Subversion server configuration options:
- svnserve: This is a simple stand-alone server which comes with the Subversion release.
- svn+ssh: This is a simple stand-alone server which uses ssh security,
- Apache httpd server with Subversion:
- allows more integration with Apache infrastructure and other web applications
- allows use of Apache authentication
- allows web server viewing straight from the repository
- ability to mount repository as a network share (WEBDAV capability offered through Apache)
Subversion download options: (use the default or upgrade to a newer version)
- Use the version of Subversion which comes with your release of Linux:
- Red Hat Enterprise Linux 8/CentOS 8 (Apache 2.4, Python 3.6/2.7, ...) - Subversion 1.10
- Red Hat Enterprise Linux 7/CentOS 7 (Apache 2.4, Python 2.7, ...) - Subversion 1.9
- Red Hat Enterprise Linux 6/CentOS 6 (Apache 2.2, Python 2.6, ...) - Subversion 1.6
- Red Hat Enterprise Linux 5/CentOS 5 (Apache 2.2, Python 2.4, ...) - Subversion 1.4
- Red Hat Enterprise Linux 4/CentOS 4 (Apache 2.0, Python 2.3, ...) - Subversion 1.1
- Ubuntu 18.04 (Apache 2.4, Python 2.7, ...) - Subversion 1.9.7
- Use the latest CollabNet bundled release of Apache, Subversion and ViewVC. Unfortunately this bundle includes a stripped down version of Apache without support for Perl modules, PHP, etc. This release is what is required to run a Subversion server and the ViewVC web front-end only. It even includes stripped down python support. I could not get this version to work with Apache authentication Perl modules or with Trac.
- Download source and compile. Requires downloads of source and compilation of dependencies as well.
This tutorial focuses on the version of Subversion which is released with the OS (RHEL and CentOS) or, compatible RepoForge or Summersoft RPM upgrades.
Red Hat Enterprise 6 with SVN 1.7.5: (RepoForge Subversion RPM upgrade. Default is SVN 1.6)
Red Hat Enterprise 5 with SVN 1.6.9: (Summersoft RPM upgrade. Default is SVN 1.4)
Download: (32 bit i386. 64 bit also available)
- mod_dav_svn-1.6.9-1.i386.rpm
- neon-0.28.4-1.i386.rpm (neon-devel-0.28.4-1.i386.rpm)
- sqlite-3.5.9-2.i386.rpm (sqlite-devel-3.5.9-2.i386.rpm)
- subversion-1.6.9-1.i386.rpm (subversion-devel-1.6.9-1.i386.rpm)
- subversion-perl-1.6.9-1.i386.rpm
- subversion-python-1.6.9-1.i386.rpm
- subversion-tools-1.6.9-1.i386.rpm
[Potential Pitfall]: You may get the following error:error: Failed dependencies: perl(File::Path) >= 1.0404 is needed by subversion-tools-1.6.9-1.i386
RHEL 5 Perl includes File::Path version 1.08 but subversion-tools checks for 1.0404. The broken math test: is 8 > 404?
Solution: Ignore the dependency: rpm -ivh --force --nodeps subversion-tools-1.6.9-1.i386.rpm
- rpm -Uvh sqlite-3.5.9-2.i386.rpm sqlite-devel-3.5.9-2.i386.rpm
- rpm -ivh neon-0.28.4-1.i386.rpm neon-devel-0.28.4-1.i386.rpm
- rpm -ivh subversion-1.6.9-1.i386.rpm subversion-devel-1.6.9-1.i386.rpm subversion-python-1.6.9-1.i386.rpm subversion-perl-1.6.9-1.i386.rpm mod_dav_svn-1.6.9-1.i386.rpm
- The "devel" RPMs provide C language include files and libraries for open source development and are not required unless you plan to build an application which requires the "devel" RPMs.
- May be required to remove existing SNV installation to avoid conflicts: rpm -e subversion subversion-devel
Ubuntu: apt-get install subversion enscript libapache2-mod-python python-docutils db4.3-util libapache2-svn subversion-tools
There are two database options available for the Subversion repository creation.
- FSFS:
- Berkeley DB:
Create a Subversion repository using the FSFS database format: (as root)
- mkdir /srv/svn/repos
- svnadmin create --fs-type fsfs /srv/svn/repos
- chown apache:apache -R /srv/svn/repos
(The Apache web server running as user "apache" is the process owner which will be interfacing with the Subversion repository.) - SELinux security attribute assignment: (Red Hat EL4+, Fedora 3+)
restorecon -R /srv/svn/repos
or
chcon -R -h -t httpd_sys_content_t /srv/svn/repos"
Options:- -h: affect symbolic links instead of any referenced file
- -t: set type TYPE in the target security context
- -R: change files and directories recursively
(Required for SELinux systems so that apache can write to this area or turn off SELinux. For more info see the YoLinux SysAdmin/SELinux tutorial)
This will create the default database files, configuration files and directory structure required to support Subversion. The choice of repository type is stored in /srv/svn/repository-name/db/fstype. In this case if you "cat" the file it will show "fsfs".
Subversion can be configured to use a local file system (NOT a network filesystem!!!), it's own server (svnserve) or use Apache and the webdav interface. This configuration shows the Subversion installation configured with Apache on Red Hat Enterprise (RHEL).
+
Apache configuration file: /etc/httpd/conf.d/subversion.conf
- This example performs no authentication:
# Required for Apache interface LoadModule dav_svn_module modules/mod_dav_svn.so # Required for "per-directory" access control LoadModule authz_svn_module modules/mod_authz_svn.so # URL path in web browser after "http://yourdomain.com/": /svn <Location /svn> DAV svn # Local path on server filesystem: /srv/svn/repos SVNPath /srv/svn/repos </Location>
- This example authenticates to a local Apache user password file:
User logins and passwords are specifically for the Apache server and have no connection to the system OS user accounts.
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn> DAV svn SVNPath /srv/svn/repos AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/httpd/conf/userpw require valid-user </Location>
For more on Apache user file authentication see:
- This example authenticates logins with the NIS server.
This requires the installation of perl modules Apache-AuthenNIS.
See the YoLinux Apache NIS authentication tutorial (See this tutorial if running Apache httpd 2.2)
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn> DAV svn SVNPath /srv/svn/repos AuthType Basic AuthName "Subversion Repository" PerlAuthenHandler Apache::AuthenNIS PerlSerVar AllowAlternateAuth no require valid-user </Location>
YoLinux.com Apache authentication tutorial - password file, NIS, LDAP, ...
Allow the web server to control content: chown -R apache:apache /srv/svn
Restart Apache: service httpd restart
Subversion Repository on Server File system:
- /srv/svn/repos
Import directory of files into Subversion:
- Local directory to import into Subversion:
- projectX/trunk/...source code goes here...
- projectX/branches
- projectX/tags
- svn import -m "Initial Import" local-directory-projectX http://server-name/svn/projectX
The import will create the new subdirectory branch "projectX" in the repository.
