What I want:
A subversion server having multiple repository in /svn directory and accessible through http url like http://svn.example.com. You can not browse svn repositories without supplying a valid username/password. All users have read only access to all repositories while only one user ‘svnadmin’ have read/write (commit,update etc.) access to svn.

Step 1. I assume you have downloaded and installed subversion either by using rpms or by compiling it. Let’s say multiple subversion repositories are in single directory: /svn

Step 2. Open /etc/httpd/conf.d/subversion.conf file which should be already there, update the file as follows. Keep in mind to change values as per your own setup:

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<VirtualHost *:80>
ServerName svn.example.com
ServerAdmin root@localhost

<Location /svn>
DAV svn
SVNParentPath /svn
AuthType Basic
AuthName “My Subversion Server”
AuthzSVNAccessFile /etc/subversion/svnpath.users
AuthUserFile /etc/subversion/svnaccess.users
Require valid_user
</Location>
</VirtualHost>

Here,

SVNParentPath /svn means we have multiple repositories in /svn directory and /svn is specified as parent location.

Location directive is there to indicate we are implementing some restrictions/rules for /svn directory.

AuthzSVNAccessFile /etc/subversion/svnpath.users tells the mod_authz_svn module to look in svnpath.users file for path based access rules. Please note that I’ve created /etc/subversion directory explicitly to store such custom files. One question you may ask here is why I’m using path based access which is discouraged in general use? Well, I tried several settings in apache config file to enable read-only access for all valid users and read/write access for one particular user. My attempts didn’t yield desired results, so I jumped immediately on other alternative which means performance of my server will be compromised by a little.
Update the file as per below:
# vim /etc/subversion/svnpath.users

[/]
* = r
svnadmin = rw

In the file [/] means parent directory where all repositories are stored, you can also specify single repository name here. and * = r means all users have read access, svnadmin = rw means a ‘svnadmin’ user has read/write access.

AuthUserFile /etc/subversion/svnaccess.users statement means Apache should look in svnaccess.users file for available users and passwords. We can create this file using htpasswd command:

# htpasswd -cm /etc/subversion/svnaccess.users svnread

supply the password for ‘svnread’ user. create another user which will have read/write access:

# htpasswd -m /etc/subversion/svnaccess.users svnadmin

supply the password for ‘svnadmin’ user.

Save the subversion.conf file and reload httpd service:

# /etc/init.d/httpd reload

Now try to access you svn repositories from any machine on net, it should go smooth. While committing you may encounter following error:

svn: Commit failed (details follow):
svn: Can’t create directory ‘/svn/testrepo/db/transactions/51-1.txn’: Permission denied

It means the user under Apache running (generally apache in RHEL/CentOS/Fedora) doesnt have permission for /svn directory. You can assign permission in subversion server:

# chown root:apache /svn -R
# chmod 775 /svn -R

Try again and you should be able to access/update svn now without any issue.

child pid 6485 exit signal Segmentation fault (11)

In my CentOS 5.2 box with httpd 2.2.3 and subversion 1.6.1, this error caused enough headache for me and claimed long time before I was able to find out the root cause. The problem is caused by collision of apr and apu utilities which are installed by both subversion and Apache. These packages are required to access svn via apache. The subversion-deps package contains apr and apr-util version 0.9.x, but apache 2.2.x uses apr and apr-util 1.2.x, and subversion and apache must be using the same version of apr and apr-util, else things can result in above error.

To get a fix, you need to re-compile subversion and inform that it should use Apache’s apr and apr-util packs instead of it’s own. You should search for apr-1-config and apu-1-config files in your server and then supply their path while running configure. I found both in my /usr/bin/ directory.

# cd subversion-1.6.1
# ./configure –with-apr=/usr/bin/apr-1-config –with-apr-util=/usr/bin/apu-1-config
# make
# make install

Now config your apache to access your repositories, you can find a quick howto here. It should run fine. Please post a comment in case you still not able to access your repos using Apache.

$ svn co svn://192.168.0.1/nomanager --username svnadmin
Authentication realm: <svn://192.168.0.1:3690> Nomanager Repository
Password for 'svnadmin':
svn: Not authorized to open root of edit operation

To solve this issue, you need to update the svnserve.conf file of that repository:

$ vi /svn/nomanager/conf/svnserve.conf

Change the line non-access = read to anon-access = none and try again.

You may also like to read:
* 5 steps to secure your Linux Server
* Ensuring secure access to production Linux Servers
* Bash script to backup essential log files in Linux
* Quickly change your ssh port from defualt 22 to something higher
* SSH port forwarding from remote to local machine
* Save root or user history to check later
* Install and configure denyhost to prevent brute force attacks