Infrequently Noted

Alex Russell on browsers, standards, and the process of progress.


I've been meaning to post this for something like a week.

One of my current interests is in trying to figure out how in the heck to get Subversion to support a large number of users, perform hot syncs and backups between locations spread across the globe, and authenticate against a directory (in this case, Active Directory). Oh, and it's gotta happen securely end to end.

In my common usage scenarios so far, I've been very concerned about the way BDB (the database that the 1.0 version uses as a backend) gives up the operational ghost at the first sign of trouble and requires a "repair" operation to get it back in a consistent state. Things like file permission problems routinely cause this scenario. Given that source code is the lifeblood of a geek-driven organization, this seems a stupid way to fail. To be fair though, BDB databases always seem to be recoverable.

As a result of this "set it up and pray" relationship with subversion, I was very excited to see that SVN 1.1 is going to include a new (optional) backend. Given that it's file-based (think CVS's reliance on RCS files), it should be harder to foobar this new backend and as a huge bonus, backup tools can use it to get a consistent version of the repository at any (and every) point in time. This means that in addition to being able to rely on the incremental backup utilities, one can just flock() the repository and backup everything.

Now I just have to solve the little problem of authenticating hundreds of users who will be using SVN repository via SSH (to a linux box) against an ActiveDirectory domain without requiring different credentials.

Yeah. Sure. No sweat.