一、安装并测试
[root@VM_0_10_centos ~]# yum install subversion
查看svn版本
[root@VM_0_10_centos ~]# svnserve --version
svnserve, version 1.7.14 (r1542130)
compiled Apr 11 2018, 02:40:28
Copyright (C) 2013 The Apache Software Foundation.
This software consists of contributions made by many people; see the NOTICE
file for more information.
Subversion is open source software, see http://subversion.apache.org/
The following repository back-end (FS) modules are available:
* fs_base : Module for working with a Berkeley DB repository.
* fs_fs : Module for working with a plain file (FSFS) repository.
Cyrus SASL authentication is available.
二、创建版本库
创建zedeach版本库
[root@VM_0_10_centos ~]# svnadmin create /home/svn/zedeach
进入版本库,查看配置文件
[root@VM_0_10_centos ~]# cd /home/svn/zedeach
[root@VM_0_10_centos zedeach]# ls -l
total 24
drwxr-xr-x 2 root root 4096 Oct 11 13:33 conf
drwxr-sr-x 6 root root 4096 Oct 11 10:52 db
-r--r--r-- 1 root root 2 Oct 11 10:52 format
drwxr-xr-x 2 root root 4096 Oct 11 10:52 hooks
drwxr-xr-x 2 root root 4096 Oct 11 10:52 locks
-rw-r--r-- 1 root root 229 Oct 11 10:52 README.txt
进入配置文件夹,修改相关配置
[root@VM_0_10_centos zedeach]# cd conf
[root@VM_0_10_centos conf]# ls -l
total 12
-rw-r--r-- 1 root root 1140 Oct 11 13:29 authz
-rw-r--r-- 1 root root 345 Oct 11 13:29 passwd
-rw-r--r-- 1 root root 3077 Oct 11 13:33 svnserve.conf
三、修改配置文件---authz、passwd、svnserve.conf
文件名 | 说明 |
---|---|
authz | 用户组创建与读写权限分配 |
passwd | 用户密码设置 |
svnserve.conf | 版本库全局配置 |
1、修改authz文件
[root@VM_0_10_centos conf]# vi authz
创建用户组、分配读写权限
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
### - a single user,
### - a group of users defined in a special [groups] section,
### - an alias defined in a special [aliases] section,
### - all authenticated users, using the '$authenticated' token,
### - only anonymous users, using the '$anonymous' token,
### - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
# [/foo/bar]
# harry = rw
# &joe = r
# * =
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
admin = david
user=zedeach
[/]
@admin = rw
@user = rw
#非用户组用户只能读取
* = r
esc-->wq:
2、修改passwd
[root@VM_0_10_centos conf]# vi passwd
为户名配置密码
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret
david=password
zedeach=password
esc-->wq:
3、配置svnserve.conf
[root@VM_0_10_centos conf]# vi svnserve.conf
全局配置
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit http://subversion.apache.org/ for more information.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
realm = /home/svn/zedeach
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above. Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
4、后续配置
查看svn状态
[root@VM_0_10_centos conf]# ps aux|grep svnserve
配置防火墙
[root@VM_0_10_centos conf]# firewall-cmd --permanent -add-port=3690/tcp
[root@VM_0_10_centos conf]# firewall-cmd --reload
启动svnserve服务,默认端口3690
[root@VM_0_10_centos conf]# svnserve -d -r /home/soft/svn
启动svnserve服务,改变端口为3691
[root@VM_0_10_centos conf]# svnserve --listen-port 3691 -d -r /home/svn/zedeach
关闭svnserve服务
[root@VM_0_10_centos conf]# killall svnserve
#另一种方式
[root@VM_0_10_centos conf]# ps aux | grep svn
root 4197 0.0 0.0 112704 972 pts/0 R+ 12:59 0:00 grep --color=auto svn
root 20151 0.0 0.1 184852 1080 ? Ss Oct15 0:00 svnserve -d -r /home/svn/zedeach
[root@VM_0_10_centos conf]# kill -s 9 20151
5、centos防火墙配置说明
安装iptables-services服务
[root@VM_0_10_centos conf]# yum install -y iptables-services
启动iptables服务
[root@VM_0_10_centos conf]# systemctl start iptables
设置iptables开机自启
[root@VM_0_10_centos conf]# systemctl enable iptables
打开/etc/sysconfig/iptables 输入如下内容,注意,这句话要放到最后一句话的上面,否则不能生效。
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3690 -j ACCEPT
-A OUTPUT -m state --state NEW -m tcp -p tcp --dport 3690 -j ACCEPT
重启防火墙,令修改生效
[root@VM_0_10_centos conf]# service iptables restart
虚拟机防火墙3690端口开放完成。也可以直接用命令来开启,如下
iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
iptables -I OUTPUT -p tcp --dport 8080 -j ACCEPT
service iptables save