This wiki document explains how to setup Subversion alias SVN on Ubuntu. The intended audience is experienced Linux users and system administrators.
Introduction
If you are new to Subversion, this section provides a quick introduction.
Subversion is an open source version control system. Using Subversion, you can record the history of source files and documents. It manages files and directories over time. A tree of files is placed into a central repository. The repository is much like an ordinary file server, except that it remembers every change ever made to files and directories.
Assumptions
It is assumed that you are aware of how to run Linux commands, edit files, start/stop services in an Ubuntu system. It is also assumed that Ubuntu is running, you have sudo access and you want to use Subversion software.
It is also assumed you have an internet connection.
Scope of this document
To make an SVN repository available to access using the HTTP protocol, you must install & configure web server. Apache 2 is proven to work with SVN. The installation of Apache 2 Webserver is beyond the scope of this document. (See ApacheHTTPserver.) However, the configuration of Apache 2 Webserver for SVN is covered in this document.
To access an SVN repository using HTTPS protocol, you must install & configure digital certificate in your Apache 2 web server. The installation and configuration of digital certificate is beyond the scope of this document. (See forum/server/apache2/SSL.)
Installation
Subversion is already in the main repository, so to install Subversion you can simply install the subversion package (see InstallingSoftware).
If it fails reporting dependencies, please locate the packages and install them. If it reports any other issues, please resolve them. If you cannot resolve the issue, please refer the mailing list archive of those packages.
Server Configuration
This step assumes you have installed above mentioned packages on your system. This section explains how to create SVN repository and access the project.
Create SVN Repository
There are several typical places to put a Subversion repository; most common places are: /srv/svn, /usr/local/svn and /home/svn. For clarity’s sake, we’ll assume we are putting the Subversion repository in /home/svn, and your project’s name is simply ‘myproject’
There are also several common ways to set permissions on your repository. However, this area is the most common source of errors in installation, so we will cover it thoroughly. Typically, you should choose to create a new group called ‘subversion’ that will own the repository directory. To do this (see [AddUsersHowto] for details):
- Choose System > Administration > Users and Groups from your Ubuntu menu.
- Click the ‘Manage Groups’ button.
- Click the ‘Add’ button.
- Name the group ‘subversion’
- Add yourself and www-data (the Apache user) as users to this group
- (Note: in order to see www-data you may need to see FixShowAllUsers)
- Click ‘OK’, then click ‘Close’ twice to commit your changes and exit the app.
You have to logout and login again before you are a member of the subversion group, and can do check ins.
Now issue the following commands:
$ sudo mkdir /home/svn $ cd /home/svn $ sudo mkdir myproject
The SVN repository can be created using the following command:
$ sudo svnadmin create /home/svn/myproject
And use the following commands to correct file permissions:
$ cd /home/svn $ sudo chown -R www-data:subversion myproject $ sudo chmod -R g+rws myproject
The last command sets gid for proper permissions on all new files added to your Subversion repository.
If you want to use WebDAV as an access method described below, repeat the chmod -R g+rws myproject command again. This is because svnadmin will create directories and files without group write access. This is no problem for read only access or using the custom svn protocol but when Apache tries to commit changes to the repository linux will deny it access. Also the owner and group are set as root. This can be changed by repeating the chown and chgrp commands listed above.
Access Methods
Subversion repositories can be accessed (checkout) through many different methods-on local disk, or through various network protocols. A repository location, however, is always a URL. The table describes how different URL schemas map to the available access methods.
Schema | Access Method |
file:/// | direct repository access (on local disk) |
http:// | Access via WebDAV protocol to Subversion-aware Apache 2 web server |
https:// | Same as http://, but with SSL encryption |
svn:// | Access via custom protocol to an svnserve server |
svn+ssh:// | Same as svn://, but through an SSH tunnel |
In this section, we will see how to configure SVN for all these access methods. Here, we cover the basics. For more advanced usage details, you are always recommended to refer the svn book.
Direct repository access (file://)
This is the simplest of all access methods. It does not require any SVN server process to be running. This access method is used to access SVN from the same machine. The syntax is as follows:
$ svn co file:///home/svn/myproject or $ svn co file://localhost/home/svn/myproject
NOTE: Please note, if you do not specify the hostname, you must use three forward slashes (///). If you specify the hostname, you must use two forward slashes (//).
The repository permission is dependant on filesystem permission. If the user has read/write permission, he can checkout/commit the changes to the repository. If you set permissions as above, you can give new users the ability to checkout/commit by simply adding them to the Subversion group you added above.
Access via WebDAV protocol (http://)
To access the SVN repository via WebDAV protocol, you must configure your Apache 2 web server.
First install the following package libapache2-svn (see InstallingSoftware).
NOTE: If you have already tried to install the “dav” modules manually, package installation may fail. Simply remove all files beginning with “dav” from the mods-enabled directory, then remove and install the package again. Let the package put files in the correct place, then edit your configuration.
You must add the following snippet in your /etc/apache2/mods-available/dav_svn.conf file:
<Location /svn/myproject> DAV svn SVNPath /home/svn/myproject AuthType Basic AuthName "myproject subversion repository" AuthUserFile /etc/subversion/passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location>
NOTE: The above configuration assumes that all Subversion repositories are available under /home/svn directory.