Alternate directory creation method: (repository exists but the directories need to be generated)
- svn mkdir -m"Initial creation of trunk directory" http://svn-server/svn/projectX/trunk
- svn mkdir -m"Initial creation of branches directory" http://svn-server/svn/projectX/branches
- svn mkdir -m"Initial creation of tags directory" http://svn-server/svn/projectX/tags
Browser view of a typical repository directory schema:
- http://svn-server/svn/projectX/trunk: For the "HEAD"
- http://svn-server/svn/projectX/branches: For branches or "forks" in the code.
- http://svn-server/svn/projectX/tags: For tags identifying snapshots of milestones or significant releases.
Typically adding the applications and libraries follow:
svn mkdir -m "Create directory app1" http://server-name/svn/projectX/trunk/app1
svn import -m "app1 Import" app1 http://server-name/svn/projectX/trunk/app1
svn mkdir -m "Create directory libutil" http://server-name/svn/projectX/trunk/libutil
svn import -m "libutil Import" libutil http://server-name/svn/projectX/trunk/libutil
Explanation of Subversion directory structure:
- /trunk : Contains the current development branch. New projects should be started here.
- /branches : A branch is just a special copy of the source tree within Subversion that started with a specific revision of the code. A branch is created by using "svn copy" of the trunk to a branch i.e. /branch/name_of_branch_1.0.
- /branches/personal : Personal branches are for doing some work which you don't want to have interfere with the main trunk until it is working or better defined.
- /tags : This is a method of bookmarking or taking a "snapshot" of some work in progress.
- /releases : This is similar to "tags" except that this version of the code makes it to production. Names used here should match product release names. i.e. version_1.1
Avoiding false diffs due to "^M" in a cross platform environment:
The Microsoft development tools love to add a "^M" at the end of the line of every file they edit. This breaks UNIX shell script and causes many file difference tools to show a difference in a line of code. This can be avoided in a cross platform environment by telling Subversion that certain files (or all files) that no "^M"'s should be appended at the end of a line. The trigger in fact removes the "^M" when the file is checked in. It can also be removed using the command dos2unix.
Import files to support no "^M" carriage returns at the end of lines:
(This sets file properties and creates a check-in trigger.)
- Remove "^M" from files: find local-directory -name "*.cpp" -exec dos2unix {} \;
- Upload directory of files into Subversion:
svn import -m "Initial Import" local-directory http://server-name/svn/projectX - Checkout files from repository: svn co http://server-name/svn/projectX/trunk
This creates your local working directory under Subversion control. - Set file properties such that "^M" are removed during check-in if added:
find ./ -name "*.cpp" -exec svn propset svn:eol-style LF {} \; - Apply property changes to repository: svn ci -m "Apply LF properties" local-directory
Note that the "propset" command must be used for new files added to the Subversion repository if they are to have these properties.
Users can also set this option in the file: $HOME/.subversion/config
.. ... [auto-props] README = svn:eol-style=native INSTALL = svn:eol-style=native *.c = svn:eol-style=LF *.cpp = svn:eol-style=LF *.h = svn:eol-style=LF *.dsp = svn:eol-style=CRLF *.dsw = svn:eol-style=CRLF *.sh = svn:eol-style=native;svn:executable *.txt = svn:eol-style=LF *.png = svn:mime-type=image/png *.jpg = svn:mime-type=image/jpeg Makefile = svn:eol-style=LF *.html = svn:eol-style=LF *.css = svn:eol-style=LF *.java = svn:eol-style=LF *.xml = svn:eol-style=LF *.m4 = svn:eol-style=LF *.pdf = svn:mime-type=application/pdf ... ..
Data repository dump:
- Dump first entry to current:
svnadmin dump /srv/svn/repos --revision 0:HEAD > repos.dump - Dump revision 625 to current:
svnadmin dump /srv/svn/repos --revision 625:HEAD --incremental > repos-625.dump
Data repository load:
- First load: svnadmin load /srv/svn/repos < repos.dump
- Incremental load: svnadmin load /srv/svn/repos < repos-625.dump
For more complex transfers with path translation, see the YoLinux Subversion repository data transfer tutorials.
The following is a cron job to dump the repository to an ASCII file as a backup:
File: /etc/cron.daily/CmSvnDump.sh
#!/bin/bash # umask 002 # Our backups go to a remote file server with a local mount point cd /mnt/backup/CM # ASCII dump of SVN repository: /etc/init.d/httpd stop /usr/bin/svnadmin dump /srv/svn/projectX --revision 0:HEAD > CmSvnDump-`date +%m%d%y`.dump /etc/init.d/httpd start # HotCopy SVN and Trac backups: svnadmin hotcopy /srv/svn/projectX /tmp/bkup/svnprojectX trac-admin /srv/trac/projectX hotcopy /tmp/bkup/tracprojectX tar -cvzf /mnt/backup/CM/CmSvn-`date +%m%d%y`.tar.gz -C /tmp/bkup svnprojectX tar -cvzf /mnt/backup/CM/CmTrac-`date +%m%d%y`.tar.gz -C /tmp/bkup tracprojectX # Cleanup: rm -Rf /tmp/bkup/svnprojectX /tmp/bkup/tracprojectX
Also see the YoLinux.com cron sysadmin tutorial
The best presentation interface is "Insurrection" detailed below. For a quick and easy improvement to the Subversion web interface, use the XSLT/CSS files svnindex.xsl and svnindex.css, which comes with the "subversion-tools RPM".
Create path links:
- ln -s /usr/lib/subversion/tools/xslt/svnindex.xsl /var/www/html/
- ln -s /usr/lib/subversion/tools/xslt/svnindex.css /var/www/html/
- ln -s /usr/lib64/subversion/tools/xslt/svnindex.xsl /var/www/html/
- ln -s /usr/lib64/subversion/tools/xslt/svnindex.css /var/www/html/
Add the "SVNIndexXSLT" directive to the file /etc/httpd/conf.d/subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so <Location /svn> DAV svn SVNPath /srv/svn/repos SVNIndexXSLT "/svnindex.xsl" </Location>
[Potential Pitfall]: Some browsers, do not process XSLT. This will prohibit them from traversing directories which are rendered with XSLT.
Access Forbidden:
Subversion 1.6.x message:
[user1@server1]$ svn http://hostname/svn/projectX/demo1/ svn: Server sent unexpected return value (403 Forbidden) in response to OPTIONS request for 'http://hostname/svn/projectX/demo1/'Subversion 1.7.4 message:
[user1@server1]$ svn http://hostname/svn/projectX/demo1/ svn: E175013: Unable to connect to a repository at URL 'http://hostname/svn/projectX/demo1/' svn: E175013: Access to 'http://hostname/svn/projectX/demo1/' forbidden
This is a permissions problem caused by any number of issues.
