You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Mark Clements <nn...@kennel17.co.uk> on 2006/08/21 15:23:40 UTC
Single/Multiple repos - pros and cons
I have done a fairly extensive search of the list and the web, but have
still not found a definitive answer to this question (though there is
clearly a lot of conflicting opinion). The question is a very common one:
"Should I use a single repository for all my projects, or a separate
repository per project?". The answer, it appears is "It depends.".
So, maybe looking at a different way round, what are the pros and cons of
each approach? Here is what I have gleaned so far (pros only - cons are
asuumed to be 'unable to do the pros of the other one').
Single Repository - Pros:
* Can easily move files between projects, retaining history.
* Only one set of hooks/config files/permissions to deal with
* Can share code resources easily (though externals allow this between
multiple repositories)
Multiple Repositories - Pros:
* Smaller and easier to backup
* Can archive an old project
* Logically separates individual projects.
* Simplifies permission assignation on a per-project basis.
* Revision number is tied to the project (although I think this is probably
a bogus argument)
* Less damage done if a repository becomes corrupted
Can you add to this list?
As an aside, the SVN book appears to imply that a single repository is the
recommended approach, as all the examples use this layout. However the
following sentence caught my eye: "A common change is the decision to move
multiple projects which are sharing a single repository into separate
repositories for each project.", which implies that this approach often
turns out to be wrong... not quite sure what to make of that!
- Mark Clements
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Anonymous access will not go away!
Posted by Ryan Schmidt <su...@ryandesign.com>.
On Aug 22, 2006, at 01:18, Ryan Schmidt wrote:
> Are you SURE that anonymous access is getting in? Subversion caches
> your credentials, you know, the first time you supply them. Could
> it be that the username "justin" and the password are cached in
> ~/.subversion/auth/svn.simple which is why you can get access when
> you do not explicitly supply a username and password? Try deleting
> the cached info from that directory and see if you then still have
> access. I suspect you do not, meaning the server is correctly set up.
An additional thought: you should be able to follow the Apache access
log and see what username it thinks you're connecting with.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Anonymous access will not go away!
Posted by Steve Martin <sm...@gmail.com>.
I had this same problem as well.
I was running httpd (apache2), with svn 1.3.1 on RHEL 4 using httpd auth,
and after awhile, it stopped prompting for username + password.
Although, I'm not certain what Ryan said is right... it might cache certain
info, but even with httpd basic auth, it still wasn't prompting for auth
info after a reboot AND using a different user account.
What I would recommend checking (which I didn't get a chance to before the
contract was up) is that to make sure you don't have the apache + svn auth
info in 2 different locations.
IE: (this example is on RHEL 4... may be different on your OS) if you have
the apache directives set in /etc/httpd/httpd.conf, DO NOT have it set also
in /etc/httpd/conf.d/whateverconf.conf).
That was the only thing I could think of in MY situation.
My best suggestion would be to:
cp httpd.conf httpd.conf.bak
remove everything env related from the "old" httpd.conf
Readd the svn directives, run apachectl restart (or /etc/init.d/httpd
restart)
and see if you still have the same problem.
However, I was managing things for a small dev lab, so I didn't need the svn
authz stuff. I just used basic httpd authentication.... I had one couple GB
repo, with a limitied # of people using it.
On 8/21/06, Ryan Schmidt <su...@ryandesign.com> wrote:
>
> On Aug 21, 2006, at 18:04, Justin wrote:
>
> > I just set up my first Subversion server, under Apache2 on OS X
> > Server 10.4, serving the repository over Apache2 and SSL. It was
> > probably the most painful install and tweaking process I've ever
> > experienced! But it's in and working.
> >
> > The problem I'm running into, is that no matter what I do, I cannot
> > DISABLE anonymous access! I can set things so that an INcorrect
> > username is denied, and a CORRECT username is allowed. But not
> > entering any credentials always results in full access.
> >
> > My httpd.conf location is:
> >
> > <Location /svn>
> > SSLRequireSSL
> > DAV svn
> > SVNPath /Library/svn
> > AuthzSVNAccessFile /Library/Apache2/svn-access-file
> > Require valid-user
> > AuthType Basic
> > AuthName "Repository"
> > AuthUserFile /Library/Apache2/svn-auth-file
> > </Location>
> >
> > And I've got the svn-access-file as:
> >
> > [/]
> > * =
> > justin = rw
> >
> > Basically, I've got this ONE repository that I need to be secured.
> > When I remove my account from the access-file (justin), any
> > anonymous access results in a 403 Forbidden error. But when I've
> > got my account in there, my account AND anonymous gets full access.
> >
> > I have set the hooks for anon-access to none in the svnserve.conf
> > file in the repository, but I think this is just for serving via
> > svnserve and NOT Apache2. Regardless, the options that I set there
> > do nothing.
> >
> > I'm completely stuck on this one, there doesn't seem to be anything
> > out there addressing my issue. I'm thinking that maybe it was a
> > permissions issue on my repository folders and files, but when I
> > disable the world permissions (from read, write, ex to none, none
> > none) I cannot access the repository at all.
> >
> > Any help on this would be GREATLY appreciated!
>
> Are you SURE that anonymous access is getting in? Subversion caches
> your credentials, you know, the first time you supply them. Could it
> be that the username "justin" and the password are cached in
> ~/.subversion/auth/svn.simple which is why you can get access when
> you do not explicitly supply a username and password? Try deleting
> the cached info from that directory and see if you then still have
> access. I suspect you do not, meaning the server is correctly set up.
