SVN access manager

To use SVN Access Manager you need at least:

a working subversion installation
a MySQL Database, version 4 or higher, a PostgreSQL 8 or higher database or an Oracle 10g or higher database
an Apache web server, version 2.0 or higher with DAV, mod_authz and SVN support
PHP version 5.2 or higher with working oci8 support if using Oracle database

To use SVN Access Manager you need at least:
a working subversion installation
a MySQL Database, version 4 or higher, a PostgreSQL 8 or higher database or an Oracle 10g or higher database
an Apache web server, version 2.0 or higher with DAV, mod_authz and SVN support
PHP version 5.2 or higher with working oci8 support if using Oracle database

Go to a directory where the software can be accessed by your Apache web server. Unpack the archive. For our example do the following:
http://sourceforge.net/projects/svn-access-mana/files/
# mkdir /etc/svn
# mkdir /etc/svn-access-manager
# mkdir /usr/share/svn-access-manager
# chown apache:apache /etc/svn /etc/svn-access-manager
# cd /usr/share/svn-access-manager
# tar -xvfz svnaccessmanager-0.5.0.0.tar.gz

2.2.3 Setup a MySQL database and a database user

You need a database for SVN Access Manager and an user with full access to this database. To create the database do the following as root user of your MySQL database:

CREATE DATABASE svnadmin;
To create a user having access to this database do the following as root user of your MySQL database:

CREATE USER 'svnadmin'@ 'localhost' IDENTIFIED BY '*******';

GRANT USAGE ON * . * TO 'svnadmin'@ 'localhost' IDENTIFIED BY '*******'
WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0
MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;

GRANT ALL PRIVILEGES ON `svnadmin` . * TO 'svnadmin'@ 'localhost';
After finishing the database work continue with installing SVN Access Manager.

If you get an error "No database selected" during installation check if the database user has sufficient rights to access and to work with the database!

SVN-Subversion installation and configuration

 

Installing SVN

yum install mod_dav_svn subversion
Add it in httpd conf or in httpd/conf.d/subversion.conf

LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

<Location /svn>
DAV svn
SVNParentPath /var/www/svn
AuthType Basic
AuthName "Subversion repositories"
AuthUserFile /etc/svn-auth-users
Require valid-user
</Location>

Creating User for accessing the SVN

htpasswd -cm /etc/svn-auth-users user1
New password:
Re-type new password:
Adding password for user user1

## Create user2 ##
htpasswd -m /etc/svn-auth-users user2
New password:
Re-type new password:
Adding password for user user2

Creating the directories and correcting permissions

mkdir /var/www/svn
cd /var/www/svn

Creating repositories

svnadmin create testrepo
chown -R apache.apache testrepo


## If you have SELinux enabled (you can check it with "sestatus" command) ##
## then change SELinux security context with chcon command ##

chcon -R -t httpd_sys_content_t /var/www/svn/testrepo

## Following enables commits over http ##
chcon -R -t httpd_sys_rw_content_t /var/www/svn/testrepo

or else disable the selinux
setenforce 0
Restart the service

systemctl restart httpd.service
## OR ##
service httpd restart

## CentOS / RHEL ##
/etc/init.d/httpd restart
## OR ##
service httpd restart

 

Linux Acl in detail

Let's assume we have /dev/sda1 mounted on /data1 and we want to enable the acl option.

[root@server ~]# tune2fs -l /dev/sda1
To enable ACLs on a filesystem, we must set the fs default and remount:
[root@server ~]# tune2fs -o acl /dev/sda1
[root@server ~]# mount -o remount,acl /data1
Use getfacl to view ACLs:

[root@server ~]# touch /data1/foo.txt
[root@server ~]# getfacl /data1/foo.txt
getfacl: Removing leading '/' from absolute path names
# file: data1/foo.txt
# owner: root
# group: root
user::rw-
group::r--
other::r--
Use setfacl to set ACLs, with -m to modify and -x to remove a given ACL.
give user ram read+write+execute on a file:

[root@server ~]# setfacl -m u:ram:rwx /data1/foo.txt
give group peeps read+write on a file:
[root@server ~]# setfacl -m g:peeps:rw /data1/foo.txt
remove ram's ACL permissions:
[root@server ~]# setfacl -x u:ram /data1/foo.txt
set the default ACL permissions on a directory:
[root@server ~]# setfacl -m d:g:peeps:rw /data1/stuff/
revoke write permission for everyone:
[root@server ~]# setfacl -m m::rx /data1/foo.txt
When ACLs are present, an ls -l will show a plus sign to notify you:

[root@server ~]# ls -l /data1/foo.txt
-rw-rwxr--+ 1 root root 0 Dec 3 14:54 /data1/foo.txt
Note that the mv and cp -p commands will preserve ACLs. If you have defaults set on a parent directory, new files in that directory will inherit those settings.
If you want to remove all ACLs, reverting back to the base unix permissions of owner, group and other:

[root@server ~]# setfacl --remove-all /data1/foo.txt