Potential Causes:- If experiencing the problem on one system but not on another, then SVN us probably using cached credentials which are incorrect.
- Make sure the user is authenticated and authorized. Is the ID in the list? SVN will use as a default your account login. Is that what was intended?
- Try explicit user name / password:
svn co --username svnuser --password supersecret http://hostname/svn/projectX/demo1/ - Try updating your client to be as new or newer than the version of Subversion used on your server.
- Online O'Reily Subversion book
- Subversion Repository Administration (O'Reily Chapter 5)
- Subversion Server configuration (O'Reily Chapter 6)
- WANdisco: Subversion MultiSite Plus
- ViewVC: Web front-end
While Subversion has a native web interface it does not allow one to view anything but the "HEAD" or latest versions of the files stored. The following web front-ends to Subversion will allow one to view previous file revisions and even perform file comparisons between revisions. Insurrection seems to have a more elegant interface and structure but is more difficult to install and configure.
ViewVC is a Python based web interface to Subversion available in an installable RPM package or can be installed from source.
Install RPM: rpm -ivh viewvc-1.0.5-1.el4.rf.noarch.rpm
Install from source:
- Download from http://www.viewvc.org/download.html
- tar xzf viewvc-1.1.2.tar.gz
- cd viewvc-1.1.2/
- ./viewvc-install
Installation path [/usr/local/viewvc-1.1.2]: /opt/viewvc - cp /opt/viewvc/bin/cgi/viewvc.cgi /var/www/cgi-bin
- cp /opt/viewvc/bin/cgi/query.cgi /var/www/cgi-bin
- Edit /opt/viewvc/viewvc.conf
(See example below)
Apache web server configuration file: /etc/httpd/conf.d/viewvc.conf
ScriptAlias /viewvc /var/www/cgi-bin/viewvc.cgi ScriptAlias /query /var/www/cgi-bin/query.cgi # <Location /viewvc> AuthType Basic AuthName "Authorization Realm" PerlAuthenHandler Apache::AuthenNIS PerlSetVar AllowAlternateAuth no Require valid-user </Location> <Location /query> AuthType Basic AuthName "Authorization Realm" PerlAuthenHandler Apache::AuthenNIS PerlSetVar AllowAlternateAuth no Require valid-user </Location>
- RPM install: /etc/viewvc/viewvc.conf
- Installed from source: /opt/viewvc/viewvc.conf
[general] svn_roots = projectX: /srv/svn/projectX,projectY: /srv/svn/projectY default_root = projectXTry it out: http://localhost/viewvc/
ViewVC, multiple SVN repositories and independent authentication:
Apache configuration file: /etc/httpd/conf.d/viewvc.conf
ScriptAlias /viewvc/ProjectX /var/www/cgi-bin/viewvc.cgi/ProjectX ScriptAlias /viewvc/ProjectY /var/www/cgi-bin/viewvc.cgi/ProjectY Alias /viewvc/docroot /opt/viewvc/templates/docroot <Directory /opt/viewvc> Order allow,deny Allow from all </Directory> <Location /viewvc/ProjectX> --- authenticate and authorize here --- </Location> <Location /viewvc/ProjectY> --- authenticate and authorize here --- </Location>
ViewVC configuration file: /opt/viewcv/viewvc.conf
[general] svn_roots = projectX: /srv/svn/projectX,projectY: /srv/svn/projectY [options] # If ViewVC is configured with multiple repositories, this results in # more natural looking ViewVC URLs. root_as_url_component = 1 docroot = /viewvc/docroot ... ...Partial listing of configuration file.
Links:
Insurrection is a HTML, CSS and XSLT (and some perl) web presentation layer for Subversion. It creates a more functional and feature rich web interface to Subversion. It does not support Opera or browsers without XSLT support. Supports IE/Mozilla and Firefox.
Installation:
- Download using Subversion: svn export http://svn.code-host.net/svn/Insurrection/trunk/
This will download Insurrection to a local directory called "trunk".
OR - insurrection-100906.tar.gz
Installation:
- Move to web directory: mv trunk /var/www/Insurrection
- Edit files:
- insurrection.conf: Place this file in /etc/httpd/conf.d/
This Apache configuration files needs to be edited to suit your installation. This example is set to replace your /etc/httpd/conf.d/subversion.conf file. Do not duplicate functionality in both. - insurrection.js: Edit SVN_URL per your Subversion repository.
- insurrection.pl:
Edit and set variables:- SVN_REPOSITORIES_URL
- SVN_AUTH
- SVN_BASE
- insurrection.conf: Place this file in /etc/httpd/conf.d/
- Add a logo image file to your insurrection directory: /var/www/Insurrection/cm.megacorp.com.gif
Note: This is required as the logic checks for the existence of this file to function properly. If using a port other than web port 80, (i.e. port 222) then specify the port: /var/www/Insurrection/cm.megacorp.com:222.gif - Edit the file /var/www/Insurrection/.htaccess for the gif logo path. May have to edit the SVN_URL location in insurrection.js. Comment out lines referencing ls.cgi in RewriteCond and RewriteRule.
Note that Insurrection's default configuration is set to use a virtual host or a dedicated server for Subversion. This is due to "DocumentRoot" being set to "/". If using a different Apache "DocumentRoot" configuration, edit the directory prefixes in insurrection.xsl.
Links:
- Home page: http://insurrection.tigris.org
- Info
StatSVN is a metrics-analysis tool which will provide web reporting and charting of lines of code (LOC), developer activity, file count, file size and project statistics based on Subversion repository activity.
Note that StatSVN requires Java. See the YoLinux.com Java installation tutorial.
Note that StatSVN version 0.4.1 is the last version which does not require an X-Window frame buffer (thus easy to use with a cron or batch script).
Note: If using Jenkins for continuous build/integration, a better SLOC tool is SLOCCount integrated with the Jenkins SLOCCount plug-in. See the YoLinux.com Jenkins tutorial for more information.
