository to
reflect these changes. That's not entirely true—there
- <emphasis>are</emphasis> some use-cases that immediately
+ <emphasis>are</emphasis> some use cases that immediately
commit tree changes to the repository. This only happens
when a subcommand is operating directly on a URL, rather
than on a working-copy path. In particular, specific uses
Modified: trunk/src/nb/book/ch04.xml
==============================================================================
--- trunk/src/nb/book/ch04.xml (original)
+++ trunk/src/nb/book/ch04.xml Thu May 5 18:04:17 2005
@@ -1342,7 +1342,7 @@
<!-- @ENGLISH {{{
<listitem><para>A working copy to accept the differences as
local changes (often called the <firstterm>target</firstterm>
- of the merge.)</para></listitem>
+ of the merge).</para></listitem>
@ENGLISH }}} -->
<listitem>
<para>En arbeidskopi som skal motta forandringene som lokale
Modified: trunk/src/nb/book/ch05.xml
==============================================================================
--- trunk/src/nb/book/ch05.xml (original)
+++ trunk/src/nb/book/ch05.xml Thu May 5 18:04:17 2005
@@ -3364,7 +3364,7 @@
<command>svnadmin list-dblogs</command> perform a
subset of what is provided by the Berkeley
<command>db_archive</command> command, and <command>svnadmin
- recover</command> reflects the common use-cases of the
+ recover</command> reflects the common use cases of the
<command>db_recover</command> utility.</para>
@ENGLISH }}} -->
<para>For daglig Subversionbruk er disse verktøyene unødvendige.
Modified: trunk/src/nb/book/ch06.xml
==============================================================================
--- trunk/src/nb/book/ch06.xml (original)
+++ trunk/src/nb/book/ch06.xml Thu May 5 18:04:17 2005
@@ -1769,6 +1769,72 @@
</sect3>
+ <sect3 id="svn-ch-6-sect-4.4.3">
+ <title>Disabling Path-based Checks</title>
+
+ <para>The <command>mod_dav_svn</command> module goes through a
+ lot of work to make sure that data you've marked
+ "unreadable" doesn't get accidentally leaked. This means
+ that it needs to closely monitor all of the paths and
+ file-contents returned by commands like <command>svn
+ checkout</command> or <command>svn update</command>
+ commands. If these commands encounter a path that isn't
+ readable according to some authorization policy, then the
+ path is typically omitted altogether. In the case of
+ history or rename tracing — e.g. running a command
+ like <command>svn cat -r OLD foo.c</command> on a file that
+ was renamed long ago — the rename tracking will simply
+ halt if one of the object's former names is determined to be
+ read-restricted.</para>
+
+ <para>All of this path-checking can sometimes be quite
+ expensive, especially in the case of <command>svn
+ log</command>. When retrieving a list revisions, the server
+ looks at every changed path in each revision and checks it
+ for readability. If an unreadable path is discovered, then
+ it's omitted from the list of the revision's changed paths
+ (normally seen with the <option>--verbose</option> option),
+ and the whole log message is suppressed. Needless to say,
+ this can be time-consuming on revisions that affect a large
+ number of files. This is the cost of security: even if you
+ haven't configured a module like
+ <command>mod_authz_svn</command> at all, the
+ <command>mod_dav_svn</command> module is still asking Apache
+ <command>httpd</command> to run authorization checks on
+ every path. The <command>mod_dav_svn</command> module has
+ no idea what authorization modules have been installed, so
+ all it can do is ask Apache to invoke whatever might be
+ present.</para>
+
+ <para>On the other hand, there's also an escape-hatch of
+ sorts, one which allows you to trade security features for
+ speed. If you're not enforcing any sort of per-directory
+ authorization (i.e. not using
+ <command>mod_authz_svn</command> or similar module), then
+ you can disable all of this path-checking. In your
+ <filename>httpd.conf</filename> file, use the
+ <literal>SVNPathAuthz</literal> directive:</para>
+
+ <example id="svn-ch-6-sect-4.4.3-ex-1">
+ <title>Disabling path checks altogether</title>
+ <programlisting>
+ <Location /repos>
+ DAV svn
+ SVNParentPath /usr/local/svn
+
+ SVNPathAuthz off
+ </Location>
+ </programlisting>
+ </example>
+
+ <para>The <literal>SVNPathAuthz</literal> directive is "on" by
+ default. When set "off", all path-based authorization
+ checking is disabled; <command>mod_dav_svn</command> stops
+ invoking authorization checks on every path it
+ discovers.</para>
+
+ </sect3>
+
</sect2>
<sect2 id="svn-ch-6-sect-4.5">
Modified: trunk/src/nb/book/ch07.xml
==============================================================================
--- trunk/src/nb/book/ch07.xml (original)
+++ trunk/src/nb/book/ch07.xml Thu May 5 18:04:17 2005
@@ -925,7 +925,7 @@
<footnote>
<para>Fixing spelling errors, grammatical gotchas, and
<quote>just-plain-wrongness</quote> in commit log
- messages is perhaps the most common use-case for the
+ messages is perhaps the most common use case for the
<option>--revprop</option> option.</para>
</footnote></para>
@@ -2062,7 +2062,7 @@
…
</screen>
- <para>In the trivial use-case, the new version of our
+ <para>In the trivial use case, the new version of our
third-party tool would look, from a files-and-directories
point of view, just like the previous version. None of the
libcomplex source files would have been deleted, renamed or
Modified: trunk/src/nb/book/ch09.xml
==============================================================================
--- trunk/src/nb/book/ch09.xml (original)
+++ trunk/src/nb/book/ch09.xml Thu May 5 18:04:17 2005
@@ -2270,7 +2270,7 @@
<refsect1>
<title>Synopsis</title>
<programlisting>svn merge sourceURL1[@N] sourceURL2[@M] [WCPATH]</programlisting>
- <programlisting>svn merge -r N:M SOURCE [PATH]</programlisting>
+ <programlisting>svn merge -r N:M SOURCE [WCPATH]</programlisting>
</refsect1>
<refsect1>
<title>Description</title>
More information about the svnbook-dev
mailing list