views:

37

answers:

2

How should I administrate users and groups with the repositories?

Until now users can access the server repositories through http. The tag configuration it inside /etc/apache2/mods-available/dav_svn.conf

<Location /srv/svn/>
DAV svn
SVNPath /srv/svn/projecX
#SVNParentPath /srv/svn #if I have more the one repository inside the folder
AuthType Basic
AuthName ”ProjectX”
AuthUserFile /etc/subversion/passwd
Require valid-user
</Location>

My doubts:

  1. For each repository should I have a passwd file containing all users and pass?
  2. When is more appropriated to use SVNPath or SVNParentPath ?
  3. How do I manage groups? Until know I know how to work with individuals but not with groups in a more optimized way.
  4. (EDIT) Users and Group repositories control should be always made through apache2 ?

I'm using Ubuntu server edition for the server repositories. Thanks for the attention3.

+1  A: 

You can manage groups and group access to paths in the repository in the auth file. You can share the passwd file between repositories by creating a symlink. Usually in an entreprise context an ActiveDirectory or alike would be better but rather tedious to bind into svn. We do the authentication at Apache level (mod_ldap/mod_svn_ldap) and the rights checks in svn with a global auth file (to ease group definition and reuse). Setting up LDAP is not much of fun thought...

jdehaan
Using a DBMS would be better?
PLS
the local authentication with passwd file is easy but if your staff is not stable, then you'll have to update this often, what is rather dull work...
jdehaan
A: 

*authz_svn* allows directory level user & group authentication. Integrates well with websvn. Here is one of the many tutorials on the web about how to setup authz_svn.

zellus
Thanks, I'm taking a look at it. What about using a DBMS?
PLS
LDAP, single sign on might be interesting.
zellus