Install and Configure:
- Download the compressed compiled Java file statsvn-0.4.1.zip from sourceforge.
wget http://prdownloads.sourceforge.net/statsvn/statsvn-0.4.1.zip - Decompress and extract contents of zip file: unzip statsvn-0.4.1.zip
- Install Java program: mv statsvn-0.4.1/statsvn.jar /opt/bin/statsvn.jar
Configuring StatSVN as a cron job:
Create the following cron job script: /etc/cron.daily/StatSVN.sh#!/bin/bash # # Generate the StatSVN web pages # if [ -d /usr/java/latest ] then export PATH=/usr/java/latest/bin:$PATH export JAVA_HOME=/usr/java/latest export CLASSPATH=/usr/java/latest/lib/tools.jar:./ else exit fi # Update local Subversion repository # Uncomment this line if this script is to update the local working Subversion repository. # svn update /opt/Cabie/BUILDS/buildserver1/trunk # Generate Subversion log file svn log -v --xml /opt/Cabie/BUILDS/buildserver1/trunk > \ /opt/Cabie/BUILDS/buildserver1/StatSVN/logfile.log # Create web content here: cd /opt/Cabie/BUILDS/buildserver1/StatSVN # Generate web content java -jar /opt/bin/statsvn.jar -viewvc http://cmserver.yourdomain.com/viewvc/ProjectX/trunk/application1/ \ -output-dir /opt/Cabie/BUILDS/buildserver1/StatSVN/html \ /opt/Cabie/BUILDS/buildserver1/StatSVN/logfile.log \ /opt/Cabie/BUILDS/buildserver1/ProjectX/trunk/application1/
- Subversion local checkout directory: /opt/Cabie/BUILDS/buildserver1/trunk
(Our is located on our Cabie build server. See the YoLinux Cabie tutorial.) - Path for Subversion metrics-analysis web pages created by StatSVN which is also accessible to the Apache web server: /opt/Cabie/BUILDS/buildserver1/StatSVN
- Temporary log file: /opt/Cabie/BUILDS/buildserver1/StatSVN/logfile.log
(Can also use /etc/logfile.log) - If using SELinux, you will be required to change the security context of this script file so that cron can execute it. This method copies an existing cron script context of an existing cron script:
- chcon --reference=/etc/cron.daily/makewhatis.cron /etc/cron.daily/StatSVN.sh
Note in this installation, our Cabie build server updates the local repository after every check-in. If your repository is not updated automatically, un-comment the line in the script to do so.
[Potential Pitfall]: Cron jobs execute as root. You may have to specify an alternative login and password which has access to the Subversion repository. e.g.
svn log -v --xml --username userX --password supersecret /opt/Cabie/BUILDS/...
Create a local specific non-system account Subversion login for the cron job.
See Concurrent file and LDAP Apache authentication.
Avoid interactive dialog during the cron job by setting the following Subversion configuration parameter setting in /root/.subversion/servers (Cron jobs run as user root)
[global] store-plaintext-passwords = noThis will avoid the following interactive message: Store password un-encrypted (yes/no)?
Command Line Options:
statsvn.jar command line options: (Usage: java -jar statsvn.jar [options] <logfile> <svn-directory>)Option | Description |
---|---|
-version | print the version information and exit |
-output-dir <dir> | directory where HTML suite will be saved |
-include <pattern> | include only files matching pattern, e.g. **/*.c;**/*.h |
-exclude <pattern> | exclude matching files, e.g. tests/**;docs/** |
-tags <regexp> | show matching tags in lines of code chart, e.g. version-.* |
-title <title> | Project title to be used in reports |
-viewvc <url> | Integrate with ViewVC installation at <url> This option causes StatSVN to generate hyperlinks to ViewVC for source code file names listed by StatSVN. |
-trac <url> | integrate with Trac at <url> |
-bugzilla <url> | integrate with Bugzilla installation at <url> |
-username <svnusername> | username to pass to svn |
-password <svnpassword> | password to pass to svn |
-verbose | print extra progress information |
-xdoc | optional switch output to xdoc |
-xml | optional switch output to xml |
-threads <int> | how many threads for svn diff (default: 25) |
-concurrency-threshold <millisec> | switch to concurrent svn diff if 1st call > threshold (default: 4000) |
-dump | dump the Repository content on console |
-charset <charset> | specify the charset to use for html/xdoc |
-tags-dir <directory> | optional, specifies the director for tags (default '/tags/') |
Apache configuration so that StatSVN reports are viewable:
File: /etc/httpd/conf.d/statsvn.conf
Alias /StatSVN /opt/Builds/buildserver1/StatSVN/html <Directory "/opt/Builds/buildserver1/StatSVN/html"> Options Indexes FollowSymLinks AuthType Basic ... </Directory>
In this example the web content will be in /opt/Cabie/BUILDS/buildserver1/StatSVN/html. Apache must be configured to view this directory. See the YoLinux Apache Web server configuration tutorials.
StatSVN version 5.0 and above require X-Windows to support Java Swing classes used by statsvn.jar. If running via a cron or batch job, one will have to set up a virtual frame buffer. I never got this to work successfully so I just used StatSVN 0.4.1 instead.Virtual frame buffer configuration:
- Install Xvfb:
- yum update xorg-x11-server-Xorg
- yum install xorg-x11-server-Xvfb
- /usr/bin/Xvfb :2 -nolisten tcp -shmem &
- export DISPLAY=:2.0
- Run statsvn.jar here
- killall Xvfb
Links:
- StatSVN.org - home page
- Sourceforge Page
- statSVN example report
As part of the software process it is often required that one release a complete list of files which make up a software build. This would be part of a Software Version Description document or SVD. This can be generated automatically using the following bash shell CGI: /var/www/cgi-bin/SubversionSVD.cgi to perform this task via the web. Edit the SVN URLs to fit your needs.
This CGI script calls the following awk script svd_report.awk
Helpful Links:- For more information on bash CGI scripts, see Bash CGI - YoLinux Tutorial
- For more information on AWK scripts, see the awk man page
- For more information on web server configuration, see Web site configuration - YoLinux Tutorial
When Trac and Subversion are both installed on the same server, the two can be tightly integrated in a two way fashion. Trac includes a Subversion repository browser and the integration allows Trac tickets to hyperlink to Subversion check-ins and code and also allows Subversion check-in comments to hyperlink to the Trac tickets which describe the changes. Subversion comments must include mention of the Trac ticket prefixed with a "#" (for example #54 will generate a hyperlink to Track ticket 54). Track comments which include the Subversion check-in revision number will generate a hyperlink to the code in the change-set (for example r657 will generate a hyperlink to the Subversion change-set 657) The following installation is for an integrated solution.
Red Hat EL6: install Trac 1.0 from source
-
Note:
- RHEL6 package prerequisites:
- python-2.6.6-29 (python 2.5, 2.6, 2.7 are Ok)
- setuptool-1.19.9-3 (setuptools >= 0.6 required)
- python-genshi06-0.6-1.el6.noarch (Genshi >= 0.6 required) (For RPMs see EPEL)
- mod_wsgi-3.2-1 (for use with Apache - fastCGI) or mod_python
Note: use of Trac without using mod_wsgi or mod_python (choose one not both) will result in a painfully slow web application. Don't do it. - httpd
- Download: Trac-1.0.tar.gz http://trac.edgewall.org/wiki/TracDownload
- tar xzf Trac-1.0.tar.gz
- cd Trac-1.0
- sudo python ./setup.py install
This downloads http://download.edgewall.org/trac/Trac-1.0.zip and installs it: easy_install --upgrade Trac==1.0
Installs to: /usr/lib/python2.6/site-packages/Trac-1.0-py2.6.egg - Httpd config file: /etc/httpd/conf.d/trac.conf
Set ScriptAlias:
ScriptAlias /trac /usr/lib/python2.6/site-packages/Trac-1.0-py2.6.egg/trac/web/wsgi.py
trac-admin /srv/trac/projectx/ repository sync projectx
Returns error:TracError: Unsupported version control system "svn": Can't find an appropriate component, maybe the corresponding plugin was not enabled?
