Configure Subversion with Apache and Security in 5 Easy StepsPosted on January 19th, 2012 No comments
I’ve been running WampServer for years on my trusty Dell XPS running Windows XP Pro. A while back I installed Subversion and got it working with mod_dav and authz_svn to serve multiple repositories, each with their own user and group permissions. It was tricky to set up and there are some finer points that most documentation I read doesn’t address. I followed a few different web resources like this great beginners guide, but ultimately it boils down to the 5 simple steps below.
Just recently I needed to add a new repository. I thought I had done everything right, but when I went to use it for the first time, I got the following errors:
D:\svn\repos>svn mkdir http://localhost:8080/svn/myproject/trunk -m "Trunk" svn: OPTIONS of 'http://localhost:8080/svn/myproject': 200 OK (http://localhost:8080)
D:\svn\repos>svn ls http://localhost:8080/svn/myproject/trunk svn: URL 'http://localhost:8080/svn/myproject/trunk' non-existent in that revision
D:\svn\repos>svn ls http://localhost:8080/svn/myproject svn: Could not open the requested SVN filesystem
If you are getting any of these common errors, this post is for you.
When using svn over http, you have to use Apache’s configuration files to control access to each repository separately. Start by installing Apache, Subversion, and then referencing these three modules in your httpd.conf as follows:
LoadModule dav_module modules/mod_dav.so LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so
Now we’re ready to begin.
1) Add the repository:
#> svnadmin create D:\svn\repos\myproject
*(On Unix systems, chown -R myproject so it is writable by the user Apache runs as)*
2) Edit your httpd.conf (or extras/httpd-vhosts.conf) adding something like this:
<Location /svn/myproject> DAV svn SVNPath d:/svn/repos/myproject AuthType Basic AuthName "My Project SVN Repo" AuthUserFile c:/etc/svn-auth-file Require valid-user AuthzSVNAccessFile c:/etc/svn-acl </Location>
3) Add the project to your svn auth file at c:/etc/svn-acl (it’s referenced in the Location directive in your Apache config.)
[groups] yourgroupname = yourusername, user_b, user_c
[myproject:/] yourusername = rw @yourgroupname = rw
This is what tells Apache which users and groups are allowed to access the path(s) in your repository.
4) Give yourusername an htpasswd (and user_b and user_c)
cd c:/etc/ htpasswd -c svn-auth-file yourusername
*(If that file already exists, omit the -c option)*
5) Finally, restart Apache
httpd -k restart
Then you’re ready to create trunk
#> svn mkdir http://localhost:8080/svn/myproject/trunk -m "Adding trunk" Committed revision 1.
I got the errors shown above when forgetting step one or more of these steps.
Leave a reply