Howto: SVN+SSH with multiple users and password less logins (Part 1)
Here at the Juvely blog we are not just going to document what we have done, we are also going to share our experiences and explain how to do things to other people. I am going to start this off by showing you how I set up our Subversion repository to allow SVN+SSH access for multiple users and password less logins.
Here is what I am going to go cover:
- Setting up the repository
- How to setup multiuser access
- How to configure the command line SVN client
- And in the next two articles, how to setup graphical clients under OS X and Windows and password-less logins
The process may sound daunting but it is rather simple once you know how. I have spend hours searching the web to find out why it wasn’t working and haven’t found a tutorial which
easily covers all of this, so here goes.
Setting up the repository
In order to allow multiple access to the repository you will need an SSH account for each user. So that they all have access to the repository they will need to be in the same group and permissions on the repository will need to allow read/write access to group members.
$ svnadmin create --fs-type fsfs [your-repo]
$ chown -R :[your-group] [your-repo]
$ chmod -R 775 [your-repo]
This will first create an SVN repository for you, named [your-repo]. Then set all the files in this so they are owned by [your-group], and then finally change the permissions so that the owner and group members have read, write and execute permissions on the repository. Other users will have read and execute permissions.
Setting up users
In order to allow multiple users to access the repository, each user will require an SSH account. You will need to set the file creation mask for each of these users so that all the new files they create will have the same permissions. The easiest way to do this is to get them to SSH into the server and put umask 002 into their ~/.bash_profile (or equivalent for whatever shell you are using).
$ echo "umask 002" >> ~/.bash_profile
Setting up command line SVN access
Now, if everything is working correctly you should be able to use the command line SVN client to connect to the repository. Lets start off by importing some stuff:
$ svn import trunk svn+ssh://[your-username]@[your-domain]/[path-to-repo]/ -m "Initial import"
Password:
Password:
Password:
Adding trunk/file
Committed revision 1.
This command will import a folder, and contents, called trunk with the message Initial import!
The username and domain should be easy as it is the same settings as are used for SSH. The path to the repository is the full path including the name of the repository you created way-back in the first command.
You will probably be prompted for your password several times, and then you will see a list of files that are being added. If you want to check that everything went ok you can get SVN to list the contents of the repository:
$ svn ls svn+ssh://[your-username]@[your-domain]/[path-to-repo]/
file
If you get a command saying that no repository was found make sure that you have the correct full path to the repository.
Well, that about sums it up for this tutorial! In the next tutorial I will describe howto setup public-private key authentication and then use an agent program to keep hold of this key so you don’t have to keep entering your passphrase.
If you have seen any major flaws or have any questions feel free to leave a comment!