You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Erik Forsberg <fo...@cendio.se> on 2006/07/03 14:03:14 UTC
Configuration recommendations in a heterogenous Linux environment?
Hi!
I'm looking for recommendations for using Subversion for version
control in a small software development company.
We have a very heterogenous Linux environment which means that there
are many different versions of subversion in the different
distribution's package systems. Doing a quick check, I can find
subversion 1.2.3, 1.3.2, 1.3.1 and 1.1.4.
We're currently accessing our CVS repository via a shared NFS file
system. I'm thinking that it's maybe best not to use the same method
for subversion, given the wide variety of subversion versions on the
workstations, and possibly other factors that I don't know about.
Any recommendations?
http://svnbook.red-bean.com/nightly/en/svn.reposadmin.create.html says
in a warning that I can create an FSFS repository (which was my plan
anyway), but seems to recommend that you use apache or
svnserve.
Perhaps svn+ssh, using existing accounts, to a server keeping the
repository on local disk is the way to go? Any ideas on the
performance of that compared to direct NFS access?
Thanks,
\EF
--
Erik Forsberg OpenSource-based Thin Client Technology
Systems Analyst/Developer Phone: +46-13-21 46 00
Cendio AB Web: http://www.cendio.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
Erik Forsberg wrote:
> Hi!
>
> I'm looking for recommendations for using Subversion for version
> control in a small software development company.
>
> We have a very heterogenous Linux environment which means that there
> are many different versions of subversion in the different
> distribution's package systems. Doing a quick check, I can find
> subversion 1.2.3, 1.3.2, 1.3.1 and 1.1.4.
>
> We're currently accessing our CVS repository via a shared NFS file
> system. I'm thinking that it's maybe best not to use the same method
> for subversion, given the wide variety of subversion versions on the
> workstations, and possibly other factors that I don't know about.
>
> Any recommendations?
Update everyone to 1.3.x. Seriously, features such at the "force unlock"
feature are well worth hving, and are available only in recent versions.
> http://svnbook.red-bean.com/nightly/en/svn.reposadmin.create.html says
> in a warning that I can create an FSFS repository (which was my plan
> anyway), but seems to recommend that you use apache or
> svnserve.
Yeah, but that's on the server side. The client side should also be kept up
to date.
> Perhaps svn+ssh, using existing accounts, to a server keeping the
> repository on local disk is the way to go? Any ideas on the
> performance of that compared to direct NFS access?
I want to highly recommend HTTPS/WebDAV. It works quite well, and provides
easy read access for non Subversion clients.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by John Rouillard <ro...@renesys.com>.
On Mon, Jul 03, 2006 at 02:24:39PM -0400, Nico Kadel-Garcia wrote:
> Ulrich Eckhardt wrote:
> >- svnserve is dead easy to setup and offers some basic authentication.
>
> As much as I like Subversion, I consider svnserve one of its great flaws.
> Svnserve does not allow storage of encrypted passwords, only plaintext
> [...]
> This is why HTTPS is so much of an advantage: you rely on a well-known,
> well supported authentication method that keeps the passwords encrypted.
Interesting, I thought the https mode still stored the password (on
the client side not server side) in plain text format on disk. I got
this impressions from the section of
http://subversion.tigris.org/faq.html#plaintext-passwords that reads:
With an svn 1.1 client or later, you can use the more narrowly-defined
'store-passwords = no' (so that server certs are still cached.)
I understood the server was most likely ah https server.
The only non-plaintext password storage AFAIK is the ssh public key
method which we require use ssh-agent so that the keys are not kept on
disk unencrypted.
--
-- rouilj
John Rouillard
System Administrator
Renesys Corporation
603-643-9300 x 111
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Configuration recommendations in a heterogenous Linux environment?
Posted by ja...@subversus.org.
I don't see how that's "unforgivable". Trust your OS to properly enforce
security as per your configuration. If you don't do that, I'd recommend
that you unplug your computer and store it in a closet.
-----Original Message-----
From: Nico Kadel-Garcia [mailto:nkadel@comcast.net]
Sent: Monday, July 03, 2006 6:41 PM
To: Garrett Rooney
Cc: Ulrich Eckhardt; users@subversion.tigris.org
Subject: Re: Configuration recommendations in a heterogenous Linux
environment?
Garrett Rooney wrote:
> On 7/3/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>> Ulrich Eckhardt wrote:
>>
>>> - svnserve is dead easy to setup and offers some basic
>>> authentication.
>>
>> As much as I like Subversion, I consider svnserve one of its great
>> flaws. Svnserve does not allow storage of encrypted passwords, only
>> plaintext, and relies on plaintext transmission of those passwords.
>
> Uhh, that's pure bullshit, the transmission of the passwords is via
> CRAM-MD5, it is never sent over the wire as plaintext. Please
> investigate these things before you form an opinion. The storage of
> passwords is plainext, but their transmission is not.
Is it? Good! But it's still plain-text storage, and that's still
unforgivable.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
Erik Huelsmann wrote:
> On 7/4/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>>
>> ----- Original Message -----
>> From: "Erik Huelsmann" <eh...@gmail.com>
>> To: "Ryan Schmidt" <su...@ryandesign.com>
>> Cc: "Subversion List" <us...@subversion.tigris.org>
>> Sent: Tuesday, July 04, 2006 6:12 AM
>> Subject: Re: Configuration recommendations in a heterogenous Linux
>> environment?
>>
>>
>>>> Seems that this Mac OS X Keychain integration will be released in
>>>> Subversion 1.4? Is that right?
>>>
>>> Yes. (At least: it's in the CHANGES file for 1.4.0)
>>
>> *COOL*. How can you best flush the old locally stored keys from an
>> existing Mac when moving forward?
>
> By removing the files in your ~/.subversion/auth/*/ subdirectories.
> Clears all auth caches.
>
> HTH,
>
> Erik.
Good. Remind me to poke around in those a bit: I'd like to see a bit more of
what's being stored there on the client side.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Erik Huelsmann <eh...@gmail.com>.
On 7/4/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>
> ----- Original Message -----
> From: "Erik Huelsmann" <eh...@gmail.com>
> To: "Ryan Schmidt" <su...@ryandesign.com>
> Cc: "Subversion List" <us...@subversion.tigris.org>
> Sent: Tuesday, July 04, 2006 6:12 AM
> Subject: Re: Configuration recommendations in a heterogenous Linux
> environment?
>
>
> >> Seems that this Mac OS X Keychain integration will be released in
> >> Subversion 1.4? Is that right?
> >
> > Yes. (At least: it's in the CHANGES file for 1.4.0)
>
> *COOL*. How can you best flush the old locally stored keys from an existing
> Mac when moving forward?
By removing the files in your ~/.subversion/auth/*/ subdirectories.
Clears all auth caches.
HTH,
Erik.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
----- Original Message -----
From: "Erik Huelsmann" <eh...@gmail.com>
To: "Ryan Schmidt" <su...@ryandesign.com>
Cc: "Subversion List" <us...@subversion.tigris.org>
Sent: Tuesday, July 04, 2006 6:12 AM
Subject: Re: Configuration recommendations in a heterogenous Linux
environment?
>> Seems that this Mac OS X Keychain integration will be released in
>> Subversion 1.4? Is that right?
>
> Yes. (At least: it's in the CHANGES file for 1.4.0)
*COOL*. How can you best flush the old locally stored keys from an existing
Mac when moving forward?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Erik Huelsmann <eh...@gmail.com>.
> Seems that this Mac OS X Keychain integration will be released in
> Subversion 1.4? Is that right?
Yes. (At least: it's in the CHANGES file for 1.4.0)
bye,
Erik.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Ryan Schmidt <su...@ryandesign.com>.
On Jul 4, 2006, at 08:59, Erik Huelsmann wrote:
> There's also built in support for Keychain on the mac to encrypt
> passwords.
That's great; I must've overlooked that before. I see that it's this
enhancement request, which was resolved in December 2005:
http://subversion.tigris.org/issues/show_bug.cgi?id=2339
A Google search for "site:svnbook.red-bean.com keychain" showed only
this page:
http://svnbook.red-bean.com/trac/ticket/1
Seems that this Mac OS X Keychain integration will be released in
Subversion 1.4? Is that right?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linuxenvironment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
Les Mikesell wrote:
> On Tue, 2006-07-04 at 02:19, Nico Kadel-Garcia wrote:
>>>
>>> but: if you don't trust your OS (after you configured it correctly
>>> and securely), the OP is right, you should not be using it...
