linux SVN installation configuration

Others 2019-09-29 17:12:32 views: null

1, set the Yum repository

First of all, we need to configure yum repository in our system. Create a new repo file /etc/yum.repos.d/wandisco-svn.repo and add the following depending on your version of the operating system. 
vim /etc/yum.repos.d/wandisco-svn.repo

Add the following:

[WandiscoSVN]
name=Wandisco SVN Repo
baseurl=http://opensource.wandisco.com/centos/$releasever/svn-1.8/RPMS/$basearch/
enabled=1
gpgcheck=0

or:

[Subversion]
name=Wandisco SVN Repo
baseurl=http://opensource.wandisco.com/centos/$releasever/svn-1.9/RPMS/$basearch/
enabled=1
gpgcheck=0
* Note: Since we installed here is SVN1.9, the configuration file is in the repo svn-1.9, if you want to install SVN1.8, can be changed to svn-1.8

2, the installation package Subversion

Before installing the latest software package, remove the existing subversion packages from the system to eliminate the conflict. 
yum remove subversion*

Now use the yum command-line package management utility to install the latest available Subversion package.

yum clean all
yum install subversion

3. Verify SVN version

At this stage, you have successfully installed the Subversion client on the system. Let us use the following command to verify the version svn client. 
svn --version

Shows the following:

svn, version 1.8.19 (r1800620)
   compiled Aug 11 2017, 09:34:52 on x86_64-redhat-linux-gnu

Copyright (C) 2017 The Apache Software Foundation.
This software consists of contributions made by many people;
see the NOTICE file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository access (RA) modules are available:

* ra_svn : Module for accessing a repository using the svn network protocol.
  - with Cyrus SASL authentication
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme
* ra_serf : Module for accessing a repository via WebDAV protocol using serf.
  - using serf 1.3.7
  - handles 'http' scheme
  - handles 'https' scheme

4. Create a user needed to run svn SVN server

groupadd svn
useradd -g svn svn
The reason here to create a user-initiated svn SVN server without using the root user to start the SVN server, because if the root user to start using the SVN server, when accessing the SVN server using a non-root account by SVN client, there will be
"xxxxxxxx db/txn-current-lock:permission denied"错误。
The svn users to join sudoers user, execute the command: 
visudo

 

 

5, execution rpm -ql subversion view the installation position

rpm -ql subversion

 

 

6, create a svn repository directory

mkdir -p /opt/svnRepos

Switch to the svn user to add access to this folder for user svn

chmod -R o+rw /opt/svnRepos
su - svn
cd /opt/svnRepos

 

 

7. Create Repository

svnadmin create /opt/svnRepos

After executing the command / opt / svnRepos folder added some folders

 

 

8, delete the repository

rm -rf /opt/svnRepos

9, add user passwords and access rights

Enter the conf directory, you can see the following files

 

 

authz   file permissions to control file
passwd   is the account password file
svnserve.conf   is SVN service profile
 

10, set the account password

Modify the passwd file, add users svnuser1 and access password in the [users] section
Add users and passwords, format [Users] block: = password account, as svnuser = linktech 
vim passwd

It reads as follows:

### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.

[users]
# harry = harryssecret
# sally = sallyssecret
svnuser = linktech

11, set permissions

Authz modify the file, and finally add the svn root access to the user file svnuser 
vim authz

Add the following code to the end:

[/]
svnuser = rw

It reads as follows:

### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
###  - a single user,
###  - a group of users defined in a special [groups] section,
###  - an alias defined in a special [aliases] section,
###  - all authenticated users, using the '$authenticated' token,
###  - only anonymous users, using the '$anonymous' token,
###  - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').

[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average

[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe

# [/foo/bar]
# harry = rw
# &joe = r
# * =

# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
[/]
svnuser = rw
* Note: Here [/] denotes the svn root, svnuser = rw described svnuser user has read and write permissions to the root directory. If you want to restrict certain users read and write access to certain folders, where [/] can be changed to a specific folder directory, add specific user rights, not repeat them here.
 

