Missouri S&T Subversion Server - Notices and Documentation
This page has information specific to this server. For general subversion usage information, see the documentation available on the subversion vendor site: http://subversion.tigris.org.
Important Support Notice
This is an unsupported facility for other than IT internal use. Issues will be supported for cases where the server is broke, but no usage support will be provided.
Important Security Notice
NOTE: These settings are configured by default on any IT server install of subversion, but if you are using your own install or a windows install, you should be aware of these issues:
- When using svn client on a shared (non-personal) login (or box where home directory is located in a shared filesystem) you need to be very careful to avoid having subversion cache the password. Suggested approach for this is:
- Run a subversion command that requires authentication to the server
- Accept certificate permanently - if it asks about cert, this is most likely your first invocation of svn on this userid
- If this is the first usage, or if you're unsure if this has been set:
- Exit out of the command before entering password
- Edit the ~/.subversion/config file to make sure that "store-passwords" is set to no
- Similar facilities exist for clients other than the svn command line tool
- It is ok to let the tools cache passwords for convenience if the storage is personal and secure, but
make a conscious decision on it, you may not want your password sitting around in cleartext even if it is relatively
- Periodically check the files in ~/.subversion/auth/svn.simple/ to make sure no passwords have been cached. Caching of the userid is acceptable. (Files may be in another location if using a non-unix client)
Missouri S&T Specific Notes
Access control and change log emailing on the this Subversion Server is controlled by two files in the conf/ subdirectory of
the top level of the repository. Syntax for these files is simplistic - the "notify-list" file contains an email address per line,
and the "access" repository contains lines of the form "/prefix entity=rights", such as "/ fred=rw". Changes to notify list take
effect immediately after committing. Changes to the access list take a minute or so before they are in effect. The owning userid
always has full rights to any userid based repository (see the list below).
To grant read rights to anonymous users, use '*' instead of userid. "/ *=r". You can also grant rw rights this way, but that is not recommended as you will be responsible for any content placed in the repository.
Additionally, this server enforces certain repository behaviors depending on the tree within the repository. These are not tunable
on a per-repository basis, they are configured for all repositories at this time.
- /* - commit messages are manditory on all parts of the repository
- /conf - cannot add/remove files, only edit the ones that are there
- /trunk - unrestricted
- /deployed - special tag/branch for IT application deployment, must be a copy from the trunk, and has to be named YYYY-MM-DD-NN-label, where NN is the daily release, normally 00, and label is the application cluster on which it is deployed.
- /branches - similar behavior to trunk, but can only hold directories
- /tags - read only, can only hold directories
- IT Only Repositories
- user - software/app userid
- project - project (non userid specific/non host specific, avoid whenever possible as they cannot be tracked reasonably)
- Non-IT Repositories
- student - student userid
- naming to match student userid
- research - research groups/faculty
- shall be named to match the research/resource account
- Retention Policy
- retention of repository data will be tied to the existence of the corresponding user id
- data will be archived to long term backups wherever possible
- Quota Policy
- No quota restrictions will be applied at this time
- It is expected that appropriate use of the space will be enforced. i.e. using this server as a way to get around filesystem quota restrictions will not be tolerated.