SVN and its authentication

After setting up SVN repository, the task of administrator is to give different permission and access to the different users on the basis of requirement. Before providing the permission to the users, we need to think about the repository structure. Since there is no concrete architecture of the repository, administrator can little bit think about it seeing the projects type, number of people involved in it, number of projects in a repository and etc.

Firstly,I will be taking about the configuration of svnserve for giving light(unencrypted) authentication mechanisms.Encrypted authentication is explained here. Svnserve is simple in configuration and useful for the repository used by small number of people and the people who are sharing it are not beyond the local network.

For configuring svnserve, there is directory in the repository named /conf. This directory contains three files named authz, passwd, snvserve.conf.Configuration of these files can give permission but username and password will be plaintext.

In general, the filename named svnserve.conf can be edited as follows.

[general]

non-access = none

auth-access = write

password-db = passwd

authz-db = authz

relam = firstrepo

There is one more section [sasl] in this configuration file. This file is not configured for unencrypted connection.

Now, in [users] section of passwd file , username and password is added. It is added as:

abc = abc123,

left hand is username and right hand side is password. In each line, one username and password is kept.

And, authz file is configured for giving per-directory permission.Taking into the account of the following architecture of the repository, the per-directory premission to the following users of the passwd file is given as an example.

In the [passwd] section of the psswd file following users and their password are added as:

[passwd]

buda = buda123

asur = asur123

charlie = charlie123

The architecture of the repository is:

outer/outer1/inner1

outer/outer2/inner2

Among the above added user, buda is the administrator. He has full read and write control over the repository. And asur and charlie can read whole repository but asur can write /inner1 and charlie can write /inner2 only.And all the other can't neither read nor write.For achieving this we can configure authzfile as follows:

[authz]

[/]

buda = rw

asur = r

charlie = r

*=

[repository:/outer/outer1/inner1]

asur = rw

[repository:/outer/outer2/inner2]

charlie = rw