> I'm running a system (RHEL4) with ~1000 users on it - I have a requirement
> that each user needs their own repository that other users aren't able to
> access. Users should be able to access their repository from local
> machine,
> SSH, and also via the web.
>
> Authentication on the system is handled with a NIS back-end for user
> information, and LDAP for the actual authentication against some AD
> servers.
I do something similar for a smaller number of users. We're just rolling
out one subversion server for admin use, one for projects, and one for
workstation backups. I respectfully disagree with the posters who want to
put the repositories in their home directories -- especially in
public-html. If a user fat-fingers permissions it won't be his colleagues
he has to worry about accessing his repository -- it will be the whole
Internet. Users also would be able to get in and muck with the repository
directly -- I see a support nightmare in the making.
My vote would be for apache to be set up with an SVNParentPath, with
individual user repositories defined below that level. You also can
define LDAP authentication in the httpd.conf. One of the web interfaces
like WebSVN can be installed for readonly access, and if a user needs
read-write access they can install one of the many client options on their
home machine. Or they can ssh in and use the command line (or a GUI if
you allow X tunneling and they have the right setup).
Scripting account setup isn't hard at all. I have scripts to set up our
various repositories (I go ahead and svn mkdir the trunk, branches and
tags directories on the project server). Just something like this for the
access file:
cat <<EOT >>/path/to/access/file
[userid:/]
userid = rw
EOT
Good luck,
Sheryl
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Oct 19 16:50:56 2006