Apache

Subversion, per-repository access

These are my notes on how I configured per-user access rights for my Subversion repositories. There is an excellent article here to help with this.

I run three repositories (for three companies) and need access to all of them. Other users must have access only to the repository for their respective company.

1. Create an access control file called svn_access_control:

jon@raspberrypi ~ $ sudo nano /etc/apache2/svn_access_control

Enter information like this:

# jon belongs to all groups, paul and nigel to one group each
[groups]
TeamName1 = jon, paul
TeamName2 = jon, nigel

# Only admin has access to everything
[/]
admin = rw

# Setup access to a specific repository
[repos_1:/]
@TeamName1 = rw

# Setup access to a specific repository
[repos_2:/]
@Teamname2 = rw

Note: the user names in the above file are case sensitive.

Then edit the dav_svn.conf file and include a reference to the new access control file:

<Location /svn>
 DAV svn
 SVNParentPath /home/jon/svnrepos
 AuthType Digest
 AuthName "Subversion Repo"
 AuthUserFile /etc/apache2/dav_svn.htdigest
 AuthzSVNAccessFile /etc/apache2/svn_access_control
 Require valid-user
</Location>

The following command must be used to enable the new access control:

jon@raspberrypi ~ $ sudo a2enmod authz_svn

Restart the apache service to activate the changes.