user:svn_on_a_nethserver

SVN on a Nethserver

Preface

This Article is intended to be read by user wich are familiar with the HTTP-Server Apache

Diclaimer of Warranty

THERE IS NO WARRANTY FOR THE DOCUMENT, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE DOCUMENT “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE DOCUMENT PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

Limitation of Liability

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE DOCUMENT AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE DOCUMENT (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE DOCUMENT TO OPERATE WITH ANY OTHER DOCUMENTS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

System Preferences

The used Nethserver version for this installation was the nethserver 7.5.1804. It is not required but recommended to update and reboot the system: 

sudo yum update 
shutdown -r now

Installation SVN-Components

In general the installation of an Apache HTTP-Server will be performed first on the nethserver this component is already installed so this step can be skipped.

To install all necessary components for the Subversion-system: 

sudo yum install subversion mod_dav_svn

Thats it ! After this we have to do some configuration work.

Configuration of Components

Apache Configuration File

After the installation of the SVN-Components the configuration file for the subversion modules are located at /etc/httpd/conf.modules.d/10-subversion.conf In this file we have to add the following segment: 

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so
LoadModule dontdothat_module  modules/mod_dontdothat.so

<Location /svn>
	DAV svn
	SVNParentPath /data/svn
	AuthName "SVN Repository"
	AuthType Basic
	AuthUserFile /etc/svn/svn-auth
	AuthzSVNAccessFile /data/svn/authz
	Require valid-user
</Location>

The Location Node configures the Apache-Server to redirect all Requests to the /svn/ folder to the DAV-handler with a project folder that is located in /data/svn
For example if somebody would like to get access to the repositoriy java-projects the request http://your-server-name/svn/java-projects/ will access the directory /data/svn/java-projects

If not explicitly configured the access to any repository is granted to any user that wishes to have it. To restrict the access to the repositories the normal apache-httpd authentications can be used . 

AuthName "SVN Repository"
AuthType Basic
AuthUserFile /etc/svn/svn-auth

In this configuration the “Basic” Authentication is used with the users specified in the file /etc/svn/svn-auth.
This file is a standard apache configuration file that can be modified by htpasswd. For the first creation of the user-configuration: 

sudo mkdir /etc/svn/
sudo htpasswd -cm /etc/svn/svn-auth silver
sudo chown root:apache /etc/svn/svn-auth

If some new user should be added the following command must be used : 

sudo htpasswd -m /etc/svn/svn-auth arthur
sudo htpasswd -m /etc/svn/svn-auth ford

Otherwise all users specified before in the file are gone !

Manage Repositories

After we have specified the users for the access we can now add a repository to our file system: 

sudo mkdir -p /data/svn/
cd /data/svn/
svnadmin create java_projects
sudo chown -R apache.apache java_projects

Now we have to specify which users can access the create repository for this purpose we copy a sample configuration file to the appropriate position (This was created by the svnadmin-command): 

sudo cp /data/svn/java_projects/conf/authz /data/svn/authz

This file is editable by a editor of your choice(e.g. vi). An example is shown in the listing below: 

### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
###  - a single user,
###  - a group of users defined in a special [groups] section,
###  - an alias defined in a special [aliases] section,
###  - all authenticated users, using the '$authenticated' token,
###  - only anonymous users, using the '$anonymous' token,
###  - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').

[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average

[groups]
admin=silver
test1=arthur, ford
user=silver,ford

[/]
@admin=rw

[java_projects:/]
@test1=r
@user=rw

[test1:/]
@test1=rw
@user=r

In the groups section are usergroups defined which can be used to combine users to access-groups. In the above example two groups are defined admin, test1 This groups can be granted access rights on each specific repository in the above example the group test1 has write access to repository test1 but in repository java_projects the group test1 has only read-access.

References

CentOS-HowTo-Subversion
How to Setup an Apache Subversion (SVN) Server on CentOS 7
httpd, the Apache HTTP Server - Chapter 6. Server Configuration
Apache Module mod_authn_core

  • user/svn_on_a_nethserver.txt
  • Last modified: 2018/11/26 20:03
  • by Björn