Supporting Multiple Repository Access Methods
You’ve seen how a repository can be accessed in many different ways. But is it possible—or safe—for your repository to be accessed by multiple methods simultaneously? The answer is yes, provided you use a bit of foresight.
At any given time, these processes may require read and write access to your repository:
Regular system users using a Subversion client (as themselves) to access the repository directly via
file://
URLsRegular system users connecting to SSH-spawned private svnserve processes (running as themselves), which access the repository
An svnserve process—either a daemon or one launched by inetd—running as a particular fixed user
An Apache httpd process, running as a particular fixed user
The most common problem administrators run into is repository
ownership and permissions. Does every process (or user) in the preceding
list have the rights to read and write the repository’s underlying data
files? Assuming you have a Unix-like operating system, a straightforward
approach might be to place every potential repository user into a new
svn
group, and then make the repository
wholly owned by that group. But even that’s not enough, because a process
may write to the database files using an unfriendly umask—one that
prevents access by other users.
So, the next step beyond setting up a common group for repository users is to force every repository-accessing process to use a sane umask. For users accessing the repository directly, you can ...
Get Version Control with Subversion, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.