Wednesday, October 9, 2013

SVN: ACL Configuration on Linux


Purpose

Restrict access to SVN contents

Configuration Files

/srv/svn/<repository name>/conf/authz  
/srv/svn/<repository name>/conf/svnserve.conf
/srv/svn/<repository name>/conf/svnpasswd
/etc/apache2/conf.d/subversion.conf

Users

Define users in /srv/svn/<repository name>/conf/svnpasswd
# cd /srv/svn/<repository name>/conf
# htpasswd2 -m svnpasswd svnadmin
New password:
Re-type new password:
Adding password for user svnadmin

Subversion Server

Add below entries in section [general]
anon-access = read
auth-access = write
password-db = svnpasswd
authz-db = authz

 ACL

Define group and access in
[groups]
svnadmins = svnadmin1, svnadmin2
developers =developer1, developer2
qas =qa1, qa2
[/]
*=r
@svnadmins = rw

[/trunk]
@svnadmins = rw
@developers = rw
@qas = r

Apache2

add below lines /etc/apache2/conf.d/subversion.conf
<Location /<repository name>>
        DAV svn
        SVNPath /srv/svn/<repository name>/
        # Limit write permission to list of valid users.
        <LimitExcept GET PROPFIND OPTIONS REPORT>
        AuthType Basic
        AuthName "Online"
        AuthUserFile /srv/svn/<repository name>/conf/svnpasswd
        AuthzSVNAccessFile /srv/svn/<repository name>/conf/authz
                Require valid-user
        </LimitExcept>
</Location>
Restart Apache2
# service apache2 restart



Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)