TIP: If you want the ability to browse all projects on this repository by going to the root url (http://www.serveraddress.com/svn) use the following in dav_svn.conf instead of the previous listing:
<Location /svn> DAV svn SVNParentPath /home/svn SVNListParentPath On AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/subversion/passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location>
NOTE: If a client tries to svn update which involves updating many files, the update request might result in an error Server sent unexpected return value (413 Request Entity Too Large) in response to REPORT request, because the size of the update request exceeds the limit allowed by the server. You can avoid this error by disabling the request size limit by adding the line LimitXMLRequestBody 0 between the <Location…> and </Location> lines.
NOTE: To limit any connection to the SVN-Server (private SVN), remove the lines <LimitExcept …> and </LimitExcept> (i.e. leave only the “Require valid-user” line).
Alternatively, you can allow svn access on a per-site basis. This is done by adding the previous snippet into the desired site configuration file located in /etc/apache2/sites-available/ directory.
Once you add the above lines, you must restart apache2 web server. To restart apache2 web server, you can run the following command:
sudo /etc/init.d/apache2 restart
Next, you must create /etc/subversion/passwd file. This file contains user authentication details.
If you have just installed SVN, the passwd file will not yet exist and needs to be created using the “-c” switch. Adding any users after that should be done without the “-c” switch to avoid overwriting the passwd file.
To add the first entry, ie.. to add the first user, you can run the following command:
sudo htpasswd -c /etc/subversion/passwd user_name
It prompts you to enter the password. Once you enter the password, the user is added.
To add more users after that, you can run the following command:
sudo htpasswd /etc/subversion/passwd second_user_name
If you are uncertain whether the passwd file exists, running the command below will tell you whether the file already exists:
cat /etc/subversion/passwd
Now, to access the repository you can run the following command:
$ svn co http://hostname/svn/myproject myproject --username user_name
It prompts you to enter the password. You must enter the password configured using htpasswd command. Once it is authenticated the project is checked out. If you encounter access denied, please remember to logout and login again for your memebership of the subversion user-group to take effect.
WARNING: The password is transmitted as plain text. If you are worried about password snooping, you are advised to use SSL encryption. For details, please refer next section.
Access via WebDAV protocol with SSL encryption (https://)
Accessing SVN repository via WebDAV protocol with SSL encryption (https://) is similar to http:// except you must install and configure the digital certificate in your Apache 2 web server.
You can install a digital certificate issued by Signing authority like Verisign. Alternatively, you can install your own self signed certificate.
This step assumes you have installed and configured digital certificate in your Apache 2 web server. Now to access SVN repository please refer the above section. You must use https:// to access the SVN repository.
Access via custom protocol (svn://)
Once the SVN repository is created, you can configure the access control. You can edit /home/svn/myproject/conf/svnserve.conf file to configure the access control.
NOTE: svnserve.conf is sensitive to whitespace, be sure not to leave any whitespace at the start of a line or it will not be able to read the file.
For example, to setup authentication you can uncomment the following lines in the configuration file:
# [general] # password-db = passwd
After uncommenting the above lines, you can maintain the user list in passwd file. So, edit the file passwd in the same directory and add new user. The syntax is as follows:
username = password
For more details, please refer the file.
Now, to access SVN via svn:// custom protocol either from the same machine or different machine, you can run svnserver using svnserve command. The syntax is as follows:
$ svnserve -d --foreground -r /home/svn # -d -- daemon mode # --foreground -- run in foreground (useful for debugging) # -r -- root of directory to serve For more usage details, please refer, $ svnserve --help
Once you run this command, SVN starts listening on default port (3690). To access the project repository, you must run the following command:
$ svn co svn://hostname/myproject myproject --username user_name
Based on server configuration, it prompts for password. Once it is authenticated, it checks out the code from SVN repository.
To synchronize the project repository with the local copy, you can run update sub-command. The syntax is as follows:
$ cd project_dir $ svn update
For more details about using each SVN sub-command, you can refer the manual. For example, to learn more about co (checkout) command, please run:
$ svn help co
Start svnserve at bootup
One can start the svnserve daemon at bootup using an initd script. Look at Micha? Wojciechowski Blog post for instructions and a good initd script for svnserve.
Start svnserve at bootup using xinetd
An alternative method to run svnserve at startup is to install xinetd, and then add the following line to /etc/xinetd.conf (replacing ‘svnowner’ and ‘/home/svn’ with appropriate values)
svn stream tcp nowait svnowner /usr/bin/svnserve svnserve -i -r /home/svn
Access via custom protocol with SSL encryption (svn+ssh://)
It is not necessary to run the SVN server (svnserve) in order to access SVN repositories on a remote machine using this method. However, it is assumed that the SSH server is running in the remote machine with the repository and it is allowing incoming connections. To confirm, please try to login to that machine using ssh. If you can login, then everything is perfect. If you cannot login, please address it before continuing further.
The svn+ssh:// protocol is used for accessing SVN repositories with SSL encryption for secure data transfer. To access a repository using this method, run the following command:
$ svn co svn+ssh://hostname/home/svn/myproject myproject --username user_name
NOTE: You must use full path (/home/svn/myproject) to access an SVN repository using this method.
Based on the SSH server configuration, it prompts for password. You must enter the password you use to login via ssh. Once it is authenticated, it checks out the code from SVN repository.
You can also refer the SVN book for details about the svn+ssh:// protocol.
References
Subversion (last edited 2012-03-18 07:20:28 by bradh)
Leave a Reply