Fix/solution: Trac 1.0 requires explicit SVN activation
File: /srv/trac/projectx/conf/trac.ini[components] tracopt.versioncontrol.svn.* = enabled
- Red Hat EL6: install from source (Red Hat Enterprise Linux 6 [Python 2.6, sqlite], Trac 1.0.13 example with mod_wsgi)
- RHEL6 package prerequisites: python, httpd, mod_wsgi, etc
- Download source: wget https://download.edgewall.org/trac/Trac-1.0.13.tar.gz
- Un-compress: tar xzf Trac-1.0.13.tar.gz
- cd Trac-1.0.13
- Install to python system site packages directory: sudo python ./setup.py install
(Installs to /usr/lib/python2.6/site-packages/)
[Potential Pitfall]: Allow for use with web server: chown -R apache.apache /usr/lib/python2.6/site-packages/Trac-1.0.13-py2.6.egg/
Change ownership to avoid the following error in the browser window:Internal Server Error The server encountered an internal error or mis-configuration and was unable to complete your request
- Generate initial instance: trac-admin /srv/trac/projectX initenv
This will generate the Trac project instance/database.
If upgrade an existing 0.12 installation: trac-admin /srv/trac/projectX upgrade
and trac-admin /srv/trac/projectX wiki upgrade - Fix: ln -s /usr/lib/python2.6/site-packages/Trac-1.0.13-py2.6.egg/trac /usr/lib/python2.6/site-packages/trac
This is a fix not documented anywhere in the installation instructions!
[Potential Pitfall]: This fix is for the following log errors you will find in /var/log/http/error.logFile "/srv/trac/projectx/cgi-bin/trac.wsgi", line 30, in application from trac.web.main import dispach_request InputError: No module names trac.web.main
- Generate WSGI files: trac-admin /srv/trac/projectX deploy /srv/trac/projectX
This will generate /srv/trac/projectX/cgi-bin/trac.wsgi and other cgi files as well as some htdocs/ modifications. - Allow apache server process access to files: chown apache.apache -R /srv/trac/projectX
- Restart Apache web server: service httpd restart
[Potential Pitfall]: WSGI module error:Invalid command 'WSGIScriptAlias', perhaps misspelled or defined by a module not included in the server configuration
Make sure the RPM mod_wsgi is installed. The RHEL6 file /etc/httpd/config.d/wsgi.conf should contain the following line:LoadModule wsgi_module modules/mod_wsgi.so
WSGIScriptAlias /trac /srv/trac/projectX/cgi-bin/trac.wsgi <Directory /trac> WSGIApplicationGroup %{GLOBAL} # For Apache 2.2 <IfModule !mod_authz_core.c> Order deny,allow Allow from all </IfModule> </Directory> <Location /trac> SetEnv PYTHON_EGG_CACHE /tmp SetEnv TRAC_ENV_PATH /srv/trac/projectX # put authentication directives here AuthType Basic AuthName "user1" AuthUserFile /srv/trac/projectx/conf/trac.htpasswd Require valid-user </Location> <LocationMatch "/trac/[^/]+/login"> AuthType Basic AuthName "user1" AuthUserFile /srv/trac/projectx/conf/trac.htpasswd Require valid-user </LocationMatch>
- Red Hat EL6: install from EPEL RPM (Red Hat Enterprise Linux 6 [Python 2.6, sqlite], Trac 1.0 example with mod_python)
- RHEL6 package prerequisites: python, httpd, etc
- RHEL6 EPEL package prerequisite: mod_python-3.3.1-16.el6.x86_64.rpm
(For RPMs see the EPEL website) - RHEL6 EPEL Trac download: trac10-1.0.1-4.el6.noarch.rpm
- Install: rpm -ivh trac10-1.0.1-4.el6.noarch.rpm mod_python-3.3.1-16.el6.x86_64.rpm
<Location /trac> SetHandler mod_python PythonHandler trac.web.modpython_frontend PythonOption TracEnv /srv/trac/projectx # TracUriRoot is the same as the "Location" specified above PythonOption TracUriRoot /trac SetEnv PYTHON_EGG_CACHE /tmp PythonInterpreter trac </Location> <Location /trac/login> AuthType Basic AuthName "user1" AuthUserFile /srv/trac/projectx/conf/trac.htpasswd Require valid-user </Location>
- Red Hat EL6: install from EPEL RPM (Red Hat Enterprise Linux 6 [Python 2.6, sqlite], Trac 0.12.2 example)
Note:
- RHEL6 package prerequisites: python, python-setuptools, httpd
- Download: EPEL website - trac-0.12.2-1.el6.noarch.rpm
- Installs the following:
/etc/httpd/conf.d/trac.conf /etc/trac/plugins.d/... /etc/trac/trac.ini /usr/bin/trac-admin /usr/lib/python2.6/site-packages/Trac-0.12.2-py2.6.egg-info/... /usr/lib/python2.6/site-packages/trac/... /usr/share/doc/trac-0.12.2/... /usr/sbin/tracd /var/www/cgi-bin/trac.cgi /var/www/cgi-bin/trac.fcgi
- Allow Trac CGI to be executed (Two methods. Pick one.):
- Copy the CGI to the default CGI bin directory: cp /usr/share/trac/cgi-bin/trac.cgi /var/www/cgi-bin
OR - Enable Apache to execute the CGI:
.. ScriptAlias /trac /usr/share/trac/cgi-bin/trac.cgi ..
- Copy the CGI to the default CGI bin directory: cp /usr/share/trac/cgi-bin/trac.cgi /var/www/cgi-bin
- Create new project repository:
# trac-admin /srv/trac/projectX initenv Project Name [My Project]> projectX Database connection string [sqlite:db/trac.db]> Path to repository [/path/to/repos]> /srv/svn/projectX
- Red Hat EL5: manual installation from source (Red Hat Enterprise Linux 5 [Python 2.4, sqlite], Trac 0.11.5 example)
Note:
- Clearsilver web templates deprecated, now uses Genshi. Trac 0.11.5 required to support Subversion 1.6.X.
