Introduction to svnserve
Following on from the Introduction to Subversion article, we'll now look at svnserve (subversion's built in server).
Svnserve allows you to access your project from remote machines. Concentrating on configuration and basic setup, this article introduces this often overlooked programme.
To check out 'project1' from a remote repository is very easy - it is usual to have the repository in a slice or other server and to work on the project (in this case project1) from a local machine such as your main workstation at home or work.
starting svnserve
We start the process by logging onto your repository Slice and starting svnserve. When issuing the svnserve command include the full path to your repository:
svnserve -d -r /home/demo/repositoryShort and sweet. Now we have svnserve allowing remote access to our repository on the default port of 3690.
iptables
If you have an iptables setup or other firewall, don't forget to allow connections to port 3690. This can be achieved by opening the iptables test file:
sudo nano /etc/iptables.test.rulesand adding this line before any final LOG & REJECT rules:
# Allows svnserve connections from anywhere
-A INPUT -p tcp --dport 3690 -j ACCEPTTemporarily give yourself root access:
sudo -iand activate the changes:
iptables-restore < /etc/iptables.test.rulesA quick check of the rules will show this extra line:
iptables -L
...
ACCEPT tcp -- anywhere anywhere tcp dpt:svnOnce happy, save the changes and exit out of the root access:
iptables-save > /etc/iptables.up.rules
...
exitcheck out
Let's test it by checking out project1 (remember the IP address is for the slice containing the subversion repository:
svn co svn://123.45.67.890/project1
That was quick and easy to do.
svnserve permissions
We now have access to project1 which is great but try committing any changes and you will get an 'svn: Authorization failed' error.
Although good (we don't want everyone submitting changes to project1), we need read and write permissions to the repository.
svnserve has a very simple configuration file. Open it up (on the slice hosting the repository):
nano /home/demo/repository/conf/svnserve.confThe first thing you will notice is that everything is commented out. Let's delete all of that and start a simple configuration of our own.
# svnserve configuration
[general]
password-db = /home/demo/repository/conf/passwd
anon-access = read
auth-access = write
realm = Project1I think the options are fairly self explanatory but do note that if you didn't want general access to the repository (i.e. it's not available to the public) you would change anon-access to:
anon-access = noneNext open the passwd file (again, on the remote repository slice):
nano /home/demo/repository/conf/passwdEnter authorised users along with their passwords:
[users]
project1admin = mypasswordremote commit
Let's make a small change to the project on our local workstation and, now that the permissions have been set on the remote repository, commit them:
mkdir goodbye
svn add goodbye
...
svn commit -m "Added goodbye folder" --username project1adminEnter the password we set earlier and this is the result:
svn commit -m "Added goodbye folder" --username project1admin
Authentication realm: <svn://123.45.67.890:3690> Project1
Password for 'project1admin':
Adding trunk/goodbye
Committed revision 4.
svnserve options
For more svnserve options, enter:
svnserve --helpNotice you can configure which port svnserve uses:
svnserve -d -r --listen-port 2122 /home/demo/repositoryOr to respond to a single IP address only (my workstation IP for example):
svnserve -d -r --listen-host 123.45.67.890 /home/demo/repositoryNaturally that would only work if I had a static ip address.
autostarting svnserve
To make svnserve start on a reboot add the following to your crontab:
crontab -e
@reboot svnserve -d -r /home/demo/repositorysecurity
I am sure you will have noted that the connection to the subversion repository doesn't seem very secure.
That's because it's not :)
We'll fix that in the next article by using the SSH protocol to connect to the repository.
PickledOnion.
Article Comments:
Daniel Lucraft commented Fri Sep 07 11:13:04 UTC 2007 ago:
Another great article!
I have a small suggestion: change
to
On the other hand, you can argue that I now know more about iptables config and error logging than I did before ;-).
Daniel Lucraft commented Fri Sep 07 11:14:21 UTC 2007 ago:
Markdown interpreted the comment symbol as "make this ludicrously big" in that last post. Hope it's still decipherable.
PickledOnion commented Fri Sep 07 11:37:58 UTC 2007 ago:
Wow, that was big. Hope you don't mind but I changed it :)
Markdown interpreted the hash as an h1.
Anyway, thanks for the comment and good call.
PickledOnion.
Alexander Pranko commented Fri Dec 21 17:41:42 UTC 2007 ago:
First of all many thanks to PickledOnion for the incredibly valuable and understandable articles. You can imagine how many m/h he saved for the users all over the world. It also looks like everyone likes SliceHost service and their philosophy. Me too :). Thank you, guys! It's really cool!
It looks like there is a typing error in the command lines for starting svnserve on a specific host and port. '-r' parameter should come right before the repository folder:
svnserve -d --listen-host 123.45.67.890 -r /home/demo/repository
svnserve -d --listen-port 2122 -r /home/demo/repository
Alex Sharp commented Sun Feb 24 23:35:43 UTC 2008 ago:
First, thanks for all your helpful articles. When I created my repository, my svnserve.conf and passwd files were in /home/demo/repository/[project_name]/conf/. The directory you specified did not exist. Was I supposed to create this directory/files, or is it not that big of a deal?