Recommended backup procedure and preserving my data...

Adrian Wilkins adrian.wilkins at
Fri Oct 16 12:54:19 BST 2009

> I don't understand how that gets me ACLs.  Aren't the incoming
> requests still the same?  If I could get ACLs using Apache as a proxy,
> shouldn't I be able to do so without the proxy portion?  Sorry for
> being thick, I just don't get what is enabling ACLs in this case.

Just to be clear, it's not full path-based access control as is possible
in Subversion. What is possible, is possible for the same reasons - the
web server is fielding all the requests and can deny or permit access
based on the URL and the authenticated user.

Because mod_dav_svn uses paths that equate with paths in the repository,
you can use more fine-grained control (this was the only way to do it
until they more recently implemented ACL in the standalone server).

With Bazaar and indeed, with any DVCS, the only control you have is over
 whole branches. If you're distributing the entire history of a branch
to someone, you can't stop them reading it, so DVCS doesn't bother
trying. Likewise you can't stop them committing revisions to it. The
only thing you can do is control is access to the branches on your server.

If you proxy connections through Apache, or configure Apache to be your
smart server you can use it's access control.

You can run a smart-server using loggerhead (not familiar with this) or
by using WSGI. The relevant page in the docs for an HTTP-smart-server
would be ;
or there is a Windows-centric method of getting it to work on IIS at

More information about the bazaar mailing list