Force Subversion to grab information from Mac OS X keychain

Skip to first unread message

Kevin Lindeman

Jan 6, 2011, 7:42:44 PM1/6/11

I am running Subversion on Mac OS X. I noticed that once I login correctly for an https subversion URL, it will create a file in ~/.subversion/auth/ that seems to point Subversion to where it stores the authentication - in this case, it has the realmstring, username, "passtype", which is set to keychain. That makes it know that it should be using the keychain from then on to remember the password.

I am trying to automate some subversion processes, so I launch subversion, give it arguments arguments, and even set some environment variables (such as SVN_SSH, which allows me to tell SVN how to launch ssh, ie: with a special username).

Unfortunately, my automation has no way to intercept the password prompt for an http url. I can intercept the SSH login prompt for svn+ssh by setting the SSH_ASKPASS environment variable. I already have been automating the process of adding the password to the keychain (using the realmstring format, so svn can find it once it knows to find it in the keychain).

But it looks like I am missing that critical file in ~/.subversion/auth/ that has the "passtype" set to keychain. Is there a way I can force SVN to always use that as the passtype, either with an argument or an environment variable?

If not, is it possible to force the creation of that file with some magic SVN command? I thought of just running an svn info with my login info as arguments since I noticed that file is created on a successful login, but unfortunately many servers don't request authorization for info requests so that doesn't work.

I don't think I will be able to solve this by using a setting in the subversion config file.

- Kevin

David Weintraub

Jan 10, 2011, 9:26:56 AM1/10/11
to Kevin Lindeman,
See if this helps:

It looks like you have to let Subversion ask for your password and not
provide it on the command line. Then, it should store your password in
the keychain. Once your password is in the keychain, it should be
pulling it out of the keychain.

You can manipulate the keychain from the command line with /usr/bin/security.

David Weintraub

Reply all
Reply to author
0 new messages