- If upgrading, remove old version. See: /usr/lib/python2.3/site-packages/trac/, /usr/share/trac/, /srv/trac/ProjectX/egg_cache/, /usr/bin/trac-admin and tracd
- RHEL5 package prerequisites: python, python-setuptools, httpd
- Download: http://trac.edgewall.org/wiki/TracDownload
- tar xzf Trac-0.11.5.tar.gz
- cd Trac-0.11.5/
- List commands: python ./setup.py --help
- Install: python ./setup.py install
- This installs the Python template package Genshi
- Installs Trac to /usr/lib/python2.4/site-packages/Trac-0.11.5-py2.4.egg/
- Installs commands (trac-admin, tracd): /usr/bin
- Download from: http://genshi.edgewall.org/wiki/Download
(or wget http://ftp.edgewall.com/pub/genshi/Genshi-0.5.1.tar.gz) - tar xzf Genshi-0.5.1.tar.gz
- cd Genshi-0.5.1/
- python setup.py install
- Install CGI: cp cgi-bin/trac.cgi cgi-bin/trac.fcgi /var/www/cgi-bin
Note:- Set environment variable (Trac 0.11+) in /etc/httpd/conf.d/trac.conf:
SetEnv PYTHON_EGG_CACHE /srv/trac/projectX/egg_cache - Create the directory /srv/trac/projectX/egg_cache as it must be present even if not used.
- Set environment variable (Trac 0.11+) in /etc/httpd/conf.d/trac.conf:
- Create new project repository:
# trac-admin /srv/trac/projectX initenv Project Name [My Project]> projectX Database connection string [sqlite:db/trac.db]> Path to repository [/path/to/repos]> /srv/svn/projectX
- Red Hat EL4: RPM installation (Red Hat Enterprise Linux 4 [Python 2.3], Trac 0.9.6 example)
- http://repoforge.org/:
(Select: Home made + RPM repository + RPMforge)- trac-0.9.6-1.el4.rf.noarch.rpm
- clearsilver-0.10.1-1.2.el4.rf.i386.rpm
- clearsilver-devel-0.10.1-1.2.el4.rf.i386.rpm
- python-clearsilver-0.10.1-1.2.el4.rf.i386.rpm
- python-imaging-1.1.5-5.el4.i386.rpm
- python-sqlite-1.0.1-1.2.el4.rf.i386.rpm
- sqlite-2.8.16-1.2.el4.rf.i386.rpm
- sqlite-devel-2.8.16-1.2.el4.rf.i386.rpm
- http://rpm.pbone.net:
- python-docutils-0.4-2.el4.noarch.rpm
-
or configure YUM and import from the DAG YUM repository.
See the YoLinux Red Hat Package Management Tutorial: YUM
yum install -y trac
- http://repoforge.org/:
- Ubuntu: apt-get install trac apache2 libapache2-mod-python python-genshi
If using mod_wsgi, enable it with the following command: sudo a2enmod wsgi
Ubuntu apache error log file: /var/log/apache2/error.log
Trac Upgrades:
All Trac upgrades will require Trac to be "re-synced" to the Subversion repository with the following command:trac-admin /srv/trac/projectX resync
Creating a new Trac Repository/Instance:
As root: [root]# trac-admin /srv/trac/projectX initenv
Project Name [My Project]> projectX Database connection string [sqlite:db/trac.db]> Path to repository [/var/svn/test]> /srv/svn/projectX Templates directory [/usr/share/trac/templates]>
Note:- The directory /srv/trac MUST exist.
- The directory /srv/trac/projectX MUST not exist before execution of command.
- SuSE: /srv/trac/
- Red Hat: /usr/share/trac/proj_trac/
More trac-admin info below.
Component Home pages:
- chcon -R -t httpd_sys_content_t /usr/share/trac/
- chcon -R -t httpd_sys_content_t /srv/trac/
More SELinux info below.
File: /srv/trac/projectX/conf/trac.ini
Specify project URL:
(Created using the "trac-admin" command above and not provided by the RPM package.).. ... [trac] ... repository_dir = /srv/svn/projectX - This ties Trac to Subversion ... ... [notification] Set email and SMTP information here ... ... [project] url = http://projectX.com
For more trac.ini configuration information see Trac: trac.ini configuration
[Potential Pitfall]: Once Trac is configured and used (i.e. it has tickets, etc), it can not be pointed to a different Subversion repository. If you point "repository_dir" to a new Subversion repository, you will not have a Trac database which is in sync with Subversion and Trac will fail. The name of the directory path and the "repository_dir" can be renamed with matching names, but the actual Subversion repository must remain the same.
Trac can be run using the stand-alone Trac daemon "tracd". This configuration shows the use of Apache with Trac.
+
Allow paths and files to be accessible by Apache: [root]# chown -R apache:apache /srv/trac/projectX
File: /etc/httpd/conf.d/trac.conf (Trac 0.12 configuration examples)
- This example performs no authentication:
Alias /trac/ "/usr/share/trac/htdocs/" <Location "/cgi-bin/trac.cgi"> SetEnv TRAC_ENV "/srv/trac/projectX" </Location>
ScriptAlias /trac /usr/share/trac/cgi-bin/trac.cgi <Location "/trac"> SetEnv TRAC_ENV "/srv/trac/projectX" </Location>
- This example authenticates logins internally using Apache. User logins and passwords have no connection to user accounts.
Alias /trac/ "/usr/share/trac/htdocs/" <Location "/cgi-bin/trac.cgi"> SetEnv TRAC_ENV "/srv/trac/projectX" </Location> # The following enables the "login" link in Trac. # (Top right hand corner) <Location "/cgi-bin/trac.cgi/login"> AuthType Basic AuthName "Project X Trac" AuthUserFile /etc/httpd/conf/userpw require valid-user </Location>
- This example authenticates logins internally using Trac and Digest authentication.
User logins and passwords have no connection to user accounts.
Alias /trac/ "/usr/share/trac/htdocs/" <Location "/cgi-bin/trac.cgi"> SetEnv TRAC_ENV "/srv/trac/projectX" </Location> # The following enables the "login" link in Trac. # (Top right hand corner) <Location "/cgi-bin/trac.cgi/login"> AuthType Digest AuthName "Project X Trac" AuthDigestDomain /trac AuthDigestFile /etc/httpd/conf/digestpw require valid-user </Location>
- This example authenticates user account logins with the NIS server.
This requires the installation of perl modules Apache-AuthenNIS.
See the YoLinux Apache NIS authentication tutorial (See this tutorial if running Apache httpd 2.2)
Alias /trac/ "/usr/share/trac/htdocs/" <Location "/cgi-bin/trac.cgi"> SetEnv TRAC_ENV "/srv/trac/projectX" AuthType Basic AuthName "Project X Trac" PerlAuthenHandler Apache::AuthenNIS PerlSerVar AllowAlternateAuth no require valid-user </Location> # The following enables the "login" link in Trac. # (Top right hand corner) <Location "/cgi-bin/trac.cgi/login"> AuthType Basic AuthName "Project X Trac" PerlAuthenHandler Apache::AuthenNIS PerlSerVar AllowAlternateAuth no require valid-user </Location>
This example is for RHEL with Apache httpd 2.0.
Restart Apache: service httpd restart
Also see YoLinux Apache authentication tutorial: LDAP, NIS, File.
Issue Trac commands as root:
- Command line: trac-admin --help
OR - Enter into Trac Admin shell: trac-admin /srv/trac/projectX
Then type "help" to see list of commands.
