15 Comments

Summary:

Last year I took a look at a number of Subversion clients for OS X, finally settling on Versions as my client of choice for my personal coding needs. At the time, I was running a Linux server on some old generic hardware from the days […]

Last year I took a look at a number of Subversion clients for OS X, finally settling on Versions as my client of choice for my personal coding needs. At the time, I was running a Linux server on some old generic hardware from the days before I drank the Apple Koolaid. After deciding to upgrade my wife’s 17″ iMac with the new i5 27″ model, I realized I could ditch the old Linux hardware and get some great power savings (and hence reduced electricity bill) in the process. The first task I had was moving my SVN repository over from the Linux machine (Ubuntu 9.10) to the iMac running OS X 10.6…and this is how I did it.

All of the SVN application binaries, including the server, already come pre-installed with OS X 10.6, located in the /usr/bin/ directory, so we just have a few steps to get that running.

  1. Create a system user for SVN.
  2. Create a new repository to store your code in.
  3. Optionally create specific SVN users for submission tracking.
  4. Configure the server to run automatically at system startup.

Creating an SVN user

While you could easily run the SVN sever with the root user account, for better system security it’s always best to have a dedicated user to run a specific service such as SVN. This limits any possible vulnerabilities in the SVN software from harming the rest of your system; if an exploit is used to end up with a command line ability, the attacker can only damage files belonging to the SVN user.

  1. Open System Preferences and go the Accounts page.
  2. Add a new standard user named svn with a suitable password.

This user will be included in the OS X login screen when you start your computer. Since there is usually no reason for somebody to log onto the desktop with this user, it can be hidden from the login screen. You can do so by opening the Terminal application and running the following command:

sudo defaults write /Library/Preferences/com.apple.loginwindow HiddenUsersList -array-add svn

If you ever do want to login as the svn user to the desktop, you can click the new ‘Other’ option that appears in the login screen and manually enter the username. On the other hand, if you don’t want the ‘Other’ option at all you can also disable this by entering the following in a terminal window:

sudo defaults write /Library/Preferences/com.apple.loginwindow SHOWOTHERUSERS_MANAGED -bool FALSE

You can also delete all the default directories created under the /Users/svn/ directory if you prefer a neat and tidy file system.

Creating your SVN repository

We now need to create the specific root directory for our repository and create it using the svnadmin command by launching the OS X Terminal application and entering the following commands.

sudo -u svn mkdir /Users/svn/svnroot
sudo -u svn svnadmin create /Users/svn/svnroot

You can now view the /Users/svn/svnroot directory and see that new files have been created to form the base of your new repository.

Creating SVN users (optional)

If you are working on your own code and you know without a doubt that nobody else will be accessing your repository, you can skip this step. However it doesn’t hurt to configure a dedicated user now even if it’s just for your sole use, so that code check-ins are properly attributed. To do this we first need to edit the svnserve.conf file and enable the passwd file for user authentication. An easy way from the terminal to edit a file is by using the nano text editor:

sudo -u svn nano /Users/svn/svnroot/conf/svnserve.conf

Remove the # from line 20 so it looks like this:

  ### Uncomment the line below to use the default password file.
  password-db = passwd

If using nano, press Control+X and save your changes. Next edit the passwd file:

sudo -u svn nano /Users/svn/svnroot/conf/passwd

Then add the desired usernames and passwords, in my case I’m adding the user ‘bed’ for myself:

### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
bed = beds_secret_svn_password

Scheduling the server to start automatically

OS X uses the launchd subsystem for automatically starting background services. The easiest way to configure svnserve to run automatically via launchd is by using Lingon. You can grab the latest version from Sourceforge. For more details on using Lingon see this previous article I put together, but for this task we just need to add a new User Daemon:

  1. Run Lingon, click the New button and select User Daemons.
  2. Fill out the dialog as follows:
    Name: org.subversion.svnserve
    What: /usr/bin/svnserve --inetd --root=/Users/svn/svnroot/

  3. We now need to click the “Expert” button at the bottom and add the following text under the <dict> section:

<key>Sockets</key>
<dict>
  <key>Listeners</key>
  <dict>
    <key>SockFamily</key>
    <string>IPv4</string>
    <key>SockServiceName</key>
    <string>svn</string>
    <key>SockType</key>
    <string>stream</string>
  </dict>
</dict>
<key>inetdCompatibility</key>
<dict>
  <key>Wait</key>
  <false/>
</dict>
<key>Umask</key>
<integer>2</integer>
<key>UserName</key>
<string>svn</string>
<key>GroupName</key>
<string>staff</string>

So that it looks like this:

Click the save button again and then reboot your computer to give it a test by connecting to localhost or your IP address with your favorite SVN client, ie: svn://bed@localhost. Your SVN server is now ready to be used! The SVN server will only be launched when you first try and use it, so it won’t be taking up any unnecessary resources.

