Gentoo搭建SVN服务器（亲测）

首先推荐一篇文章：http://en.gentoo-wiki.com/wiki/Subversion/Install#Introduction，官方安装攻略，值得信赖。

前几天为了在服务器上搭建SVN，上网搜索查看了许多教程，由于之间对Linux系统了解的比较肤浅，许多概念不了解，而网上的教程又杂乱，许多只是给出操作而没有给出解释，导致出了问题也不知道该怎么解决，让我废了不少劲才把SVN搭起来。今天我结合Gentoo系统介绍一下SVN服务器端的搭建。

不同的Linux版本有不同的软件安装方式，比如Red Hat 的yum ，Ubuntu的apt-get ，而Gentoo采用emerge命令来安装程序。 

emerge dev-vcs/subversion
emerge --config dev-vcs/subversion

以上均采用默认设置，其中第二条命令是采用软件默认配置，自动添加了apache组和apache用户。安装完毕后默认生成/var/svn默认目录和/var/svn/repos仓库（即 repository）。

然后就是修改文件夹权限了。

chown -R apache:apache /var/svn/repos
chmod -R g-w /var/svn/repos
chmod -R g+rw /var/svn/repos/db
chmod -R g+rw /var/svn/repos/locks
gpasswd -a apache apache

以上命令是设置相关文件和文件夹的访问权限，因为SVN进行同步时需要访问相关文件，访问权限是由两部分确定的，一部分是SVN的配置文件，这将在下面介绍，另一部分是由Gentoo系统决定的，也就是操作对象对其内部所有文件的权限管理。在这里是对repos文件夹的系统权限进行更改，使得外部客户端可以连接同步并修改数据仓库中的文件。

修改完系统文件属性就该配置SVN自己的属性了，SVN的配置文件主要有三个：authz, passwd, svnserve.conf，这三个文件在数据仓库的conf文件夹中，在本文的设置下是在/var/svn/repos/config文件夹中。其中authz是负责权限的管理，passwd是负责密码的管理，svnserve.conf是负责访问方式的管理。下面一个一个看这三个文件。

首先看svnserve.conf文件，用vi打开

## This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository.  (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)

### Visit http://subversion.apache.org/ for more information.

[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete 
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
realm = repos
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above.  Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
# force-username-case = none

该文件默认是全部注释掉，要根据自己的需求将相关的命令前面的注释去掉，本文中红色的部分就是我根据需求配置的，注意所有的指令前面不要有空格，要顶头写。其中anon-access = none表示匿名用户的权限是none，即匿名用户不能访问，也可以配置成可写（write）或只读（read），auth-access = write 表示授权用户可以对SVN账户进行正常操作（即可同步，可修改）。password-db = passwd表示密码登陆，还可以配置成特定路径登陆。

然后看一下密码管理文件passwd

### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.

[users]
# harry = harryssecret
# sally = sallyssecret
apache = 123

该文件配置密码，格式为 “ 账号 = 密码”，注意顶格写，apache = 123 表示登陆用户名是 apache, 密码是 123。

然后看一下授权问价 authz

### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
###  - a single user,
###  - a group of users defined in a special [groups] section,
###  - an alias defined in a special [aliases] section,
###  - all authenticated users, using the '$authenticated' token,
###  - only anonymous users, using the '$anonymous' token,
###  - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').

[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average

[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
apache = apache

[/]
# harry = rw
# &joe = r
#* = rw
apache = rw

[repos:/]
# @harry_and_sally = rw
#* = rw
@apache = rw     

该文件进行授权管理，对不同账号的权限进行分配管理，格式为“ 账号 = 权限”，其中group中的 apache = apache 表示 apache组包含apache账号，如果添加账号可以直接将该条指令改写为 apache = apache, test，这样就增加了一个test账号，当然对应的passwd文件也要相应增加test账号和密码。 [ / ] 和 [ repos:/ ] 表示对SVN 数据仓库不同的文件夹的访问权限进行配置，@apache = rw 表示对apache整个组的权限进行设定，格式为“ @用户组 = 权限”。

好了，我们对SVN的权限已经设定好了，下面可以运行了，运行命令为

/etc/init.d/svnserve start
rc-update add xinetd default
/usr/bin/svnserve -d -r /var/svn/repos

其中前两条指令是将svn设定为随Gentoo开机启动的程序，这样当服务器重启后就不用再手动重启svnserve进程了。/usr/bin/svnserve -d -r /var/svn/repos 是运行SVN的指令，其中-d表示将svnserve程序作为后台程序运行，-r是设置SVN目录，这样svn客户端访问的时候只要输入服务器网址就可以了，因为子目录已经是 -r 选项中配置好了。


至此SVN服务器已经搭建好了，可以在客户端访问测试了。

客户端的访问指令：

首先checkout下： svn co svn://xxx.xxx.xxx(地址)

然后添加一个test文件：svn add test

然后commit一下：svn ci

一般每次登陆要update一下，以获得最新版本代码：svn update