Basic SVN usage
follow-up for CVS, so for all your new projects you should use SubVersion
You can dowload a free SubVersion
book, as well as all SNV packages for different OSs > http://subversion.tigris.org/∞
For a list of repositories, see SoftwareRepositories
Create repository directory on server (by administrator)
Fill repository with inital files (by administrator)
1. host-A$ svnadmin create /path/to/repository
chmod www-data:www-data /path/to/repository
First download of files in repository (by editor; this will create a folder called "project-dir" on your local disk)
2. host-B$ svn import project-dir https://host-A/path/to/repository
subsequent downloads of files in repository (by editor); first cd to the project directory
3. host-C$ svn checkout https://host-A/path/to/repository project-dir
upload of changes you made to the repository (by editor)
4. host-C$ svn update (in project-directory)
other svn commands you like to perform
5. host-C$ svn commit (ditto)
6. host-C$ svn any-svn-command (ditto)
(This example uses https, but it works similarly for http
and svn over ssh: svn+ssh
Notes: once created (first step), your subversion repository is accessible from any host, using the svn+ssh://host/path/to/repository
URL to indicate its location. You can add projects (step 2) to your repository from any host, and you can check out your project on any host (step 3). In your project directory, you can then do anything you want, and update, commit, diff
(etc.) away to your heartís content (steps 4, 5, 6). Always remember, svn help
is your friend.
We found out the hard way that repository management for multiple users is best done using Apache2
. (You can use svnserve
over SSH, but all users have to have a umask of 002, or use a dedicated user, in which case all logging of who did what is lost).
So below is a short overview of how to enable svn over https:
1) Create a (self-signed) certificate for Apache and enable SSL. (See Apache Docs∞
2) Install mod_dav_svn
3) Configure Apache2
- First enable the mod_dav_svn module by linking to /etc/apache2/mods-available/dav_svn.load in /etc/apache2/mods-enabled
- Link to or create a file name /etc/apache2/mods-enabled/mod_dav_svn.conf
- Enter the following in the configuration file:
AuthName "Subversion Repository"
- Add users using the following command:
htpasswd2 /etc/apache2/dav_svn.passwd username
For more information about this procedure, see the relevant chapter∞
in the online SVN Book∞
Configuration file comments
The configuration file for Apache is not long, but I'll walk through the details here.
- <Location /svn>
- The server is located at http://hostname
- DAV svn
- This is an svn
- SVNParentPath /repo/path
- This specifies where the repository can be found. Because we use SVNParentPath
instead of SVNPath
, we don't point directly to the repository, but rather to a director. This directly enables repositories located beneath that directory.
- Require SSL for all connections to the repository.
- AuthType Basic
- Plain htpassword username/password authentication
- AuthName "Subversion Repository"
- The name that is given when asking for username/password.
- AuthUserFile /etc/apache2/dav_svn.passwd
- Where the htpasswd username/password should be looked up.
- Require valid-user
- This requires that for everything you have to login. More finegrained access control is possible (anonymous reading, directory ACLs, etc.), all covered in the online SVN Book∞
We have also implemented access control for repositories. Adding this to the setup requires the following (minor) changes:
1) Add the following line to /etc/apache2/mods-enabled/dav_svn.conf
2) Create the file /etc/apache2/dav_svn.acl
. Simple example is below:
# Blanket read access (default is to deny everything)
* = r
# Some example groups
calc-developers = harry, sally, joe
paint-developers = frank, sally, jane
everyone = harry, sally, joe, frank, sally, jane
# For the repository "calc" we only allow write access for the group "calc-developers"
# in the directory "/projects/calc" (within that repository).
@calc-developers = rw
# Similar to above, but this also shows an extra restriction for jane.
# She can only read, despite the group setting for 'rw'
@paint-developers = rw
jane = r
3) And off you go! There is no need to restart apache, the files are automatically read every time the repository is accessed, so changes take effect immediately.