SVN服务器安装过程记录

SVN服务器安装过程记录

目标：

​ 在centos7.9下安装svn服务器，并建立多个svn版本库。

步骤：

背景环境

操作系统centos7.9。

关闭防火墙

为了防止一些复杂的网络情况，关闭系统的防火墙，好在，这个试验对安全控制没有太多要求。

systemctl stop firewalld.service         # 关闭防火墙
systemctl disable firewalld.service      # 禁用防火墙,重启之后也不会打开

安装svn服务器

yum -y install subversion			# 安装svn
svn --version									# 查看版本信息

从返回值看到，svn，版本1.7.14

svn, version 1.7.14 (r1542130)
   compiled Sep 30 2020, 17:44:04

Copyright (C) 2013 The Apache Software Foundation.
This software consists of contributions made by many people; see the NOTICE
file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository access (RA) modules are available:

* ra_neon : Module for accessing a repository via WebDAV protocol using Neon.
  - handles 'http' scheme
  - handles 'https' scheme
* ra_svn : Module for accessing a repository using the svn network protocol.
  - with Cyrus SASL authentication
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme

创建svn仓库

计划创建三个svn库，先建立基础目录

mkdir -p /home/svn/repository

创建是三个svn代码库

svnadmin create /home/svn/repository/server-gateway
svnadmin create /home/svn/repository/server-framework/
svnadmin create /home/svn/repository/server-devuser/

修改权限

建立了三个svn库，需要对库的访问权限进行配置，以/home/svn/repository/server-gateway为例，其他两个库是相同的。

主要是修改三个文件authz、passwd、svnserve.conf

svnserve.conf

cd /home/svn/repository/server-gateway/conf/
vi svnserve.conf

总体来说

anon-access = none							              # 这里改为none，原来是read
auth-access = write	                          # 这里解除注释，认证才可访问
password-db = passwd	                        # 这里解除注释，指定密码文件
authz-db = authz                              # 这里解除注释，指定认证文件
realm = /home/svn/repository/server-gateway   # 这里取个名字，唯一的就可以，为了方便，我取了全路径名

完整文件见后面

passwd

cd /home/svn/repository/server-gateway/conf/
vi passwd

声明用户名和密码，这里声明了用户名gateway，密码123456

### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.

[users]
# harry = harryssecret
# sally = sallyssecret
gateway = 123456

authz

cd /home/svn/repository/server-gateway/conf/
vi authz

指定用户gateway在这个svn代码库的根目录开始具有读写权限

[/]
gateway = rw

重复上面的过程，可以将三个库全部配置完成

启动svn

svnserve -d -r /home/svn/repository/       # 注意，这里的目录不是server-gateway，而是库的根目录

连接

由于建立了三个库，启动时没有加的目录名要在连接加上

svn://192.168.1.145/server-gateway 用户名:gateway 密码:123456

svn://192.168.1.145/server-framework 用户名:framework 密码:123456

svn://192.168.1.145/server-devuser 用户名:devuser 密码:123456

svn://192.168.1.145/server-dsp6 用户名:dsp6 密码:123456

附件

svnserve.conf

### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository.  (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)

### Visit http://subversion.apache.org/ for more information.

[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete 
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
# realm = /home/svn/repository/server-gateway
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above.  Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
# force-username-case = none

[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
# use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
# min-encryption = 0
# max-encryption = 256