View Source

Deliverables of this phase:
* Subversion 1.4.x
* Duplicate user management infrastructure of existing svn.mit.edu service
* Cement details of rollout process
* Existing svn.mit.edu repositories are migrated over
* svn.mit.edu becomes separate from cvs.mit.edu

Setup notes for map-dev-svn1.mit.edu prototype server:
* The server is an ops VM image running RHEL 5 with AFS and update_server installed.  The standard IPS user accounts are also installed.
* Subversion setup:
** Created user "svn" alongside the IPS accounts.  Make sure its homedir is mode 755.
** Grab Subversion 1.4.6 from subversion.tigris.org, put in /home/svn/src
** No need to grab the deps tarball; RHEL 5 has adequate versions of those
** Need to install some development packages: yum install apr-devel apr-util-devel neon-devel zlib-devel
** Untar into /home/svn/src/subversion-1.4.6
** Run ./autogen.sh to work around some libtool issue with 64-bit libraries
** Do build with: ./configure \--without-berkeley-db \--prefix=/home/svn && make && make install
* svn-config setup:
** Make a copy of a checkout of svn+ssh://svn.mit.edu/svn-config/trunk into /root
** make && make install
* Shell account setup:
** Create passwd entries for the five shell accounts in /etc/passwd:
{quote}
stellarcvs:*:105:101:Stellar CVS Access,,,,:/var/shellacct/stellarcvs:/bin/bash
isdasnap:*:106:101:ISDA SVN Access,,,,:/var/shellacct/isdasnap:/bin/bash
athenasnap:*:107:101:Athena SVN Access,,,,:/var/shellacct/athenasnap:/bin/bash
saisrelmgr:*:108:101:SAIS Autobuilder SVN Access,,,,:/var/shellacct/saisrelmgr:/home/svn/bin/svnserve
macathenasnap:*:109:101:MacAthena SVN Access,,,,:/var/shellacct/macathenasnap:/bin/bash
{quote}
** mkdir /var/shellacct/{stellarcvs,saisrelmgr,isdasnap,athenasnap,macathenasnap}
** chown stellarcvs:101 /var/shellacct/stellarcvs
** chown isdasnap:101 /var/shellacct/isdasnap
** chown athenasnap:101 /var/shellacct/athensnap
** chown saisrelmgr:101 /var/shellacct/saisrelmgr
** chown macathenasnap:101 /var/shellacct/macathenasnap
* DCM setup:
** cp /etc/passwd /etc/passwd.head
** cp /etc/group /etc/group.head
** If any of the shell account setup is done after this, make sure to propagate it to /etc/passwd.head and /etc/group.head.
** The actual DCM is set up on Moira.  It is an acl.sh DCM which creates /etc/passwd.moira and /etc/group.moira based on the contents of the cvs-users and cvs-groups Moira groups.
** /usr/local/sbin/postacldcm (already installed in the previous step) munges the results into /etc/passwd and /etc/group.
* SSH setup (/etc/ssh/sshd_config):
** Verify that GSSAPIAuthentication and GSSAPICleanupCredentials are set.
** Turn on PasswordAuthentication, KerberosAuthentication, and KerberosOrLocalPasswd to allow username/password authentication.