Deliverables of this phase:

  • Subversion 1.4.x
  • Duplicate user management infrastructure of existing svn.mit.edu service
  • Cement details of rollout process
  • Existing svn.mit.edu repositories are migrated over
  • svn.mit.edu becomes separate from cvs.mit.edu

Setup notes for map-dev-svn1.mit.edu prototype server:

  • The server is an ops VM image running RHEL 5 with AFS and update_server installed. The standard IPS user accounts are also installed.
  • Subversion setup:
    • Created user "svn" alongside the IPS accounts. Make sure its homedir is mode 755.
    • Grab Subversion 1.4.6 from subversion.tigris.org, put in /home/svn/src
    • No need to grab the deps tarball; RHEL 5 has adequate versions of those
    • Need to install some development packages: yum install apr-devel apr-util-devel neon-devel zlib-devel
    • Untar into /home/svn/src/subversion-1.4.6
    • Run ./autogen.sh to work around some libtool issue with 64-bit libraries
    • Do build with: ./configure --without-berkeley-db --prefix=/home/svn && make && make install
  • svn-config setup:
    • Make a copy of a checkout of svn+ssh://svn.mit.edu/svn-config/trunk into /root
    • make && make install
  • Shell account setup:
    • Create passwd entries for the five shell accounts in /etc/passwd:

      stellarcvs:*:105:101:Stellar CVS Access,,,,:/var/shellacct/stellarcvs:/bin/bash
      isdasnap:*:106:101:ISDA SVN Access,,,,:/var/shellacct/isdasnap:/bin/bash
      athenasnap:*:107:101:Athena SVN Access,,,,:/var/shellacct/athenasnap:/bin/bash
      saisrelmgr:*:108:101:SAIS Autobuilder SVN Access,,,,:/var/shellacct/saisrelmgr:/home/svn/bin/svnserve
      macathenasnap:*:109:101:MacAthena SVN Access,,,,:/var/shellacct/macathenasnap:/bin/bash

    • mkdir /var/shellacct/{stellarcvs,saisrelmgr,isdasnap,athenasnap,macathenasnap}
    • chown stellarcvs:101 /var/shellacct/stellarcvs
    • chown isdasnap:101 /var/shellacct/isdasnap
    • chown athenasnap:101 /var/shellacct/athensnap
    • chown saisrelmgr:101 /var/shellacct/saisrelmgr
    • chown macathenasnap:101 /var/shellacct/macathenasnap
  • DCM setup:
    • cp /etc/passwd /etc/passwd.head
    • cp /etc/group /etc/group.head
    • If any of the shell account setup is done after this, make sure to propagate it to /etc/passwd.head and /etc/group.head.
    • The actual DCM is set up on Moira. It is an acl.sh DCM which creates /etc/passwd.moira and /etc/group.moira based on the contents of the cvs-users and cvs-groups Moira groups.
    • /usr/local/sbin/postacldcm (already installed in the svn-config step) munges the results into /etc/passwd and /etc/group.
  • SSH setup (/etc/ssh/sshd_config):
    • Verify that GSSAPIAuthentication and GSSAPICleanupCredentials are set.
    • Turn on PasswordAuthentication, KerberosAuthentication, and KerberosOrLocalPasswd to allow username/password authentication.
  • No labels