Apache and SVN configuration with user permissions

apache-svn
This tutorial shows how to configure Apache+SVN couple.

1. First of all you should install Apache Httpd server (version 2.4 in this case) with DAV_SVN module and subversion client:

yum -y install httpd mod_dav_svn subversion

2. Check installed modules are turned on:

LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_user_module modules/mod_authz_user.so

LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule dav_lock_module modules/mod_dav_lock.so

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so
LoadModule dontdothat_module  modules/mod_dontdothat.so

3. Configure repository folder in http.conf:

<Directory "/srv/svn/repos">
    Options None
    AllowOverride None
    Require all granted
</Directory>

4. Add virtual host:

<VirtualHost *:80>
    ServerName svn.domain.com
    DocumentRoot "/srv/svn"
    ErrorLog "/srv/svn/log/svn.domain.com_error_log"
    CustomLog "/srv/svn/log/svn.domain.com_access_log" common
    TransferLog "/srv/svn/log/svn.domain.com_transfer_log"

    LimitXMLRequestBody 0
    LimitRequestBody 0

    <Location />
        DAV svn
        SVNParentPath "/srv/svn/repos"
        SVNListParentPath on
        AuthType Basic
        AuthName "Subversion repository"
        AuthUserFile "/srv/svn/svn.passwd"
        AuthzSVNAccessFile "/srv/svn/svn.access"
        Require valid-user
    </Location>
</VirtualHost>

5. Create passwd file “/srv/svn/svn.passwd”:

htpasswd -c -b /srv/svn/svn.passwd tom tomPasswordHere
htpasswd -b /srv/svn/svn.passwd jerry jerryPasswordHere
htpasswd -b /srv/svn/svn.passwd spike spikePasswordHere

6. Create access file “/srv/svn/svn.access”:

[groups]
adminGroup = tom
otherGroup = jerry,spike

[/]
* =
@adminGroup = rw

[php:/project42]
@otherGroup = rw

[php:/projectGood]
@otherGroup = r

So, as you see adminGroup has full access to php repository.
But otherGroup has write access to project42 and only read permissions on projectGood.

Also see http://stackoverflow.com/questions/81361/how-to-setup-access-control-in-svn