Migrating an existing repository

If you’re like me, and want to migrate an existing repository from another system you can do so easily by skipping the svnadmin command in step two, and just copy the repository directory from the old system to the new system. I would advise to upgrade your existing repository first to ensure that it is compatible with the version of SVN that comes with OS X (SVN version 1.6.x). Also you’ll want to ensure that the copied file’s owner becomes the new SVN user created in step one.

  1. Seriously, just use Git. http://git-scm.com

    Share
  2. If you’re not sharing with anyone else, there’s a much simpler solution:

    In your account (say your login name is joe), create a directory called svnroot (perhaps under Documents if you like). Then, just run:

    svnadmin create /Users/joe/svnroot

    Once you’ve done that, you can check out directly using:
    svn checkout file:///Users/joe/svnroot

    If you want remote access, turn on ssh access (in the Sharing System Preference) and check out with
    svn checkout svn+ssh://my.domain.com/Users/joe/svnroot

    An svn server and special account is only necessary if you want a shared repository. If not, it takes about two minutes to create a “private” svn repository that you can access securely over the Web.

    Share
    1. Agreed. It’s much simpler. But it depends on what you’re looking for out of your setup.

      Regardless of how many people are using the versioning/concurrency system, it’s always safer to have it on a separate machine (hdd failure-wise, etc), and if you do frequent commits a dead hard-drive on your workstation (or server for that matter) isn’t going to kill your latest work. There are of course always other backup options, but if you primarily work on a laptop, there are many advantages, such as not taking the master copy of your entire repository everywhere you go, not storing it on a disk which is perhaps more likely to fail (due to being carried around), and being able to keep other backup systems (time-machine drives, cloud backups, etc) hard-wired to the server, not having to think about plugging in USB drives for the purpose, etc.

      Security-wise, setting up a separate user is still better (in general), for reasons explained in the article.

      For a desktop or iMac, I’d consider going with your solution, but I don’t like the idea of taking all of that around on my notebook.

      Share
  3. [...] more at That Apple Blog AKPC_IDS += "504,"; Share this Post: Tagged [...]

    Share
  4. What if you have already setup SVN in your own account and want to move the existing repository to this new user?

    TKS
    Maurice

    Share
    1. Thats the same as my last step “migrating”, just copy your svn directory to the new user’s directory and ensure to change the owner of all the files to the new svn user.

      Share
  5. [...] Shared How-To: Setup a SVN Server Under OS X 10.6. [...]

    Share
  6. [...] & Printer Sharing etc.) will work automagically with this setup, but custom services such a my subversion and the built-in web sharing do not. However it’s not hard to make these services compatible [...]

    Share
  7. [...] & Printer Sharing etc.) will work automagically with this setup, but custom services such a my subversion and the built-in web sharing do not. However it’s not hard to make these services compatible with [...]

    Share
  8. Hello, good tutorial.
    If need something easy without Terminal.app, you can try SPMPT, It’s an additional package for MAMP which include Subversion server, Trac (edgewall), python and mod_python. It’s works out of the box.
    website : http://sonique54.free.fr/spmpt/

    Share
  9. Like the info. Followed everything to the letter. However, I get the “svn: malformed network data” error from any client I use to connect. Versions match on client and server. Proces is started with –inetd. Config is the same as in the instructions. Looking on the web, this error seems to come up a lot however nobody seems to have an answer. svn is all 1.6.5.

    Share
    1. There could be any number of reasons this is happening; the following page shows how to use telnet to be able to read the original error message that to svn is simply “malformed network data” (because the error message is not the data it was expecting).

      http://old.nabble.com/Subversion,-xinetd,-and-%22Malformed-network-data%22-td19986584.html

      In short:
      telnet server.machine.name 3690

      Share
    2. For me, the error message (visible through telnet) was

      launchproxy[82606]: execv(): No such file or directory
      Connection closed by foreign host.

      indicating that execv couldn’t find the file to launch, and sure enough the plist I was using (from another website) specified

      Program
      /opt/subversion/bin/svnserve

      instead of

      Program
      /usr/bin/svnserve

      which it is on my system. (To see where it is, do “which svnserve”.)

      Now that I fixed this, and did

      sudo launchctl load /Library/LaunchDaemons/my.svnserve.plist

      (because I’m not using Lingon) it is working great.

      Share
  10. Excellent tutorial!!

    Share

Comments have been disabled for this post