12, modify the configuration file svn

Modify the file svnserve.conf
Open the following notes several (in the figure marked with a red circle) 
vim svnserve.conf

Open the following few comments:

= Access-anon the Read # anonymous user readable 
auth -access = the Write     # authorized users can write 
password -db = passwd    # which file to use as account files 
authz -db = authz # which file to use as file permissions 
realm = / opt / svnRepos # authentication space name, the repository directory

* Note: the need to anon-access = read  configuration changes to  anon-Access = none  , as follows: 

[General] 
anon -access = none # authenticated users access to non-controlled repository 
auth -access = the Write         # to control user authentication to access the repository permissions 
password -db = passwd        # specify a username password file name 
authz -db = authz # assign a rights profile name 
realm = authentication domain somnus # designated repository that prompts when logging authentication domain name

13, started SVN server

Execute the following command 
svnserve -d -r /opt/svnRepos --config-file=/opt/svnRepos/conf/svnserve.conf
This directive represents the -d parameter Svn server daemon running form, -r Svn represents the root directory of the server, followed by SVN root directory.
--config-file is referenced Svn server startup configuration file, followed by the configuration file path.
More parameters may refer to the text instructions svnserve
https://linux.die.net/man/8/svnserve
-------------------------------------------------- -----split line------------------------------------------- -------------------
svnserve [Options]
description
svnserve allows the use svn network protocol to access the Subversion repository. It can run as a standalone server process, you can run out of inetd. You must select a mode of operation start svnserve. Recognizes the following options: 
-d, - Damon 
        make svnserve in daemon mode. BACKGROUND svnserve itself receives and provides TCP port on svn / the IP connection (default is 3690).
= Port---listen Port 
        on the reasons Svnserve listening port in daemon mode. 
-host = --listen host 
        that the host listens for a specified svnserve interface, which may be a host name or IP address. 
- prospects 
        and - when used with d, this option causes svnserve remain in the foreground. This option is primarily for debugging.
-i, - INTD 
        the svnserve to use the stdin / stdout file descriptors, as it applies to the inetd daemon.
-h, - Help 
        display usage summary and exit. 
- Version 
        print version and support specific svnserve svnserve repository of file system backend. 
-r root, - root = root
        Set virtual root repository svnserve provided. The client provides a path name in the URL interpreted relative to this root, and the root is not allowed to escape. 
--Read- -R & lt only 
        forcibly prohibited by performing all write operations svnserve this example, so as to cover all other access policy. Do not use this option to set general repository access policies - That's what conf / svnserve.conf repository configuration files. This option should only be used to restrict access by some method invocation of svnserve - for example, allowing write access via SSH, rather than write access by svnserve daemon, or create a limited SSH keys can only read access.
-t, - the Tunnel 
        Causes svnserve to run in tunnel mode, it's like inetd mode of operation (through stdin / providing a connection stdout), in addition to the connection it is considered to be the username of the current uid use of pre-authentication. This flag in the client chooses to run through the tunnel when the agent.
= User---tunnel username 
        and - when used in conjunction tunnel, with the username coverage provided pre-authenticated user name. This is used in conjunction with the "command" command ssh authorized_key file is very useful as it allows multiple submissions to use a single system account, each submitter has a different ssh identity.
-T, - Threads
        Running in daemon mode, causes svnserve to spawn a thread for each connection rather than a process. The svnserve process still backgrounds itself at the start. 
--config- File = filename 
        is specified, when the program starts svnserve reads a file name, and svnserve cache configuration and configuration from any authorized password and filename references. When using this option, svnserve will not read any conf each repository / svnserve.conf file. For more information about the file format of this option.
--pid- File = filename 
        after a specified, svnserve will write its process ID filename. 
-X, - life once 
        the svnserve to accept one connection on the svn port, providing it and exit. This option is primarily for debugging.
Unless --config file option is specified on the command line, once the client has selected a repository URL by passing, svnserve reads a file named CONF / svnserve.conf repository directory to determine repository-specific settings, such as authentication database to use and what authorization policies to apply.
 