Use the command "quit" to exit the shell.
Set Permissions:
- Grant administration privileges to a user:
trac-admin /srv/trac/projectX permission add userid TRAC_ADMIN
These permissions are required if using web interface to manage "roadmaps". - Show permissions:
trac-admin /srv/trac/projectX permission list user-id
- Remove write for anonymous users:
trac-admin /srv/trac/projectX permission remove anonymous TICKET_CREATE TICKET_MODIFY WIKI_CREATE WIKI_MODIFY
- Set default for authenticated users:
trac-admin /srv/trac/projectX permission add authenticated TICKET_CREATE TICKET_MODIFY TICKET_VIEW WIKI_CREATE WIKI_MODIFY
Add components to be managed by Trac:
- Roadmap/Product Milestones:
- trac-admin /srv/trac/projectX milestone add name-of-milestone YYYY-MM-DD
- trac-admin /srv/trac/projectX milestone completed name-of-milestone YYYY-MM-DD
The milestones can be created using the web interface. - Software Components: trac-admin /srv/trac/projectX component add name-of-component owner-id
Defaults for "New Ticket":
- Type: defect, enhancement, task
View using the command: trac-admin /srv/trac/projectX ticket_type list
Use "add" or "delete" to change the default. - Priority: blocker, critical, major, minor, trivial
View using the command: trac-admin /srv/trac/projectX priority list
Use "add" or "delete" to change the default. - Severity: highest, high, normal, low, lowest
View using the command: trac-admin /srv/trac/projectX severity list
Use "add" or "delete" to change the default.
Trac-Admin commands: trac-admin /path/to/projenv [command [subcommand] [option ...]]
Command Description about Shows information about trac-admin help Show documentation initenv Create and initialize a new environment interactively initenv <projectname> <db> <repospath> <templatepath> Create and initialize a new environment from arguments hotcopy <backupdir> Make a hot backup copy of an environment resync Re-synchronize trac with the repository upgrade Upgrade database to current version wiki list List wiki pages wiki remove <name> Remove wiki page wiki export <page> [file] Export wiki page to file or stdout wiki import <page> [file] Import wiki page from file or stdin wiki dump <directory> Export all wiki pages to files named by title wiki load <directory> Import all wiki pages from directory wiki upgrade Upgrade default wiki pages to current version permission list [user] List permission rules permission add <user> <action> [action] [...] Add a new permission rule permission remove <user> <action> [action] [...] Remove permission rule component list Show available components component add <name> <owner> Add a new component component rename <name> <newname> Rename a component component remove <name> Remove/uninstall component component chown <name> <owner> Change component ownership ticket remove 4 Remove ticket number 4 and all associated data. (Trac 0.12+) ticket_type list Show possible ticket types ticket_type add <value> Add a ticket type ticket_type change <value> <newvalue> Change a ticket type ticket_type remove <value> Remove a ticket type ticket_type order <value> up|down Move a ticket type up or down in the list priority list Show possible ticket priorities priority add <value> Add a priority value option priority change <value> <newvalue> Change a priority value priority remove <value> Remove priority value priority order <value> up|down Move a priority value up or down in the list severity list Show possible ticket severities severity add <value> Add a severity value option severity change <value> <newvalue> Change a severity value severity remove <value> Remove severity value severity order <value> up|down Move a severity value up or down in the list version list Show versions version add <name> [time] Add version version rename <name> <newname> Rename version version time <name> <time> Set version date (Format: "YYYY-MM-DD" or "now") version remove <name> Remove version milestone list Show milestones milestone add <name> [due] Add milestone milestone rename <name> <newname> Rename milestone milestone due <name> <due> Set milestone due date (Format: "YYYY-MM-DD" or "now") milestone completed <name> <completed> Set milestone completed date (Format: "YYYY-MM-DD" or "now") milestone remove <name> Remove milestone Use the command trac-admin /srv/trac/projectX wiki list to view Wiki entries.
One can access the Trac SQLite database directly:
Sample session: (response not included)[prompt]$ cd /srv/trac/projectX/db [prompt]$ sqlite trac.db sqlite> .help sqlite> .tables sqlite> .schema ticket sqlite> SELECT * FROM ticket; sqlite> .exit
Backup and restore:
Dump database:[prompt]$ cd /srv/trac/projectX/db [prompt]$ sqlite trac.db sqlite> .outfile /tmp/trac.sql sqlite> .dump sqlite> .exit
Load database:
[prompt]$ cd /srv/trac/projectX/db [prompt]$ rm trac.db [prompt]$ sqlite trac.db sqlite> .read /tmp/trac.sql sqlite> .exit [prompt]$ trac-admin trac resync
- Upgrade: sqlite trac.db .dump | sqlite3 tracV3.db
Typically this would have to be accompanied with a Trac database and environment upgrade:- trac-admin /usr/share/trac/proj_trac/projectX upgrade
and a Trac wiki manual upgrade:- trac-admin /usr/share/trac/proj_trac/projectX wiki upgrade
- Downgrade: sqlite3 trac.db .dump | sqlite tracV2.db
Typically this would have to be accompanied with a Trac database table downgrade:- sqlite3 trac.db "update system set value=20 where name='2'"
Rename database to "trac.db" to be usable.
Trac can assign new tickets (bugs/enhancements) to developers registered in the system. It can also communicate via email. To register, a user must login to Trac and:
- Select the "Preferences" link at the top right hand side of the web page.
- Enter your name and email address.
After an upgrade to Trac, the configuration and data files you employ must also be upgraded. The RPM upgrades miss this so perform manually:
trac-admin /srv/trac/projectX upgrade
Upgrading RHEL/CentOS OS:
This OS upgrade will upgrade the version of the embedded database package sqlite. The following must be performed for any OS upgrade which will also upgrade the Trac database environment.- Prior to the OS upgrade, dump the database to a text file:
- cd /srv/trac/projectX/db
- sqlite trac.db .dump > trac.dump_sqlite
- Upgrade the OS
- Import the database using the newer version of sqlite
- cd /srv/trac/projectX/db
- cat trac.dump_sqlite | sqlite3 trac.db
Note that Trac requires the database name trac.db
- Upgrade the trac repository: trac-admin /srv/trac/projectX upgrade
- Upgrade wiki: trac-admin /srv/trac/projectX wiki upgrade
- Synchronize Trac with Subversion: trac-admin /srv/trac/projectX resync
This step is required when Subversion is upgraded
One can have multiple Subversion repositories on one server. It is encouraged for separate projects. Subversion increments the revision number for each check-in in the repository and it makes the most logical sense to track revisions for a logically grouped set of applications or even a single application. If you want, you can even have a separate repository which links other projects in separate repositories and servers to look logically as one. (See Subversion property svn:externals)
Create repository locations:
- svnadmin create --fs-type fsfs /srv/svn/reposX
- svnadmin create --fs-type fsfs /srv/svn/reposY
- svnadmin create --fs-type fsfs /srv/svn/reposZ
- ...