>>
>> Erik, I was talking about the server side. It's a ghods-awful
>> approach to keep software passwords floating around in plain text,
>> for any system. The server administrator *should not* in general
>> know user's passwords.
>
> Can't you use any of the many mod_auth_xxx methods with apache
> (LDAP, pam, etc.), many of which use encrypted and/or remote
> passwords? The usual issue with http is that basic authentication
> is passed in the clear, but with https the whole stream is
> encrypted.
Oh, I absolutely agree. But I'd been talking about svnserve, not Subversion
in general, and it's one of the reasons I so strongly HTTPS over svnserve.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux
environment?
Posted by Les Mikesell <le...@gmail.com>.
On Tue, 2006-07-04 at 02:19, Nico Kadel-Garcia wrote:
> >
> > but: if you don't trust your OS (after you configured it correctly and
> > securely), the OP is right, you should not be using it...
>
> Erik, I was talking about the server side. It's a ghods-awful approach to
> keep software passwords floating around in plain text, for any system. The
> server administrator *should not* in general know user's passwords.
Can't you use any of the many mod_auth_xxx methods with apache
(LDAP, pam, etc.), many of which use encrypted and/or remote
passwords? The usual issue with http is that basic authentication
is passed in the clear, but with https the whole stream is
encrypted.
--
Les Mikesell
lesmikesell@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux
environment?
Posted by Les Mikesell <le...@gmail.com>.
On Wed, 2006-07-05 at 00:39, Erik Huelsmann wrote:
> >
> > Erik, I was talking about the server side. It's a ghods-awful approach to
> > keep software passwords floating around in plain text, for any system. The
> > server administrator *should not* in general know user's passwords.
>
> Well, it's a weak defense, but CVS for example uses ROT13... Not much
> protection of your passwords. BTW: How do you suppose those passwords
> get into the password file? I'd say you need a server admin for that
> anyway?
One reasonable way is to let the user type it in himself over
an encrypted connection.
--
Les Mikesell
lesmikesell@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
----- Original Message -----
From: "Erik Huelsmann" <eh...@gmail.com>
To: "Nico Kadel-Garcia" <nk...@comcast.net>
Cc: "Garrett Rooney" <ro...@electricjellyfish.net>; "Ulrich Eckhardt"
<ec...@satorlaser.com>; <us...@subversion.tigris.org>
Sent: Wednesday, July 05, 2006 1:39 AM
Subject: Re: Configuration recommendations in a heterogenous Linux
environment?
> On 7/4/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
> Well, it's a weak defense, but CVS for example uses ROT13... Not much
> protection of your passwords. BTW: How do you suppose those passwords
> get into the password file? I'd say you need a server admin for that
> anyway?
For a standard /etc/password ot htpassword like file with an encrypted
password, you can set up webmin to manipulate the appropriate config file,
give the users access to "htpasswd" to generate login names nd passwords to
send in, etc., etc., etc.
If you're using Apache access, you can even hook it to an LDAP backend and
use the local network's single-sign-on passwords or other LDAP based access.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Erik Huelsmann <eh...@gmail.com>.
On 7/4/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>
> ----- Original Message -----
> From: "Erik Huelsmann" <eh...@gmail.com>
> To: "Nico Kadel-Garcia" <nk...@comcast.net>
> Cc: "Garrett Rooney" <ro...@electricjellyfish.net>; "Ulrich Eckhardt"
> <ec...@satorlaser.com>; <us...@subversion.tigris.org>
> Sent: Tuesday, July 04, 2006 2:59 AM
> Subject: Re: Configuration recommendations in a heterogenous Linux
> environment?
>
>
> > On 7/4/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>
> >> Is it? Good! But it's still plain-text storage, and that's still
> >> unforgivable.
> >
> > On Windows, the password store is protected by the encryption scheme
> > which decrypts once you're logged in, so the situation has improved
> > quite a bit.
