Documentation:Subversion

=Subversion=

UGCS supports the Subversion revision control system. With a UGCS account, you can set up your own Subversion repository in ~/public/svn, and it will be accessible to the world via our subversion server at svn://svn.ugcs.caltech.edu/username/.

We recommend Version Control with Subversion, a free online book on Subversion, for more help with general Subversion commands.

Quick Setup
To set up your subversion repository, run svnadmin create ~/public/svn find ~/public/svn -type d -exec fs sa {} svn write \;

By default, the repository is world-readable via svn://svn.ugcs.caltech.edu/username, and writable if you have direct file access and use the url file:///afs/.ugcs/svn/username

If you want to have write access to your repository from outside of UGCS, add your username and a password (NOT YOUR UGCS PASSWORD) to conf/passwd: echo 'username = password' >> ~/public/svn/conf/passwd and then tell subversion to use this password file by editing the file "~/public/svn/conf/svnserve.conf" and removing the # in front of the line so it reads password-db = passwd (Note that there should not be a space at the beginning of the line)
 * 1) password-db = passwd

You can then import your files with svn import --username username source_dir svn://svn.ugcs.caltech.edu/username

and check them out with svn checkout svn://svn.ugcs.caltech.edu/username/source_dir

Anyone in the world will be able to check out your files with this command, although they will not be able to commit changes unless you add a username and password for them. If you want to restrict read access to your repository, edit the line that reads so that it reads anon-access = none (Note that there should not be a space at the beginning of the line)
 * 1) anon-access = read

See SVN Basic Usage for more basic Subversion help.

Access Control
Users can access your subversion repository two different ways: via the subversion service and via the files directly. If you want to restrict access to your repository, you need to fix the access controls in both places.

SVN Server Access Control
Subversion server access control (access via svn://...) is controlled via two files in repository_root/conf (repository_root is where you created your repository, usually ~/public/svn). passwd contains a list of users and their cleartext passwords, and svnserve.conf has lines that let you control anonymous and authorized access. These files can be edited in any text editor and contain a brief help section at the top of the file. More information on subversion service access control, including fine-grained permissions, is available at the Subversion documentation.

'''NOTE: Subversion stores passwords in cleartext. This means that you should NEVER, EVER, EVER use your UGCS password for your Subversion password'''

Note that passwords in passwd are cleartext, so you should probably remove world read permissions on the directory and give the svn service read permission fs sa repository_root/conf system:anyuser none svn read

AFS File Access Control
Anyone can also access your repository through AFS. By default, the repository is created as world-readable, user-writeable so anyone can read your repository, but only you can write to it. To change this, you need to change the AFS access control lists on all directories in repository_root.

To remove world read permissions, run find repository_root -type d -exec fs sa {} system:anyuser none svn write \;

To give write permissions to another UGCS user, run find repository_root -type d -exec fs sa {} other_username write \;