1, set the Yum repository
vim /etc/yum.repos.d/wandisco-svn.repo
Add the following:
[WandiscoSVN] name=Wandisco SVN Repo baseurl=http://opensource.wandisco.com/centos/$releasever/svn-1.8/RPMS/$basearch/ enabled=1 gpgcheck=0
or:
[Subversion] name=Wandisco SVN Repo baseurl=http://opensource.wandisco.com/centos/$releasever/svn-1.9/RPMS/$basearch/ enabled=1 gpgcheck=0
2, the installation package Subversion
yum remove subversion*
Now use the yum command-line package management utility to install the latest available Subversion package.
yum clean all yum install subversion
3. Verify SVN version
svn --version
Shows the following:
svn, version 1.8.19 (r1800620) compiled Aug 11 2017, 09:34:52 on x86_64-redhat-linux-gnu Copyright (C) 2017 The Apache Software Foundation. This software consists of contributions made by many people; see the NOTICE file for more information. Subversion is open source software, see http://subversion.apache.org/ The following repository access (RA) modules are available: * ra_svn : Module for accessing a repository using the svn network protocol. - with Cyrus SASL authentication - handles 'svn' scheme * ra_local : Module for accessing a repository on local disk. - handles 'file' scheme * ra_serf : Module for accessing a repository via WebDAV protocol using serf. - using serf 1.3.7 - handles 'http' scheme - handles 'https' scheme
4. Create a user needed to run svn SVN server
groupadd svn
useradd -g svn svn
visudo
5, execution rpm -ql subversion view the installation position
rpm -ql subversion
6, create a svn repository directory
mkdir -p /opt/svnRepos
Switch to the svn user to add access to this folder for user svn
chmod -R o+rw /opt/svnRepos su - svn cd /opt/svnRepos
7. Create Repository
svnadmin create /opt/svnRepos
After executing the command / opt / svnRepos folder added some folders
8, delete the repository
rm -rf /opt/svnRepos
9, add user passwords and access rights
10, set the account password
vim passwd
It reads as follows:
### This file is an example password file for svnserve. ### Its format is similar to that of svnserve.conf. As shown in the ### example below it contains one section labelled [users]. ### The name and password for each user follow, one account per line. [users] # harry = harryssecret # sally = sallyssecret svnuser = linktech
11, set permissions
vim authz
Add the following code to the end:
[/]
svnuser = rw
It reads as follows:
### This file is an example authorization file for svnserve. ### Its format is identical to that of mod_authz_svn authorization ### files. ### As shown below each section defines authorizations for the path and ### (optional) repository specified by the section name. ### The authorizations follow. An authorization line can refer to: ### - a single user, ### - a group of users defined in a special [groups] section, ### - an alias defined in a special [aliases] section, ### - all authenticated users, using the '$authenticated' token, ### - only anonymous users, using the '$anonymous' token, ### - anyone, using the '*' wildcard. ### ### A match can be inverted by prefixing the rule with '~'. Rules can ### grant read ('r') access, read-write ('rw') access, or no access ### (''). [aliases] # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average [groups] # harry_and_sally = harry,sally # harry_sally_and_joe = harry,sally,&joe # [/foo/bar] # harry = rw # &joe = r # * = # [repository:/baz/fuz] # @harry_and_sally = rw # * = r [/] svnuser = rw
12, modify the configuration file svn
vim svnserve.conf
Open the following few comments:
= Access-anon the Read # anonymous user readable auth -access = the Write # authorized users can write password -db = passwd # which file to use as account files authz -db = authz # which file to use as file permissions realm = / opt / svnRepos # authentication space name, the repository directory
* Note: the need to anon-access = read configuration changes to anon-Access = none , as follows:
[General] anon -access = none # authenticated users access to non-controlled repository auth -access = the Write # to control user authentication to access the repository permissions password -db = passwd # specify a username password file name authz -db = authz # assign a rights profile name realm = authentication domain somnus # designated repository that prompts when logging authentication domain name
13, started SVN server
svnserve -d -r /opt/svnRepos --config-file=/opt/svnRepos/conf/svnserve.conf
-d, - Damon make svnserve in daemon mode. BACKGROUND svnserve itself receives and provides TCP port on svn / the IP connection (default is 3690). = Port---listen Port on the reasons Svnserve listening port in daemon mode. -host = --listen host that the host listens for a specified svnserve interface, which may be a host name or IP address. - prospects and - when used with d, this option causes svnserve remain in the foreground. This option is primarily for debugging. -i, - INTD the svnserve to use the stdin / stdout file descriptors, as it applies to the inetd daemon. -h, - Help display usage summary and exit. - Version print version and support specific svnserve svnserve repository of file system backend. -r root, - root = root Set virtual root repository svnserve provided. The client provides a path name in the URL interpreted relative to this root, and the