首先推荐一篇文章:http://en.gentoo-wiki.com/wiki/Subversion/Install#Introduction,官方安装攻略,值得信赖。
前几天为了在服务器上搭建SVN,上网搜索查看了许多教程,由于之间对Linux系统了解的比较肤浅,许多概念不了解,而网上的教程又杂乱,许多只是给出操作而没有给出解释,导致出了问题也不知道该怎么解决,让我废了不少劲才把SVN搭起来。今天我结合Gentoo系统介绍一下SVN服务器端的搭建。
不同的Linux版本有不同的软件安装方式,比如Red Hat 的yum ,Ubuntu的apt-get ,而Gentoo采用emerge命令来安装程序。
emerge dev-vcs/subversion
emerge --config dev-vcs/subversion
以上均采用默认设置,其中第二条命令是采用软件默认配置,自动添加了apache组和apache用户。安装完毕后默认生成/var/svn默认目录和/var/svn/repos仓库(即 repository)。
然后就是修改文件夹权限了。
chown -R apache:apache /var/svn/repos
chmod -R g-w /var/svn/repos
chmod -R g+rw /var/svn/repos/db
chmod -R g+rw /var/svn/repos/locks
gpasswd -a apache apache
以上命令是设置相关文件和文件夹的访问权限,因为SVN进行同步时需要访问相关文件,访问权限是由两部分确定的,一部分是SVN的配置文件,这将在下面介绍,另一部分是由Gentoo系统决定的,也就是操作对象对其内部所有文件的权限管理。在这里是对repos文件夹的系统权限进行更改,使得外部客户端可以连接同步并修改数据仓库中的文件。
修改完系统文件属性就该配置SVN自己的属性了,SVN的配置文件主要有三个:authz, passwd, svnserve.conf,这三个文件在数据仓库的conf文件夹中,在本文的设置下是在/var/svn/repos/config文件夹中。其中authz是负责权限的管理,passwd是负责密码的管理,svnserve.conf是负责访问方式的管理。下面一个一个看这三个文件。
首先看svnserve.conf文件,用vi打开
## This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit http://subversion.apache.org/ for more information.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
realm = repos
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above. Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
# force-username-case = none
该文件默认是全部注释掉,要根据自己的需求将相关的命令前面的注释去掉,本文中红色的部分就是我根据需求配置的,注意所有的指令前面不要有空格,要顶头写。其中anon-access = none表示匿名用户的权限是none,即匿名用户不能访问,也可以配置成可写(write)或只读(read),auth-access = write 表示授权用户可以对SVN账户进行正常操作(即可同步,可修改)。password-db = passwd表示密码登陆,还可以配置成特定路径登陆。
然后看一下密码管理文件passwd
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret
apache = 123
该文件配置密码,格式为 “
账号 = 密码”,注意顶格写,apache = 123 表示登陆用户名是 apache, 密码是 123。
然后看一下授权问价 authz
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
### - a single user,
### - a group of users defined in a special [groups] section,
### - an alias defined in a special [aliases] section,
### - all authenticated users, using the '$authenticated' token,
### - only anonymous users, using the '$anonymous' token,
### - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
apache = apache
[/]
# harry = rw
# &joe = r
#* = rw
apache = rw
[repos:/]
# @harry_and_sally = rw
#* = rw
@apache = rw
该文件进行授权管理,对不同账号的权限进行分配管理,格式为“
账号 = 权限”,其中group中的 apache = apache 表示 apache组包含apache账号,如果添加账号可以直接将该条指令改写为 apache = apache, test,这样就增加了一个test账号,当然对应的passwd文件也要相应增加test账号和密码。 [ / ] 和 [ repos:/ ] 表示对SVN 数据仓库不同的文件夹的访问权限进行配置,@apache = rw 表示对apache整个组的权限进行设定,格式为“
@用户组 = 权限”。
好了,我们对SVN的权限已经设定好了,下面可以运行了,运行命令为
/etc/init.d/svnserve start
rc-update add xinetd default
/usr/bin/svnserve -d -r /var/svn/repos
其中前两条指令是将svn设定为随Gentoo开机启动的程序,这样当服务器重启后就不用再手动重启svnserve进程了。/usr/bin/svnserve -d -r /var/svn/repos 是运行SVN的指令,其中-d表示将svnserve程序作为后台程序运行,-r是设置SVN目录,这样svn客户端访问的时候只要输入服务器网址就可以了,因为子目录已经是 -r 选项中配置好了。
至此SVN服务器已经搭建好了,可以在客户端访问测试了。
客户端的访问指令:
首先checkout下: svn co svn://xxx.xxx.xxx(地址)
然后添加一个test文件:svn add test
然后commit一下:svn ci
一般每次登陆要update一下,以获得最新版本代码:svn update