You’ve seen how a repository can be accessed in many different ways. But is it possible—or safe—for your repository to be accessed by multiple methods simultaneously? The answer is yes, provided you use a bit of foresight.
At any given time, these processes may require read and write access to your repository:
Regular system users using a Subversion client (as themselves)
to access the repository directly via
Regular system users connecting to SSH-spawned private svnserve processes (running as themselves), which access the repository
An svnserve process—either a daemon or one launched by inetd—running as a particular fixed user
An Apache httpd process, running as a particular fixed user
The most common problem administrators run into is repository
ownership and permissions. Does every process (or user) in the preceding
list have the rights to read and write the repository’s underlying data
files? Assuming you have a Unix-like operating system, a straightforward
approach might be to place every potential repository user into a new
svn group, and then make the repository
wholly owned by that group. But even that’s not enough, because a process
may write to the database files using an unfriendly umask—one that
prevents access by other users.
So, the next step beyond setting up a common group for repository users is to force every repository-accessing process to use a sane umask. For users accessing the repository directly, you can ...