root is not allowed to escape. --Read- -R & lt only forcibly prohibited by performing all write operations svnserve this example, so as to cover all other access policy. Do not use this option to set general repository access policies - That's what conf / svnserve.conf repository configuration files. This option should only be used to restrict access by some method invocation of svnserve - for example, allowing write access via SSH, rather than write access by svnserve daemon, or create a limited SSH keys can only read access. -t, - the Tunnel Causes svnserve to run in tunnel mode, it's like inetd mode of operation (through stdin / providing a connection stdout), in addition to the connection it is considered to be the username of the current uid use of pre-authentication. This flag in the client chooses to run through the tunnel when the agent. = User---tunnel username and - when used in conjunction tunnel, with the username coverage provided pre-authenticated user name. This is used in conjunction with the "command" command ssh authorized_key file is very useful as it allows multiple submissions to use a single system account, each submitter has a different ssh identity. -T, - Threads Running in daemon mode, causes svnserve to spawn a thread for each connection rather than a process. The svnserve process still backgrounds itself at the start. --config- File = filename is specified, when the program starts svnserve reads a file name, and svnserve cache configuration and configuration from any authorized password and filename references. When using this option, svnserve will not read any conf each repository / svnserve.conf file. For more information about the file format of this option. --pid- File = filename after a specified, svnserve will write its process ID filename. -X, - life once the svnserve to accept one connection on the svn port, providing it and exit. This option is primarily for debugging.
anon-access = none | read | write to determine the level of access unauthenticated user. write access allows all repository operations. Read access allows all operations except change and submit the revised version of the property. No access is not allowed access. Reads the default level. auth -access = none | read | write use to determine the user authenticated with the same level of access above the access level. Write default level. password -db = filename installation position of the password database. filename may be associated with the repository conf directory. There is no default value. This file is password database with the same general format. It uses only a portion of "User"; each of the section variables are username, password each value. authz -db = filename authz -db option to control the position of the rule-based authorization access control path. filename may be associated with the repository conf directory. There is no default value. If authz- not specified db, it will not perform path-based access control. realm = realm name authentication realm Set the repository. If the two repositories with the same password database, then they should have the same domain, and vice versa; this association allows the client to store a plurality of cache use a single password. The default value is the field uuid repository. example The following example svnserve.conf allows authenticated users read access, does not allow anonymous users to access, point passwd database in the same directory, and custom domain name. [General] anon -access = none auth -access = read password -db = passwd realm = my first library file " passwd " looks like this: [user] joeuser = joepassword jayrandom = randomjay
ps -ef | grep svnserve
SVN default port 3690 open
netstat -antp | grep svn
tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 442/svnserve
14, open SVN server port on the firewall
--permanent --add-cmd-Firewall Port = 3690 / TCP Firewall -cmd - reload # restart firewall (normally no need to restart, only reload) systemctl the restart firewalld.service
15, tested on windows
Enter your user name and password just defined in the passwd file
We use svnuser users in the root directory of the new trunk, tags and branches three folders
16, the SVN server to boot service
cd /usr/lib/systemd/system
vim svnserver.service
Add the following
[Unit] Description=SVN Server service After=network.target [Service] Type=forking ExecStart= /usr/bin/svnserve -d -r /opt/svnRepos --config-file=/opt/svnRepos/conf/svnserve.conf ExecStop= /home/svn/stopSVN.sh User=svn Restart=on-abort [Install] WantedBy=multi-user.target
! # / bin / SH # svnserve find whether there is a corresponding process, any shutdown process PS -ef | grep svnserve | grep -v grep IF [$ -ne? 0 ] the then echo " at The svn Server does not Start " the else killall - . 9 SH svnserve to Fi
After saving svnserver.service file, execute the following command
systemctl daemon-reload
systemctl enable svnserver.service
systemctl start svnserver.service
If the shell window, no error message appears, indicating that the startup was successful, we can execute the following command to check the status of start
systemctl status svnserver.service
Run the following command to stop services
systemctl stop svnserver.service
17, supplement
vim /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted
setenforce 0