repository-path /conf/svnserve.conf
svnserve.conf control svnserve daemon behavior on a per-repository. It is located in the conf subdirectory of the repository.
The same structure as the overall structure of the file and Subversion user profile. In the top part, designated by the word in square brackets; each inner part is "variable = value" custom variable form. With "#" at the beginning of the line will be ignored. svnserve.conf currently use only a section called "general" and supports the following variables: 
anon-access = none | read | write 
to determine the level of access unauthenticated user. write access allows all repository operations. Read access allows all operations except change and submit the revised version of the property. No access is not allowed access. Reads the default level. 
auth -access = none | read | write 
use to determine the user authenticated with the same level of access above the access level. Write default level. 
password -db = filename 
installation position of the password database. filename may be associated with the repository conf directory. There is no default value. This file is password database with the same general format. It uses only a portion of "User"; each of the section variables are username, password each value. 
authz -db = filename 
authz -db option to control the position of the rule-based authorization access control path. filename may be associated with the repository conf directory. There is no default value. If authz- not specified db, it will not perform path-based access control. 
realm = realm name 
authentication realm Set the repository. If the two repositories with the same password database, then they should have the same domain, and vice versa; this association allows the client to store a plurality of cache use a single password. The default value is the field uuid repository. 
example
The following example svnserve.conf allows authenticated users read access, does not allow anonymous users to access, point passwd database in the same directory, and custom domain name. 
[General] 
anon -access = none 
auth -access = read 
password -db = passwd 
realm = my first library 
file " passwd " looks like this: 
[user] 
joeuser = joepassword 
jayrandom = randomjay
-------------------------------------------------- -----split line------------------------------------------- -------------------
 
After starting svnserve can view the process has started 
ps -ef | grep svnserve

SVN default port 3690 open

You can view the following command:

netstat -antp | grep svn
tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 442/svnserve

 

14, open SVN server port on the firewall

SVN server default port is 3690, if you want to modify the default port, you can add when you run svnserve command --listen-port  parameters, followed by the port number must be specified.  
Execute the following command to open port on the SVN server system firewall CentOS7
  
--permanent --add-cmd-Firewall Port = 3690 / TCP 
Firewall -cmd - reload 
# restart firewall (normally no need to restart, only reload) 
systemctl the restart firewalld.service

15, tested on windows

Client install Tortoise SVN 1.9.7, the installation is complete create a new folder, right-click the folder, the pop-up menu, select [Repo-brower] menu, the pop-up dialog box, enter the address SVN: // IP (here we are svn: //49.4.78.56), then enter the user name rick in the verification and password dialog box that you can access the sVN root directory, we use sVN svnuser user login, as shown below
 

 

 Enter your user name and password just defined in the passwd file

 

 

 

 We use svnuser users in the root directory of the new trunk, tags and branches three folders

 

 

16, the SVN server to boot service

Online documentation set SVN server by modifying the boot /etc/rc.local file, this practice has become obsolete in the CentOS 7 environment, we use CentOS 7 ways to add services to normal.
We switched to the usr lib systemd system directory / / / /, create a file named svnserver.service, add the following 
cd /usr/lib/systemd/system
vim svnserver.service

Add the following

[Unit]
Description=SVN Server service 
After=network.target

[Service]
Type=forking
ExecStart= /usr/bin/svnserve -d -r /opt/svnRepos --config-file=/opt/svnRepos/conf/svnserve.conf
ExecStop=  /home/svn/stopSVN.sh
User=svn
Restart=on-abort

[Install]
WantedBy=multi-user.target
Start here SVN server directly using the command, I tried to write a .sh file replacement, but after starting appearance code = exited, status = 203 / EXEC wrong, now use this form.
 
stopSVN.sh script file is used to close the SVN service, as follows: 
! # / bin / SH 
# svnserve find whether there is a corresponding process, any shutdown process 
PS -ef | grep svnserve | grep -v grep 
IF [$ -ne? 0 ]
 the then 
   echo  " at The svn Server does not Start " 
the else 
   killall - . 9  SH svnserve to
 Fi

After saving svnserver.service file, execute the following command

systemctl daemon-reload
systemctl enable svnserver.service
systemctl start svnserver.service

If the shell window, no error message appears, indicating that the startup was successful, we can execute the following command to check the status of start

systemctl status svnserver.service

 

 Run the following command to stop services

systemctl stop svnserver.service
Then we run systemctl stop svnserver.service, we can see that the service has been stopped
So far SVN server installed successfully on Linux servers, CentOS system again after starting the SVN server will boot.

17, supplement

Add that, CentOS comes with default SELinux is Enforcing, is open for self-starting SVN service, will lead to Permisson Denied error occurred while SVN Client Access server, we need to close it manually, modify the / etc / selinux / config file 
vim /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
SELINUX changed from enforcing the disabled, reboot the system, since the launch of the SVN service, accessible from the client is no longer Permssion Denied error.
 
Temporary closure: 
setenforce 0

 

Guess you like

Origin www.cnblogs.com/opma/p/11607511.html
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com