Novell Home

Setting up subversion 1.3.0 on SLES 9

From Developer Community

Contents

[edit]

Introduction

This is basic setup instructions for installing Subversion 1.3.0 on SLES 9. This document also inclues instructions on getting viewvc setup for repository browsing.

Notes:

  • This installation uses fsfs instead of BDB.
  • Everything is installed in /opt/subversion.
  • All subversion repositories authenticate against eDirectory using mod_auth_ldap.


[edit]

Pre-setup

You must have the following rpms installed

  • neon
  • python
  • python-devel
  • zlib
  • zlib-devel
  • openldap2-client
  • openldap2-devel
  • tls
  • openssl
  • openssl-devel
  • enscript
[edit]

Apache Hack

modules/experimental/util_ldap.c needs the following two lines added to disable the server cert checking. The eDirectory cluster we run against could not produce a valid certificate for apache to use. Since we are in a trusted environment we disable two way cert checking. 

                if (NULL != ldc->ldap)
                {
                    int SSLmode = LDAP_OPT_X_TLS_HARD;
+                   int SSLreq = LDAP_OPT_X_TLS_NEVER;
                    result = ldap_set_option(ldc->ldap, LDAP_OPT_X_TLS, &SSLmode);
                    if (LDAP_SUCCESS != result)
                    {
                        ldap_unbind_s(ldc->ldap);
                        ldc->reason = "LDAP: ldap_set_option - LDAP_OPT_X_TLS_HARD failed";
                        ldc->ldap = NULL;
                    }

+                   ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &SSLreq);
                }
[edit]

Apache Installation

./configure --prefix=/opt/subversion --enable-mods-shared="auth-ldap ldap ssl dav dav-fs cgi rewrite" \
            --enable-so --with-ldap --with-ssl
make
make install
[edit]

SWIG Installation

./configure --prefix=/opt/subversion
make
make install
[edit]

Subversion Installation

./configure --prefix=/opt/subversion --disable-mod-activation \
            --with-apxs=/opt/subversion/bin/apxs --with-ssl \
            --with-zlib --with-swig=/opt/subversion/bin/swig
make
make install
  • The next few steps are for viewcvs to work. They build and install the python bindings 
make swig-py
make install-swig-py

ln -s /opt/subversion/lib/svn-python/svn/ /usr/lib/python2.3/site-packages/svn
ln -s /opt/subversion/lib/svn-python/libsvn/ /usr/lib/python2.3/site-packages/libsvn


[edit]

LDAP Setup

If you have a der file, use the following to create a pem. 

openssl x509 -inform DER -in nforgeldap.der -outform PEM -out nforgeldap.pem
[edit]

SSL Setup

Create a certificate and a key file and put them somewhere. Make sure the Common Name is the actual DNS name that people will connect to otherwise they will get warnings that the server has a different name than the cert. 

openssl req -new -x509 -nodes -days 7300 -out apache.crt -keyout apache.key

Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Utah
Locality Name (eg, city) []:Provo
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Novell Inc
Organizational Unit Name (eg, section) []:Developer Services
Common Name (eg, YOUR name) []:forgesvn1.novell.com
Email Address []:forge@novell.com
[edit]

httpd.conf Setup

httpd.conf example

[edit]

viewvc

Download version 1.0.0 of viewcv and extract it. http://viewvc.tigris.org/files/documents/3330/31766/viewvc-1.0.0.tar.gz

  • Run ./viewcvs-install setting the paths to /opt/subversion/viewvc-VERSION
  • chown wwwrun.www /opt/subversion/viewvc-1.0/bin/cgi/*
  • Add the following directives to httpd.conf (they are already in the example above): 
ScriptAlias /viewsvn /opt/subversion/viewvc-1.0/bin/cgi/viewcvs.cgi
ScriptAlias /query /opt/subversion/viewvc-1.0/bin/cgi/query.cgi
  • Restart apache: /opt/subversion/bin/apachectl graceful
  • Edit viewvc-1.0/viewcvs.conf. Edit these option to your liking. This is the way I liked it. 
#cvs_roots
#svn_roots
root_parents = /srv/svn : svn
default_root = 
use_rcsparse = 0
svn_path = /opt/subversion/bin
forbidden = .internal
root_as_url_component = 1
checkout_magic = 0
use_enscript = 1
[edit]

Create an init.d script

Create the init.d script and put it in /etc/init.d

Example init.d script

  • Create symlinks to the script in /etc/init.d/rc5.d
    1. ln -s ../subversion S14subversion
    2. ln -s ../subversion K07subversion

That should do it!!

[edit]

Post install notes

  • Make sure you set up log rotation so your apache logs don't get too big.
    • You can probably just make /opt/subversion/logs a symlink to /var/log/apache2.
  • ViewVC has an index page that shows all repositories.
  • ViewVC will show repositories even if apache is protecting it. (It goes behind apache's back)
Retrieved from "http://developer.novell.com/wiki/index.php/Setting_up_subversion_1.3.0_on_SLES_9"

Novell® Making IT Work As One

© 2008 Novell, Inc. All Rights Reserved.