> >
> > There's also built in support for Keychain on the mac to encrypt
> > passwords.
> >
> > but: if you don't trust your OS (after you configured it correctly and
> > securely), the OP is right, you should not be using it...
>
> Erik, I was talking about the server side. It's a ghods-awful approach to
> keep software passwords floating around in plain text, for any system. The
> server administrator *should not* in general know user's passwords.
Well, it's a weak defense, but CVS for example uses ROT13... Not much
protection of your passwords. BTW: How do you suppose those passwords
get into the password file? I'd say you need a server admin for that
anyway?
bye,
Erik.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
----- Original Message -----
From: "Erik Huelsmann" <eh...@gmail.com>
To: "Nico Kadel-Garcia" <nk...@comcast.net>
Cc: "Garrett Rooney" <ro...@electricjellyfish.net>; "Ulrich Eckhardt"
<ec...@satorlaser.com>; <us...@subversion.tigris.org>
Sent: Tuesday, July 04, 2006 2:59 AM
Subject: Re: Configuration recommendations in a heterogenous Linux
environment?
> On 7/4/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>> Is it? Good! But it's still plain-text storage, and that's still
>> unforgivable.
>
> On Windows, the password store is protected by the encryption scheme
> which decrypts once you're logged in, so the situation has improved
> quite a bit.
>
> There's also built in support for Keychain on the mac to encrypt
> passwords.
>
> but: if you don't trust your OS (after you configured it correctly and
> securely), the OP is right, you should not be using it...
Erik, I was talking about the server side. It's a ghods-awful approach to
keep software passwords floating around in plain text, for any system. The
server administrator *should not* in general know user's passwords.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Erik Huelsmann <eh...@gmail.com>.
On 7/4/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
> Garrett Rooney wrote:
> > On 7/3/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
> >> Ulrich Eckhardt wrote:
> >>
> >>> - svnserve is dead easy to setup and offers some basic
> >>> authentication.
> >>
> >> As much as I like Subversion, I consider svnserve one of its great
> >> flaws. Svnserve does not allow storage of encrypted passwords, only
> >> plaintext, and relies on plaintext transmission of those passwords.
> >
> > Uhh, that's pure bullshit, the transmission of the passwords is via
> > CRAM-MD5, it is never sent over the wire as plaintext. Please
> > investigate these things before you form an opinion. The storage of
> > passwords is plainext, but their transmission is not.
>
> Is it? Good! But it's still plain-text storage, and that's still
> unforgivable.
On Windows, the password store is protected by the encryption scheme
which decrypts once you're logged in, so the situation has improved
quite a bit.
There's also built in support for Keychain on the mac to encrypt passwords.
but: if you don't trust your OS (after you configured it correctly and
securely), the OP is right, you should not be using it...
HTH,
Erik.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
Garrett Rooney wrote:
> On 7/3/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>> Ulrich Eckhardt wrote:
>>
>>> - svnserve is dead easy to setup and offers some basic
>>> authentication.
>>
>> As much as I like Subversion, I consider svnserve one of its great
>> flaws. Svnserve does not allow storage of encrypted passwords, only
>> plaintext, and relies on plaintext transmission of those passwords.
>
> Uhh, that's pure bullshit, the transmission of the passwords is via
> CRAM-MD5, it is never sent over the wire as plaintext. Please
> investigate these things before you form an opinion. The storage of
> passwords is plainext, but their transmission is not.
Is it? Good! But it's still plain-text storage, and that's still
unforgivable.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
Garrett Rooney wrote:
> On 7/3/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
>> Ulrich Eckhardt wrote:
>>
>>> - svnserve is dead easy to setup and offers some basic
>>> authentication.
>>
>> As much as I like Subversion, I consider svnserve one of its great
>> flaws. Svnserve does not allow storage of encrypted passwords, only
>> plaintext, and relies on plaintext transmission of those passwords.
>
> Uhh, that's pure bullshit, the transmission of the passwords is via
> CRAM-MD5, it is never sent over the wire as plaintext. Please
> investigate these things before you form an opinion. The storage of
> passwords is plainext, but their transmission is not.
