`
liujianguangaaa
  • 浏览: 230317 次
  • 性别: Icon_minigender_1
  • 来自: 湖南
社区版块
存档分类
最新评论

Centos 5.5 配置独立的 Subversion 1.6.12 (SVN)服务器

阅读更多

subversion(以下简称svn)是近年来崛起的版本管理工具,是cvs的接班人。

svn服务器有2种运行方式:

1. 独立服务器
2. 借助apache。

二种方式各有利弊,可以根据自己的需要进行配置,我不需要Http进行访问,只需要客户端可以Commit & update 就可以,下面是我选择的第一种方式-独立的SVN服务器。

svn存储版本数据也有2种方式:

1. BDB
2. FSFS。

因为BDB方式在服务器中断时,有可能锁住数据(朋友在搞ldap时就深受其害,没法根治),所以还是FSFS方式更安全一点,我也选择这种方式。

我的系统环境:Centos-5.5 + Php-5.3.3 + Nginx-0.8.49 + Mysql-5.5.5m3+subersion-1.6.12

================================================================
============ 以上介绍系统完成,下面开始SVN安装 ==============
================================================================
获取svn安装包,直接切换到root用户进行所有操作:
最新版下载地址:http://subversion.apache.org/
直接到下载页面:http://svn.haxx.se/dev/archive-2010-06/0320.shtml

下载完成之后,开始编译:

1 [root@hexu.org]$ tar xfvz subversion-1.6.12.tar.gz
2 [root@hexu.org]$ tar xfvz subversion-deps-1.6.12.tar.gz
3 [root@hexu.org]$ cd subversion-1.6.12
4 [root@hexu.org]$ ./configure -–prefix=/usr/local/svn -–without-berkeley-db

注:以svnserve方式运行,不加apache编译参数。以fsfs格式存储版本库,不编译berkeley-db

如果最后出现下面WARNING,我们直接忽略即可。因为不使用BDB存储。

configure: WARNING: we have configured without BDB filesystem support

You don't seem to have Berkeley DB version 4.0.14 or newer
installed and linked to APR-UTIL. We have created Makefiles which
will build without the Berkeley DB back-end; your repositories will
use FSFS as the default back-end. You can find the latest version of
Berkeley DB here:

http://www.sleepycat.com/download/index.shtml

编译完成之后,开始安装:

1 [root@hexu.org]$ make && make install

如果 make install 出现下面错误:

error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory

解决办法:

01 #1、编辑/etc/ld.so.conf文件:
02 [root@hexu.org]$ vi /etc/ld.so.conf
03 # 添加下面一行
04 /usr/local/lib
05  
06 #2、保存后运行ldconfig。
07 [root@hexu.org]$ /sbin/ldconfig
08  
09 #3、再重新运行make install 问题得到解决。
10 [root@hexu.org]$ make install
11  
12 #注:ld.so.conf和ldconfig用于维护系统动态链接库

测试是否安装成功:

1 [root@hexu.org]$ /usr/local/svn/bin/svnserve --version

如果显示如下,svn安装成功:

svnserve, version 1.6.12 (r955767)
   compiled Sep  1 2010, 01:36:17

Copyright (C) 2000-2009 CollabNet.
Subversion is open source software, see http://subversion.tigris.org/
This product includes software developed by CollabNet (http://www.Collab.Net/).

The following repository back-end (FS) modules are available:

* fs_fs : Module for working with a plain file (FSFS) repository.

Cyrus SASL authentication is available.

================================================================
============ 为了方便下操作,下面将SVN的BIN添加到PATH ====================
================================================================
在/etc/profile最后加入 SVN Path 以方便操作:

01 #1、编辑/etc/profile文件,添加PATH
02 [root@hexu.org]$ vi /etc/profile
03 #比如像下面这样添加:
04 PATH=/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/svn/bin:$PATH
05  
06 #添加完成执行,马上生效:
07 [root@hexu.org]$ source /etc/profile
08  
09 #测试查看设置是否成功
10 [root@hexu.org]$ echo $PATH
11 /usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/svn/bin:......
12 #上面已经包含了“/usr/local/svn/bin”,说明已经成功。

更多详细介绍可参考:http://blog.hexu.org/archives/647.shtml

================================================================
============ 以上安装完成,下面开始建立SVN版本库 =============
================================================================

svn版本库可建多个比如:repos,repos1,repos2….:
新建目录和初始化版本库:

1 #新建SVN存放数据文件的版本库目录
2 [root@hexu.org]$ mkdir -p /data/svn/repos
3  
4 #初始化版本库,生成相关配置文件:
5 [root@hexu.org]$ svnadmin create /data/svn/repos

初始化版本库完成,开始设置配置svnserve.conf:

01 [root@hexu.org]$ vi /data/svn/repos/conf/svnserve.conf
02 ### This file controls the configuration of the svnserve daemon, if you
03 ### use it to allow access to this repository.  (If you only allow
04 ### access through http: and/or file: URLs, then this file is
05 ### irrelevant.)
06  
07 ### Visit http://subversion.tigris.org/ for more information.
08  
09 [general]
10 ### These options control access to the repository for unauthenticated
11 ### and authenticated users.  Valid values are "write", "read",
12 ### and "none".  The sample settings below are the defaults.
13 anon-access = none # 注意这里必须设置,否则所有用户不用密码就可以访问
14 auth-access = write
15 ### The password-db option controls the location of the password
16 ### database file.  Unless you specify a path starting with a /,
17 ### the file's location is relative to the directory containing
18 ### this configuration file.
19 ### If SASL is enabled (see below), this file will NOT be used.
20 ### Uncomment the line below to use the default password file.
21 password-db = passwd
22 ### The authz-db option controls the location of the authorization
23 ### rules for path-based access control.  Unless you specify a path
24 ### starting with a /, the file's location is relative to the the
25 ### directory containing this file.  If you don't specify an
26 ### authz-db, no path-based access control is done.
27 ### Uncomment the line below to use the default authorization file.
28 authz-db = authz
29 ### This option specifies the authentication realm of the repository.
30 ### If two repositories have the same authentication realm, they should
31 ### have the same password database, and vice versa.  The default realm
32 ### is repository's uuid.
33 realm = repos
34 [sasl]
35 ### This option specifies whether you want to use the Cyrus SASL
36 ### library for authentication. Default is false.
37 ### This section will be ignored if svnserve is not built with Cyrus
38 ### SASL support; to check, run 'svnserve --version' and look for a line
39 ### reading 'Cyrus SASL authentication is available.'
40 # use-sasl = true
41 ### These options specify the desired strength of the security layer
42 ### that you want SASL to provide. 0 means no encryption, 1 means
43 ### integrity-checking only, values larger than 1 are correlated
44 ### to the effective key length for encryption (e.g. 128 means 128-bit
45 ### encryption). The values below are the defaults.
46 # min-encryption = 0
47 # max-encryption = 256

注意:对用户配置文件的修改立即生效,不必重启svn。

初始化版本库完成,开始设置passwd 用户账号信息:

01 [root@hexu.org]$ vi /data/svn/repos/conf/passwd.
02 ### This file is an example password file for svnserve.
03 ### Its format is similar to that of svnserve.conf. As shown in the
04 ### example below it contains one section labelled [users].
05 ### The name and password for each user follow, one account per line.
06 # 在下面添加用户和密码,每行一组 username = password
07 [users]
08 # harry = harryssecret
09 # sally = sallyssecret
10 tiboo = password1
11 olinux = password2

初始化版本库完成,开始设置authz 用户访问权限:

01 ### This file is an example authorization file for svnserve.
02 ### Its format is identical to that of mod_authz_svn authorization
03 ### files.
04 ### As shown below each section defines authorizations for the path and
05 ### (optional) repository specified by the section name.
06 ### The authorizations follow. An authorization line can refer to:
07 ###  - a single user,
08 ###  - a group of users defined in a special [groups] section,
09 ###  - an alias defined in a special [aliases] section,
10 ###  - all authenticated users, using the '$authenticated' token,
11 ###  - only anonymous users, using the '$anonymous' token,
12 ###  - anyone, using the '*' wildcard.
13 ###
14 ### A match can be inverted by prefixing the rule with '~'. Rules can
15 ### grant read ('r') access, read-write ('rw') access, or no access
16 ### ('').
17  
18 [aliases]
19 # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
20  
21 # [groups]
22 # harry_and_sally = harry,sally
23 # harry_sally_and_joe = harry,sally,&joe
24  
25 # [/foo/bar]
26 # harry = rw
27 # &joe = r
28 # * =
29  
30 # [repository:/baz/fuz]
31 # @harry_and_sally = rw
32 # * = r
33 #### ==================== 下面我新加的 ==================== ###
34 [groups]
35 grp_hexu = tiboo, olinux # grp_hexu 组包括两个用户tiboo, olinux
36  
37 [/]
38 tiboo = # tiboo对根目录没有任何权限
39 olinux = rw # olinux对根目录有读写权限
40  
41 [repos:/hexu.org] # 对repos仓库的hexu.org项目进行权限 限制
42 @grp_hexu = rw # 限制grp_hexu 组对hexu.org项目有读写权限
43 olinux = # 限制olinux所有权限,其它用户有读写权限
44  
45 [repos:/test.org] # 对repos仓库的test.org项目进行权限 限制
46 @grp_hexu = rw # 限制grp_hexu 组对test.org项目有读写权限
47 olinux= r # 限制olinux只有读权限,其它用户有读写权限

其中,1个用户组可以包含1个或多个用户,用户间以逗号分隔。

下面是举例一个最简单的svnserver.conf & passwd & authz配置:

01 ## svnserver.conf 配置
02 [root@hexu.org]$ vi /data/svn/repos/conf/svnserve.conf
03 [general]
04 anon-access = none
05 auth-access = write
06 password-db = passwd
07 authz-db    = authz
08 realm       = repos
09  
10 ## passwd 配置
11 [root@hexu.org]$ vi /data/svn/repos/conf/passwd
12 [users]
13 #user1 = password1
14 #user2 = password2
15 olinux = olinux
16  
17 ## authz 配置
18 [root@hexu.org]$ vi /data/svn/repos/conf/authz
19 [aliases]
20 [groups]
21 [/]
22 olinux = rw

启动svn服务器和新建svn用户:

01 # 以SVN身份运行,新建用户:
02 [root@hexu.org]$ useradd svn
03  
04 #设置SVN版本库的用户和组:
05 [root@hexu.org]$ chown -R svn:svn /data/svn
06  
07 #启动svn:
08 [root@hexu.org]$ su - svn -c "svnserve -d --listen-port 9999 -r /data/svn"
09  
10 #检查是否启动:
11 [root@hexu.org]$ps -ef|grep svn
12 #如果显示如下,即为启动成功:
13 svn    6941    1   0 15:07  ?    00:00:00 svnserve -d –listen-port 9999 -r /data/svn

额外说明:

su - svn表示以用户svn的身份启动svn
-d表示以daemon方式(后台运行)运行
–listen-port 9999表示使用9999端口,可以换成你需要的端口。但注意,使用1024以下的端口需要root权限
-r /data/svn 指定SVN服务的根目录是/data/svn

通过web方式访问svn有很多方法,请参阅配置websvn或配置bsSvnBrowser的方法。

好了所有配置完成,可以使用客户端SVN进行操作了。
================================================================
============ 以上介绍SVN版本库完成,下面开始测试 =============
================================================================

服务测试方法 1:

01 [root@hexu.org]$ cd /tmp
02 [root@hexu.org]$ mkdir test
03 [root@hexu.org]$ touch test.txt
04 [root@hexu.org]$ svn import /tmp/test/ file:///usr/local/svndata/repos -m "this is thie first import"
05 [root@hexu.org]$ mkdir -p /tmp/test2
06 [root@hexu.org]$ cd /tmp/test2
07 [root@hexu.org]$ svn co file:///usr/local/svndata/repos /tmp/test2/
08 #或者:
09 [root@hexu.org]$ svn co svn://{your-server-ip}:9999/repos/
10  
11 #这时应该可以看到文件test.txt.

服务测试方法 2:

1 [root@hexu.org]$ telnet {your-server-ip} 9999  检查端口是不是通的

如果telnet 检查不通,有可能是防火墙(iptables)里面端口没开:

01 [root@hexu.org]$ vi /etc/sysconfig/iptables
02 -A RH-Firewall-1-INPUT -p tcp --dport 9999 -j ACCEPT
03  
04 #保存完成,重启 iptables
05 [root@hexu.org]$ /etc/init.d/iptables restart
06 #或
07 [root@hexu.org]$ service iptables restart
08  
09 有关权限设置可以参考:
10  
12  
分享到:
评论

相关推荐

Global site tag (gtag.js) - Google Analytics