Skip to content. | Skip to navigation

Personal tools

Navigation

You are here: Home / Resources / Subversion Docs & How-To

Subversion Docs & How-To

A short overview on our subversion set up & configuration and a short how-to.

README document icon README — README document, 6 kB (6296 bytes)

File contents

SVN Documentation
-------------------------------------------------------------------------------
Last modified:	
	Thursday, March 4, 2010 by Kevin Luikens


Table of Contents:
	1. How to add a user to the Subversion user list
	2. Create a repository
	3. Restricting and allowing access to a repository		
	4. Basic SVN usage
	5. Links to more documentation


Current directory map:	
	.
	|-- .bash_history
	|-- .ssh
	|   |-- authorized_keys
	|   `-- keys
	|       |-- bzhang_id_dsa.pub
	|       |-- kevin2.pub
	|       |-- qingju_id_rsa.pub
	|       `-- yic_id_rsa.pub
	|-- README
	|-- conf
	|   |-- passwd
	|   |-- servers
	|   `-- svnserve.conf
	`-- repos


User info:
	name	svn
	pass	[retracted]

-------------------------------------------------------------------------------
1. How to add a user to the Subversion user list

	To add a user to the svn access list, you'll need to edit 
	the authorized_keys file in 

		/var/svn/.ssh/authorized_keys
	
	You'll add the following command and options, plus the user's
	key. This way, when a client tries to access a svn repository
	they'll be tunneled to a username based upon their key.

		command="svnserve -t -r /var/svn/repos --tunnel-user=kevin",
		no-port-forwarding,no-agent-forwarding,no-X11-forwarding,no-pty
		TYPE KEY COMMENT

	It will be best to copy a line that is already in the file, and
	NOT from the text above as the above paragraph has newlines and
	will break the ssh parser if used.

	Replace "kevin" in
		
		--tunnel-user=kevin
	
	with the desired username.

	My approach to adding users was to copy the key into the same
	directory and use cat to copy the key contents in.

		cat ./kevin.pub >> authorized_keys

	Now, edit authorized_keys so that the entry is contained on one line.
	If using vim, this is easy to see if you issue the command

		:set list

	You will see "$"s every where there is a newline. 

	When done, check to make sure that each of the files and directories
	are still owned by "svn". This is important, because if authorized_keys
	can't be accessed, it will be possible to gain access to a bash 
	shell if the password is known.

	To do this, make sure you are at the following path:

		/var/svn/.ssh/
	
	and issue the following command:

		sudo chown -R svn:svn ./*


2. Create a repository
	
	From here, you must use svn tools.

	Make sure you are within the directory

		/var/svn/repos

	or that you use that full path + your new repo name. This is important
	for organization and for the fact that svn access will be restricted to
	the above path.

	To create a repo, ssh into Dyadis with your regular user name and
	issue the following command where "myawesomepaper" is the title of the 
	repo (sudo is likely necessary):

		svnadmin create /var/svn/repos/myawesomepaper


3. Restricting and allowing access to a repository		
	
	Upon creation of a repository, there are multiple folders created
	that are necessary for its function:
		
		conf
		dav
		db
		hooks
		locks

	In order to restrict and allow access, it will be necessary to edit
	files within the "conf" directory. I've created configuration 
	templates to copy at 

		/var/svn/conf/authz
		/var/svn/conf/passwd
		/var/svn/conf/svnserve.conf

	For clarity, after you copy them they should reside at a path like:

		/var/svn/repos/myawesomepaper/conf/authz

	
	What are the differences between default and our configs?

	svnserve.conf 
	-------------------------------------------------------------------	
		anon-access = none
		
		authz-db = authz
		
		realm = UA Networks Research Lab

	Although authentication is already managed by ssh and keys, anon-access
	is still set to none in the case of an unknown access method. This makes
	sure that you are authenticated by ssh key and that no unknown users
	can read the repository.

	Uncomment the authz-db line so that it will be used. This file is
	necessary for the creation of groups and setting their access level.

	Set realm so that if a user is prompted for credentials, they will see
	whose repository they are connecting to.


	authz
	-------------------------------------------------------------------	
		networkslab = bzhang,kluikens,qingju,yic,zhaox
		
		[/]
		* = 
		@networkslab = rw

	Created a group titled "networkslab" and added users that should
	belong to this group.

	Next entry refers to the repository and who gets to what.
		[/]		Define access to the repository with respect
				to specified path (root path in this case)
				from root of repo. If you specified "[/new]",
				you would be defining access rules for the
				"new" folder within the repo.
		* = 		Everyone can NOT read or write.
		@networkslab=rw	Group networkslab can read and write at this
				level. 

	*****************************************************************
	** Reminder: each repo needs to have these files, they are not **
	** centralized.						       **
	*****************************************************************


4. Basic SVN usage
	
	svn checkout	Check out a copy of the repo to your local machine.
			
			Our usage will look like:
						
				svn co svn+ssh://svn@dyadis.cs.arizona.edu/myawesomepaper

			Use svn for the user -- your user name is pre-configured
			inside the authorized_keys file to correspond with your
			key.


	svn	add	Add a file to the repository. If you create a file inside
			the project but do not "add" it, it will be ignored until
			you do.

	svn	diff	View a diff output of the changes you've made since the
			last commit.

	svn	commit	Commit a series of changes to the working repository. Can
			be used with the "m" option to avoid a text editor prompt
			for a commit message. Example:

				svn commit -m "This commit fixes the internet."

	svn	update	Bring your working copy up to date and sync with the
			master version on Dyadis.

	
5. Links to more documentation

	SVN Quickstart	
		http://svnbook.red-bean.com/en/1.4/svn.intro.quickstart.html


	Original source for design decisions
		http://svnbook.red-bean.com/en/1.4/svn.serverconfig.svnserve.html
			#svn.serverconfig.svnserve.sshtricks
		svn channel on irc


	Free Subversion book (highly regarded)
		http://svnbook.red-bean.com/


	Subversion home page
		http://subversion.apache.org/

-------------------------------------------------------------------------------
The End

Document Actions

Log in


Forgot your password?
« December 2017 »
December
MoTuWeThFrSaSu
123
45678910
11121314151617
18192021222324
25262728293031