>
> -garrett
By the way, thank you for the correction. I see it in the source code and in
the current version of the book at http://svnbook.red-bean.com. It's not
mentioned in the manpages, unfortunately, and only mentioned once in passing
in the book. That doesn't excuse me for missing it, though.
Was it mentioned in the printed O'Reilly manual?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Garrett Rooney <ro...@electricjellyfish.net>.
On 7/3/06, Nico Kadel-Garcia <nk...@comcast.net> wrote:
> Ulrich Eckhardt wrote:
>
> > - svnserve is dead easy to setup and offers some basic authentication.
>
> As much as I like Subversion, I consider svnserve one of its great flaws.
> Svnserve does not allow storage of encrypted passwords, only plaintext, and
> relies on plaintext transmission of those passwords.
Uhh, that's pure bullshit, the transmission of the passwords is via
CRAM-MD5, it is never sent over the wire as plaintext. Please
investigate these things before you form an opinion. The storage of
passwords is plainext, but their transmission is not.
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux environment?
Posted by Nico Kadel-Garcia <nk...@comcast.net>.
Ulrich Eckhardt wrote:
> - svnserve is dead easy to setup and offers some basic authentication.
As much as I like Subversion, I consider svnserve one of its great flaws.
Svnserve does not allow storage of encrypted passwords, only plaintext, and
relies on plaintext transmission of those passwords. Those are huge security
problems in any kind of a public, semi-public, or mixed environment. The SSH
wrapper work for it helps, but is quite awkward to deal with and doesn't
solve the issue, since so many people tend to use the same password for
their SSH keys, their logins, their bank accounts, their email access, etc.,
etc., etc.
This is why HTTPS is so much of an advantage: you rely on a well-known, well
supported authentication method that keeps the passwords encrypted.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Configuration recommendations in a heterogenous Linux
environment?
Posted by Ulrich Eckhardt <ec...@satorlaser.com>.
On Monday 03 July 2006 16:03, Erik Forsberg wrote:
> We have a very heterogenous Linux environment which means that there
> are many different versions of subversion in the different
> distribution's package systems. Doing a quick check, I can find
> subversion 1.2.3, 1.3.2, 1.3.1 and 1.1.4.
>
> We're currently accessing our CVS repository via a shared NFS file
> system. I'm thinking that it's maybe best not to use the same method
> for subversion, given the wide variety of subversion versions on the
> workstations, and possibly other factors that I don't know about.
>
> Any recommendations?
>
> http://svnbook.red-bean.com/nightly/en/svn.reposadmin.create.html says
> in a warning that I can create an FSFS repository (which was my plan
> anyway), but seems to recommend that you use apache or
> svnserve.
>
> Perhaps svn+ssh, using existing accounts, to a server keeping the
> repository on local disk is the way to go? Any ideas on the
> performance of that compared to direct NFS access?
A few things here:
- The different Subversion binaries might also be linked to different BDBs, so
that's another reason not to share physical access to the repository files.
Using FSFS, that should not matter.
- The Subversion protocol is compatible between the 1.x versions, so that
presents no problem. Otherwise, upgrading should be possible, compiling from
source with only svn: client support (i.e. without BDB and Apache stuff)
should work on pretty much any system.
- svnserve is dead easy to setup and offers some basic authentication.
Assuming you only want to prevent errors rather than against hostile attacks
or vandalism, its authentication is also enough and no encryption of traffic
needed. For off-site access I would use a generic tunnel or VPN anyway.
- Subversion can also be installed for just one user in his homedir. That way
you don't even need root access to the machine (unless you want to serve via
[x]inetd) to install stuff and have things well separated so they don't
disturb other stuff.
Summary: setup svnserve, it's described in the book.
Uli
****************************************************
Visit our website at <http://www.domino-printing.com/>
****************************************************
This Email and any files transmitted with it are intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any reading, redistribution, disclosure or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you are not the intended recipient please contact the sender immediately and delete the material from your computer.
E-mail may be susceptible to data corruption, interception, viruses and unauthorised amendment and Domino UK Limited does not accept liability for any such corruption, interception, viruses or amendment or their consequences.
****************************************************
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org