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /reposX> DAV svn SVNPath /srv/svn/reposX ... .. </Location> <Location /reposY> DAV svn SVNPath /srv/svn/reposY ... .. </Location> <Location /reposZ> DAV svn SVNPath /srv/svn/reposZ ... .. </Location>
- http://yourdomain/reposX/
- http://yourdomain/reposY/
- http://yourdomain/reposZ/
or specify the "SVNParentPath":
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn> DAV svn SVNParentPath /srv/svn ... .. </Location>
- http://yourdomain/svn/reposX/
- http://yourdomain/svn/reposY/
- http://yourdomain/svn/reposZ/
Single Trac Instance with multiple Subversion Repositories:
Trac (Version 0.12 and later) can support multiple Subversion or Git repositories.
Set the configuration in the Trac config file: /srv/trac/projectx/conf/trac.ini... ... [components] tracopt.versioncontrol.svn.* = enabled [repositories] projectx.description = Project X projectx.dir = /srv/svn/projectx projectx.type = svn projectx.url = http://localhost/svn/projectx projecty.description = Project Y projecty.dir = /srv/svn/projecty projecty.type = svn projecty.url = http://localhost/svn/projecty ... ...
Re-sync Trac with the Subversion repositories:- trac-admin /srv/trac/project/ repository resync projectx
- trac-admin /srv/trac/project/ repository resync projecty
ScriptAlias /trac /usr/share/trac/cgi-bin/trac.cgi <Location "/trac"> SetEnv TRAC_ENV_PARENT_DIR "/srv/trac/trac_projects" AuthType Basic AuthName "Trac" AuthUserFile /srv/passwd/trac.htpasswd Require valid-user </Location> <LocationMatch "/trac/[^/]+/login"> AuthType Basic AuthName "Trac" AuthUserFile /srv/passwd/trac.htpasswd Require valid-user </LocationMatch>
or when using WSGI:RewriteEngine On RewriteCond %{REQUEST_URI} ^/trac/([^/]+) WSGIScriptAliasMatch ^/trac/([^/]+) /usr/share/trac/cgi-bin/trac.wsgi <Directory /trac> WSGIApplicationGroup %{GLOBAL} # For Apache 2.2 <IfModule !mod_authz_core.c> Order deny,allow Allow from all </IfModule> </Directory> <Location /trac> SetEnv PYTHON_EGG_CACHE /tmp SetEnv TRAC_ENV_PARENT_DIR "/srv/trac/trac_projects" AuthType Basic AuthName "Trac" AuthUserFile /srv/passwd/trac.htpasswd Require valid-user </Location> <LocationMatch "/trac/[^/]+/login"> AuthType Basic AuthName "Trac" AuthUserFile /srv/passwd/trac.htpasswd Require valid-user </LocationMatch>
- All directories located under TRAC_ENV_PARENT_DIR (/srv/trac/trac_projects) must be trac instances.
Directories which are not trac instances will cause trac to throw an error.
i.e. /srv/trac/trac_projects/projectX, /srv/trac/trac_projects/projectY, etc
Web URL: http://server-name/trac/projectX - One may have to edit /path/to/trac/cgi/trac.wsgi
def application(environ, start_request): if not 'trac.env_parent_dir' in environ: environ.setdefault('trac.env_parent_dir','/srv/trac')
- This example uses file authentication as defined in /etc/httpd/conf.d/subversion.conf
AccessFileName /srv/passwd/trac.htpasswd <Directory /srv/passwd> Options -Indexes -FollowSymLinks AllowOverride None </Directory>
Trac and multiple Subversion repositories and Multiple Trac instances:
If using Trac with Subversion, you may create separate Trac instances. Trac can use InterTrac Links to refer to resources of other Trac instances or servers, from within the Wiki markup. Trac can also have a global "trac.ini" file used for multiple instances of Trac.
Also see:- Configure Apache for multiple Trac projects
- Hosting Multiple Projects
- Access to multiple projects using mod_authz_svn.so
<Location /svn> DAV svn SVNParentPath /srv/svn AuthzSVNAccessFile /srv/config/svn_granular_rules ... ... </Location>
[projectX:/tags] * = r userx = rw [projectX:/] * = rw [projectY:/] * = rw
Once granular access control has been assigned to this control file, all projects must have access assignments or none will be granted by default.This rule set enforces read-only access to the "tags" branch except for "userx" who has read and write access to the "tags" branch. All other repositories under the "SVNParentPath" must be listed. The "*" refers to all users.
Of course it is easiest to turn off Security Enhanced Linux features by:
- editing the file /etc/selinux/config, setting "SELINUX=disabled" and reboot
OR - use the command "setenforce 0".
If using SELinux, you must set the context of the content accessed by the server:
chcon -R -h -u system_u -r object_r -t httpd_sys_content_t /srv/svn /srv/trac
File: /etc/selinux/targeted/contexts/files/filecontexts.local/srv/trac(/.*)? system_u:object_r:httpd_sys_content_t /srv/svn(/.*)? system_u:object_r:httpd_sys_content_t
You will find that user authorization and authorization configurations will repeat themselves for Subversion, ViewVC and Trac. This duplication and replication of authorization and authorization configuration can be mitigated by the use of the Apache web server "Include" statement.
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /repoX> DAV svn SVNPath /srv/svn/repoX Include userauth.txt </Location>
- RHEL6 package prerequisites:
Trac configuration file: /etc/httpd/conf.d/trac.conf
Alias /trac/ "/usr/share/trac/htdocs/" <Location "/cgi-bin/trac.cgi"> SetEnv TRAC_ENV "/srv/trac/projectX" Include userauth.txt </Location>
Where /etc/httpd/userauth.txt contains the user authentication which is identical for all three:
File: /etc/httpd/userauth.txt (This example shown using an LDAP authentication segment to be included in the files above)
AuthType Basic AuthName "Stooges Web Site: Login with email address" AuthLDAPURL ldap://ldap.yolinux.com:389/o=stooges?mail require ldap-user user1 user2 user3
The final touch is to create a homepage for your repositories so that they are easy to find, especially if you are hosting multiple repositories. The default homepage for most major Linux distributions (Red Hat, Fedora, CentOS, Ubuntu, Debian) is /var/www/html/index.html Create a home page here or create a redirect to the Trac Wiki home page and post links there.
Sample home page: /var/www/html/index.html
<html> <head> <title>Welcome to Project X</title> </head> <body> <h1>Welcome to Project X</h1> <ul> <li> <a href="/trac/">Trac Wiki</a> </li> <li> <a href="/viewvc/">ViewVC</a> </li> <li> <a href="/svn">svn</a> </li> <li> <a href="/statSVN">statSVN</a> </li> </ul> </body> </html>
<META HTTP-EQUIV="Refresh" Content="0; URL=/trac/">
Now add Continuous Build and Integration: