CentOS下SVN服务器的搭建使用

发表于   |   分类于   |     |  

SVN作为新一代代码版本管理工具,有很多优点,管理方便,逻辑明确,安全性高,代码一致性高。SVN数据存储有两种方式,BDB(事务安全表类型)FSFS(一种不需要数据库的存储系统),为了避免在服务器连接中断时锁住数据,FSFS是一种更安全也更多人使用的方式。SVN的运行方式也有两种,一种是独立服务器,另一种是借助apache服务,各有利弊,下面就介绍一下这两种方式各自的部署步骤。

##作为独立服务器运行:

①安装svn

1
yum install svn

②创建版本库

1
2
mkdir /svn/project    #创建版本库所在文件夹
svnadmin create--fs-type fsfs /svn/project/first   #创建版本库,如果需要使用bdb方式存储,则将fsfs改成bdb即可

③初始化版本库,即导入文件到版本库中

1
2
svn import /home/software file:///svn/project/first--message "初始化版本"  #将home文件夹的文件导入版本库
svn list --verbose file:///svn/project/first #查看导入的文件

④启动svn服务,svn服务默认端口为3690,可以使用“netstat -ntlp”命令查看服务启动是否成功

1
svnserve -d -r /svn/project/first

⑤修改策略控制文件,vi authz,如果以后要添加用户,就将用户名加在相应的用户组(admin或者user)后面即可

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the sectionname.
### The authorizations follow. An authorization line can refer to:
### - a single user,
### - a groupof users defined in a special [groups] section,
### - an alias defined in a special [aliases] section,
### - all authenticated users, using the '$authenticated' token,
### - only anonymous users, using the '$anonymous' token,
### - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rulewith'~'. Rules can
### grantread ('r') access, read-write ('rw') access, orno access
### ('').
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
admin=first,second,third       #用户组admin包含的成员
user=anyone             #用户组user包含的成员
# [/foo/bar]
# harry = rw
# &joe = r
# * =
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
[/]
@admin=rw             #用户组admin内成员拥有读写权限
@user=r              #用户组user内成员拥有读权限

⑥添加svn访问用户,vi passwd,为authz里分配的用户设置密码,等号左边为用户名,等号右边是密码;

1
2
3
4
5
6
7
8
9
10
11
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The nameandpasswordfor each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret
first=first
second=second
third=third
anyone=anyone

⑦修改svn读取的权限策略文件

1
vi /svn/project/first/conf/svnserve.conf

1
2
3
4
anon-access = none  #不允许匿名用户读写
auth-access = write
password-db = passwd #svn读取的passwd文件
authz-db = authz   #svn读取的权限控制文件

⑧安装svn客户端,就可以使用客户端通过如下的url就可以访问了

1
svn://IP地址/svn/project/first

##借助apache服务器,通过web端访问svn

①给apache服务器安装两个svn插件,这两个插件同样可以使用yum安装

1
2
yum install mod_dav_svn   #使subversion与dav模块通信的功能
yum install mod_authz_svn  #实现权限控制功能

②使用命令“httpd -M”可以查看是否加载这两个模块,如加载,则有如下回应:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
Loaded Modules:
 core_module (static)
 mpm_prefork_module (static)
 http_module (static)
 so_module (static)
 auth_basic_module (shared)
 auth_digest_module (shared)
 authn_file_module (shared)
 authn_alias_module (shared)
 authn_anon_module (shared)
 authn_dbm_module (shared)
 authn_default_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 authz_owner_module (shared)
 authz_groupfile_module (shared)
 authz_dbm_module (shared)
 authz_default_module (shared)
 ldap_module (shared)
 authnz_ldap_module (shared)
 include_module (shared)
 log_config_module (shared)
 logio_module (shared)
 env_module (shared)
 ext_filter_module (shared)
 mime_magic_module (shared)
 expires_module (shared)
 deflate_module (shared)
 headers_module (shared)
 usertrack_module (shared)
 setenvif_module (shared)
 mime_module (shared)
 dav_module (shared)
 status_module (shared)
 autoindex_module (shared)
 info_module (shared)
 dav_fs_module (shared)
 vhost_alias_module (shared)
 negotiation_module (shared)
 dir_module (shared)
 actions_module (shared)
 speling_module (shared)
 userdir_module (shared)
 alias_module (shared)
 substitute_module (shared)
 rewrite_module (shared)
 proxy_module (shared)
 proxy_balancer_module (shared)
 proxy_ftp_module (shared)
 proxy_http_module (shared)
 proxy_ajp_module (shared)
 proxy_connect_module (shared)
 cache_module (shared)
 suexec_module (shared)
 disk_cache_module (shared)
 cgi_module (shared)
 version_module (shared)
 authz_ldap_module (shared)
 dav_svn_module (shared)
 authz_svn_module (shared)
Syntax OK

③编辑apache服务配置文件vi /etc/httpd/conf/httpd.conf,加入下面几行:

1
2
3
4
5
6
7
<Location /svn>
DAV svn
SVNPath /svn/project/first
AuthzSVNAccessFile /etc/httpd/conf.d/authz #apache服务器读取的权限策略文件
AuthType Basic
AuthName "Project"
AuthUserFile /etc/httpd/conf.d/passwd  #apache服务器读取的密码存储文件

④编辑文件authz放在文件夹/etc/httpd/conf.d中,文件格式同文章上面的那个authz文件,编辑文件passwd放在文件夹/etc/httpd/conf.d中,使用如下命令生成用户名和密码

1
htpasswd -c /svn/project/first admin  #命令为htpasswd,-c为参数,/svn/project/first为访问的版本库,admin为用户名

然后重复输入你想设置的密码就可以自动存储在文件passwd中,默认为md5存储。

⑤重启apache服务,就可以在网页端使用刚才设置的用户名密码访问了,网址为http://IP地址:端口/svn

##配置多项目创建维护:

其实过程也比较简单,只需要在原来的基础上修改一点信息就可以了。

举个例子,比如有first和second两个项目,要实现多项目的启动管理,只需要修改对应项目配置文件authz的管理路径即可,如下:

###单项目:

1
2
3
[/]
  @admin=rw
  @user=r

启动:

1
svnserve -d -r /svn/project/first

或者

1
svnserve -d -r /svn/project/second

无法同时启动多个项目,因此也就无法同事访问多个项目;

###多项目:

1
2
3
4
5
6
[first:/]
@admin=rw
@user=r
[second:/]
@admin=rw
@user=r

启动:

1
svnserve -d -r /svn/project/

这样就可以启动所有project下的项目了。

很容易理解,但项目里的“/”代表项目根目录,可以使这样“/svn/project/first”或者“/svn/project/second”,多项目里的“/”代表“/svn/project”,在此基础上加上“first:”或者“second:”就切到对应项目里了。