目录
一、安装 SVN
安装命令:
//Ubuntu
apt-get install subversion
//Centos
yum install subversion
查看是否安装成功,可以查看版本
svnserve --version
二、创建版本库目录
比如我将svn所有项目存储在/cqh/soft/svn目录下
创建文件夹:
mkdirt -p /cqh/soft/svn
切换到改目录下:
cd /cqh/soft/svn
三、创建项目
创建一个项目(版本库):
比如创建一个devtest项目
svnadmin create devtest
修改该项目下的配置文件
cd devtest/conf
修改svnserve.conf文件:
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit http://subversion.apache.org/ for more information.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
anon-access = read
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
### realm = /cqh/svn/svnrepos
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above. Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
# force-username-case = none
[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
# use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
# min-encryption = 0
# max-encryption = 256
主要是将anon-access、auth-access、password-db、authz-db几项前的注释符号 “#”去掉
配置项含义:
-
anon-access = none|read|write 决定非授权用户的访问级别。none 表示无访问权限,read 表示只读,write 表示可读可写,默认为 read。
-
auth-access = none|read|write 决定授权用户的访问级别,使用与上面相同的访问级别。默认为 write。
-
password-db = filename 指定账号密码数据库文件名。filename 是相对仓库中 conf 目录的位置,也可以设置为绝对路径,默认为 passwd。
-
authz-db = filename 指定权限配置文件名,filename 是相对仓库中 conf 目录的位置,也可以设置为绝对路径,默认为 authz。
修改passwd配置文件:
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret
# 添加一个用户 账号:cqh 密码:cqh
cqh = cqh
修改authz配置文件:
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
### - a single user,
### - a group of users defined in a special [groups] section,
### - an alias defined in a special [aliases] section,
### - all authenticated users, using the '$authenticated' token,
### - only anonymous users, using the '$anonymous' token,
### - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
# 给组添加用户
g_manager = cqh
# [/foo/bar]
# harry = rw
# &joe = r
# * =
[/]
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
# 给组添加权限 r 读 w 写
@g_manager = rw
四、启动 SVN 服务
执行 SVN 启动命令,其中参数 -d
表示以守护进程的方式启动, -r
表示设置的根目录
svnserve -d -r /cqh/soft/svn
关闭 svn 命令:
killall svnserve
五、本地拉取svn项目
1、在 windows 系统中,安装 TortoiseSVN 软件,创建一个本地目录,右键选择 SVN Checkout 测试下,URL 填写 svn://IP/devtest
,devtest 替换成你创建的版本库名称。
2、输入配置的用户名和密码
六、扩展
设置查看 log 日志
想查看提交的 svn log 日志,需要进一步配置。
编辑 svnserve.conf,设置:
anon-access = none
编辑 authz 文件中添加:
[/]
* =
这样通过鼠标右键 TortoiseSVN->show log 就可以查看 svn 提交的历史记录了。
多个项目管控配置
SVN 配置文件是很灵活的,如果想使用统一的账户和权限去管控多个项目,可以将多个项目的 authz 和 passwd 文件统一放在一处,在多个项目的 svnserve.conf 文件中配置这两个文件的绝对路径,并在 authz 中对不同的项目设置用户访问权限。
如:a、b、c、d 这 4 个用户,p1、p2 两个项目,其中 a、b 只能访问 p1,c、d 只能访问 p2。
创建版本库目录
mkdir /usr/svn
创建多个版本库
cd /usr/svn
svnadmin create p1
svnadmin create p2
创建管理用户权限目录
mkdir /var/svn/conf
cd /p1/conf
cp authz passwd /var/svn/conf
修改配置文件
修改 p1 的 svnserve.conf 文件:
anon-access = none
auth-access = write
password-db = /var/svn/conf/passwd
authz-db = /var/svn/conf/authz
realm = p1
修改 p2 的 svnserve.conf 文件:
anon-access = none
auth-access = write
password-db = /var/svn/conf/passwd
authz-db = /var/svn/conf/authz
realm = p2
password-db 和 authz-db 都使用统一管理用户权限目录,使用绝对路径。
修改 password-db 文件
[users]
a = 123
b = 123
c = 123
d = 123
修改 authz 文件
[groups] //分组
p1user = a,b
p2user = c,d
[/]
* = #以上没有定义的用户都没有任何权限
[p1:/] //p1的访问控制,c、d无法访问
@p1user = rw
[p2:/] //p2的访问控制,a、b无法访问
@p2user = rw
对 password-db 和 authz 文件的修改立即生效,不必重启 svn。
启动 svn 服务
svnserve -d -r /usr/svn/
访问不同项目 SVN
同样 TortoiseSVN 软件,选择 SVN Checkout 测试。
访问项目p1 URL
svn://IP/p1
访问项目p2 URL
svn://IP/p1
统一的配置文件,不同项目限定了不同用户访问,这样就实现了管控多个项目的 SVN 配置。