From 42c74de9dab4b2f380eaecd8f1a5304ff3661c0d Mon Sep 17 00:00:00 2001 From: DJ Lucas Date: Sun, 18 Jul 2004 18:31:59 +0000 Subject: [PATCH] added svnserver instructions git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@2474 af4574ff-66df-0310-9fd7-8a98e5e911e0 --- basicnet/netprogs/subversion.xml | 4 +- general.ent | 2 +- introduction/welcome/changelog.xml | 3 + server/other/svnserver.xml | 191 ++++++++++++++++++++++++++++- 4 files changed, 197 insertions(+), 3 deletions(-) diff --git a/basicnet/netprogs/subversion.xml b/basicnet/netprogs/subversion.xml index 8c47b7e467..2b9b21883c 100644 --- a/basicnet/netprogs/subversion.xml +++ b/basicnet/netprogs/subversion.xml @@ -43,14 +43,16 @@ a repository is covered at . Optional (cleint and server) , +, and or Optional (server only) +inetd or , , -, , +, SWIG and neon diff --git a/general.ent b/general.ent index 28edda8f07..24206dd2a9 100644 --- a/general.ent +++ b/general.ent @@ -1,4 +1,4 @@ - + diff --git a/introduction/welcome/changelog.xml b/introduction/welcome/changelog.xml index 00ba36a2c8..ec2e0925cd 100644 --- a/introduction/welcome/changelog.xml +++ b/introduction/welcome/changelog.xml @@ -18,6 +18,9 @@ who wrote what. +July 18th, 2004 [dj]: Added svn server +instructions + July 15th, 2004 [igor]: Updated to Firefox-0.9.2, Apache-2.0.50 and PostgreSQL-7.4.3. diff --git a/server/other/svnserver.xml b/server/other/svnserver.xml index ef3b96f5ab..3a6a2b50e5 100644 --- a/server/other/svnserver.xml +++ b/server/other/svnserver.xml @@ -12,8 +12,197 @@ Running a Subversion Server +This section will describe how to set up, administer and secure +a Subversion server. Since +Subversion is intended to replace +CVS, it may surprise you how very different the setup +of a Subversion repository is compared to a +CVS repository. -To be done... +<application>Subversion server</application> dependencies +Required + and + + + + + +Setting up a <application>Subversion</application> server. + +A Subversion server will be set up using +OpenSSH as the remote access method. + +Configuration of the Subversion server +consists of the following steps: + +1. Setup users, groups, and permissions +You'll need to be user root for the initial portion of +configuration. Create the svn user and group with the following +commands: + +groupadd svn && +useradd -c "SVN Owner" -d /home/svn -m -g svn -s /bin/false svn + +If you plan to have multiple repositories, you should have a +group dedicated to each repository for ease of administration. Create +the svntest group for our test repository and add the svn user to that +group with the following commands: + +groupadd svntest && +usermod -G svntest svn + +Additionally you should set umask '002' while working with a +repository so that all new files will be writable by owner and group. +We'll make this mandatory by writing a wrapper script for +svn and svnserve: + +mv /usr/bin/svn /usr/bin/svn.orig && +mv /usr/bin/svnserve /usr/bin/svnserve.orig && +cat >> /usr/bin/svn << "EOF" && +#!/bin/sh +umask 002 +/usr/bin/svn.orig "$@" +EOF +cat >> /usr/bin/svnserve << "EOF" && +#!/bin/sh +umask 002 +/usr/bin/svnserve.orig "$@" +EOF +chmod 0755 /usr/bin/svn{,serve} + +If you use apache for working with +the repository over the web, even for anonymous access, you should wrap +apache in a similar script. + + + +2. Create a <application>Subversion</application> +repository. +Create a new Subversion repository with +the following commands: +install -d -m0755 /srv && +install -d -m0755 -o svn -g svn /srv/svn/repositories && +svnadmin create /srv/svn/repositories/svntest + +Now that the repository is created, we need to populate it with +something useful. You'll need to have a predefined directory layout +setup exactly as you want your repository to look. For example, here +is a sample BLFS layout setup with a root of svntest/. +You'll need to setup a directory tree similar to the following: + + svntest/ # The name of the repository + trunk/ # Contains the existing source tree + BOOK/ + bootscripts/ + edguide/ + patches/ + scripts/ + branches/ # Needed for additional branches + tags/ # Needed for tagging release points + +Once you've created your directory layout as above, you are ready to +do the initial import: + +svn import -m "Initial import." \ + [/path/to/source/tree] \ + file:///srv/svn/repositories/svntest + +Now go ahead and change owner and group information on the +repository, add your normal user to the svn and svntest groups: + +chown -R svn:svntest /srv/svn/repositories/svntest && +chmod -R g+w /srv/svn/repositories/svntest && +chmod g+s /srv/svn/repositories/svntest/db && +usermod -G svn,svntest,[insert existing groups] [username] + +svntest is the group assigned to the svntest repository. As +mentioned earlier, this eases administration of multiple repositories. +Going forward, you'll need to add your regular user, and any additional +users that you wish to have write access to the repository, to the svn and +svntest groups. + +In addition, you'll notice that the new repository's +db directory is set-groupID. If the reasoning is +not immediately obvious, when using any external authentication method +(such as ssh), the sticky bit is set so that all new files will be owned +by the user, but group of svntest. Anyone in the svntest group can +create files, but still give the entire group write access to those +files. This avoids locking out other users from the repository. + +Now, go ahead and return to your normal user account, and take a look at +your new repository using svnlook: + +svnlook tree /srv/svn/repositories/svntest/ + +You may need to logout and back in again to refresh your group +memberships. 'su [username]' should work +around this as well. + + + +3. Configure the server + +These instructions will configure the server to use only ssh +for write permission, and provide anonymous read-only permission. There +are several other ways to provide access to the repository. These +additional configurations are best explained at +. + +Access configuration needs to be done for each repository. Create +the svnserve.conf file for the svntest repository +using the following commands: + +cp /srv/svn/repositories/svntest/conf/svnserve.conf \ + /srv/svn/repositories/svntest/conf/svnserve.conf.default && +cat > /srv/svn/repositories/svntest/conf/svnserve.conf << "EOF" +[general] +anon-access = read +auth-access = write +EOF + +There is not a lot to the configuration file at all. You'll notice +that only the general section is required. Take a look at the +svnserve.conf.default for information on using +svnserve's built-in authentication method. + + + +4. Starting the server +There are a couple of ways to start svnserve. The +most common way is to start it as an inetd or +xinetd process. Alternately, you can use a +bootscript to start the service at startup. + +If you use inetd, add a line to your +/etc/inetd.conf using the following commands: + +cat >> /etc/inetd.conf << "EOF" +svn stream tcp nowait svn /usr/bin/svnserve svnserve -i +EOF + +If you use xinetd, add the following +lines to /etc/xinetd.conf file: + +cat >> /etc/xinetd.conf << "EOF" +service svn +{ + port = 3690 + socket_type = stream + protocol = tcp + wait = no + user = svn + server = /usr/bin/svnserve + server_args = -i -r /srv/svn/repositories +} +EOF + +Finally, if you wish to simply start the sever in daemon mode at +startup, install the svn bootscript included in the + package. + +make install-svn + +