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
Re: Anonymous access will not go away!
Posted by Ryan Schmidt <su...@ryandesign.com>.
On Aug 21, 2006, at 18:04, Justin wrote:
> I just set up my first Subversion server, under Apache2 on OS X
> Server 10.4, serving the repository over Apache2 and SSL. It was
> probably the most painful install and tweaking process I've ever
> experienced! But it's in and working.
>
> The problem I'm running into, is that no matter what I do, I cannot
> DISABLE anonymous access! I can set things so that an INcorrect
> username is denied, and a CORRECT username is allowed. But not
> entering any credentials always results in full access.
>
> My httpd.conf location is:
>
> <Location /svn>
> SSLRequireSSL
> DAV svn
> SVNPath /Library/svn
> AuthzSVNAccessFile /Library/Apache2/svn-access-file
> Require valid-user
> AuthType Basic
> AuthName "Repository"
> AuthUserFile /Library/Apache2/svn-auth-file
> </Location>
>
> And I've got the svn-access-file as:
>
> [/]
> * =
> justin = rw
>
> Basically, I've got this ONE repository that I need to be secured.
> When I remove my account from the access-file (justin), any
> anonymous access results in a 403 Forbidden error. But when I've
> got my account in there, my account AND anonymous gets full access.
>
> I have set the hooks for anon-access to none in the svnserve.conf
> file in the repository, but I think this is just for serving via
> svnserve and NOT Apache2. Regardless, the options that I set there
> do nothing.
>
> I'm completely stuck on this one, there doesn't seem to be anything
> out there addressing my issue. I'm thinking that maybe it was a
> permissions issue on my repository folders and files, but when I
> disable the world permissions (from read, write, ex to none, none
> none) I cannot access the repository at all.
>
> Any help on this would be GREATLY appreciated!
Are you SURE that anonymous access is getting in? Subversion caches
your credentials, you know, the first time you supply them. Could it
be that the username "justin" and the password are cached in
~/.subversion/auth/svn.simple which is why you can get access when
you do not explicitly supply a username and password? Try deleting
the cached info from that directory and see if you then still have
access. I suspect you do not, meaning the server is correctly set up.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Anonymous access will not go away!
Posted by Justin <ju...@hush.cc>.
Hi everyone,
I just set up my first Subversion server, under Apache2 on OS X
Server 10.4, serving the repository over Apache2 and SSL. It was
probably the most painful install and tweaking process I've ever
experienced! But it's in and working.
The problem I'm running into, is that no matter what I do, I cannot
DISABLE anonymous access! I can set things so that an INcorrect
username is denied, and a CORRECT username is allowed. But not
entering any credentials always results in full access.
My httpd.conf location is:
<Location /svn>
SSLRequireSSL
DAV svn
SVNPath /Library/svn
AuthzSVNAccessFile /Library/Apache2/svn-access-file
Require valid-user
AuthType Basic
AuthName "Repository"
AuthUserFile /Library/Apache2/svn-auth-file
</Location>
And I've got the svn-access-file as:
[/]
* =
justin = rw
Basically, I've got this ONE repository that I need to be secured.
When I remove my account from the access-file (justin), any anonymous
access results in a 403 Forbidden error. But when I've got my account
in there, my account AND anonymous gets full access.
I have set the hooks for anon-access to none in the svnserve.conf
file in the repository, but I think this is just for serving via
svnserve and NOT Apache2. Regardless, the options that I set there do
nothing.
I'm completely stuck on this one, there doesn't seem to be anything
out there addressing my issue. I'm thinking that maybe it was a
permissions issue on my repository folders and files, but when I
disable the world permissions (from read, write, ex to none, none
none) I cannot access the repository at all.
Any help on this would be GREATLY appreciated!
Thanks in advance,
*justin
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Single/Multiple repos - pros and cons
Posted by Mark Clements <nn...@kennel17.co.uk>.
"Robert Wenner" <ro...@atsec.com> wrote in message
news:200608211750.59971.robert.wenner@atsec.com...
> On Monday 21 August 2006 10:23, Mark Clements wrote:
> > Single Repository - Pros:
>
> > * Only one set of hooks/config files/permissions to deal with
>
> We keep the hooks code in a separate repository and check it out on the
> server, and then have symlinks to that working copy from the actual
> project repositories.
>
> > Multiple Repositories - Pros:
>
> > * Revision number is tied to the project (although I think this is
> > probably a bogus argument)
>
> Why bogus?
> I find that important since it is irritating to me that a version number
> goes up even if nobody touched that project.
>
> Just my 2 cents,
>
> Robert
I say bogus, because as soon as you have several branches in your repository
then you have the same problem, e.g. the head revision no. changes even
though no code in the trunk has actually changed.
- Mark Clements
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Single/Multiple repos - pros and cons
Posted by Robert Wenner <ro...@atsec.com>.
On Monday 21 August 2006 10:23, Mark Clements wrote:
> Single Repository - Pros:
> * Only one set of hooks/config files/permissions to deal with
We keep the hooks code in a separate repository and check it out on the
server, and then have symlinks to that working copy from the actual
project repositories.
> Multiple Repositories - Pros:
> * Revision number is tied to the project (although I think this is
> probably a bogus argument)
Why bogus?
I find that important since it is irritating to me that a version number
goes up even if nobody touched that project.
Just my 2 cents,
Robert
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org