SVN authentication using SASL

will be posted very soon

SVN and its authentication

After setting up SVN repository, the task of administrator is to give different permission and access to the different users on the basis of requirement. Before providing the permission to the users, we need to think about the repository structure. Since there is no concrete architecture of the repository, administrator can little bit think about it seeing the projects type, number of people involved in it, number of projects in a repository and etc.

Firstly,I will be taking about the configuration of svnserve for giving light(unencrypted) authentication mechanisms.Encrypted authentication is explained here. Svnserve is simple in configuration and useful for the repository used by small number of people and the people who are sharing it are not beyond the local network.

For configuring svnserve, there is directory in the repository named /conf. This directory contains three files named authz, passwd, snvserve.conf.Configuration of these files can give permission but username and password will be plaintext.

In general, the filename named svnserve.conf can be edited as follows.

[general]

non-access = none

auth-access = write

password-db = passwd

authz-db = authz

relam = firstrepo

There is one more section [sasl] in this configuration file. This file is not configured for unencrypted connection.

Now, in [users] section of passwd file , username and password is added. It is added as:

abc = abc123,

left hand is username and right hand side is password. In each line, one username and password is kept.

And, authz file is configured for giving per-directory permission.Taking into the account of the following architecture of the repository, the per-directory premission to the following users of the passwd file is given as an example.

In the [passwd] section of the psswd file following users and their password are added as:

[passwd]

buda = buda123

asur = asur123

charlie = charlie123

The architecture of the repository is:

outer/outer1/inner1

outer/outer2/inner2

Among the above added user, buda is the administrator. He has full read and write control over the repository. And asur and charlie can read whole repository but asur can write /inner1 and charlie can write /inner2 only.And all the other can't neither read nor write.For achieving this we can configure authzfile as follows:

[authz]

[/]

buda = rw

asur = r

charlie = r

*=

[repository:/outer/outer1/inner1]

asur = rw

[repository:/outer/outer2/inner2]

charlie = rw

SVN and its configuration

Subversion is a free/open source version control system. That is, Subversion manages files and directories, and the changes made to them, over time. This allows us to recover older versions of our data or examine the history of how our data changed. Thus this can be regarded as "time machine"

I have configured svn server for the people of an organization giving SASL authetication and per-directory authorization. Here are the steps and solution to possible problems. First, i am going to revise some of the important svn command for Linux(Debian).

First of all we need to install a package named subversion from package manger.

sudo apt-get install subversion

After successful installation of the software, we can easily create the repository.

svnadmin create /path/to/repository creates the repository

Once repository is created, some of the files will be added in the location of the repository.Three sub-directories that will be available are /conf, /db, /hooks, /lock. The use of these sub-directories will be explained later.

After creating the repository we need to import the data in the repository.For importing data,create the directory to which needs to be imported. The following command imports the data into the repository

cd /path/to/import/directory

svn import file://localhost/path/to/repository --message "some additional information"

The above command is for the local system. If you need to import for repository which his in network, then following command works

svn import svn://host-address/path/to/repository --message "some additional information"

Once the data are imported, it gets stored in the /svn directory. Now, we need to get the working directory.For getting the working directory we can enter the following command.

First of all we need to create the working directory where we want to keep the working copy.

mkdir /path/to/working/directory

cd /path/to/working/directory

svn co file://localhost/path/to/repository

This is for the case when repository is in local system. And for the repository which is in network, the following is the command:

svn co svn://host-address/path/to/repository

Once the working copy we get, we can make changes on that copy and test it and if we really wants to make changes then we can commit it. Committing makes changes to the repository file too. We should not have a misunderstanding that it will make change into the original repository file. The changes will be made to the files which will later be released as new version.Committing can be done as using the following command sitting in the working directory.

svn commit