- 安装前提
- 安装步骤
- 配置subversion
一、安装前提
1.关闭防火墙
# service iptables stop # chkconfig iptables off # service ip6tables stop # chkconfig ip6tables off |
2.关闭SElinux
# perl -i -p -e 's/=enforcinig/=disabled/g' /etc/selinux/config |
重启系统
二、安装步骤
/***
apache 2.2 -> openssl 0.9.8 -> subversion 1.6
apache 2.4 -> openssl 1.0.0 -> subversion 1.7/8
***/
1.安装相应软件包
# yum install zlib* # yum install openssl* # yum install dev* # yum install pcre* |
2.查看openssl版本
# openssl version OpenSSL 1.0.0-fips 29 Mar 2010 |
3.安装apache
确保本机rpm安装的apache已被移除
至http://mirror.bit.edu.cn/apache/httpd/下载apache源码包
至http://apr.apache.org/download.cgi下载apr、apr-util源码包
# tar -zxvf httpd-2.4.7.tar.gz # tar -zxvf apr-1.5.0.tar.gz # tar -zxvf apr-util-1.5.3.tar.gz # mv apr-1.5.0 httpd-2.4.7/srclib/apr # cd httpd-2.4.7 # ./configure --prefix=/usr/local/apache --enable-mods-shared=most --with-mpm=worker --with-apr=/usr/local/apr/bin/apr-1-config --with-apr-util=/usr/local/apr-util/bin/apu-1-config --enable-so --enable-ssl --enable-http --enable-dav --enable-mime-magic --enable-expires --enable-cache --enable-file-cache --enable-cache-disk --enable-info --enable-log-forensic --enable-suexec --enable-cgi --enable-deflate --enable-vhost-alias --enable-rewrite --enable-maintainer-mode # make # make install |
4.安装subversion
至http://subversion.apache.org/download/下载subversion源码包
# tar -zxvf subversion-1.7.14.tar.gz # cd subversion-1.7.14 # ./get-deps.sh # cd neon/ # ./configure # make # make install # cd .. # ./configure --prefix=/usr/local/svn --with-apr=/usr/local/apr/bin/apr-1-config --with-apr-util=/usr/local/apr-util/bin/apu-1-config --with-apxs=/usr/local/apache/bin/apxs --with-apache-libexecdir=/usr/local/apache/modules/ --enable-shared --enable-static --with-ssl --without-berkeley-db --with-neon=/usr/local/neon/bin/neon-config # make # make install |
三、配置subversion
1.添加至系统命令
# cp /usr/local/svn/lib/* /usr/lib/ # cp /usr/local/svn/bin/* /usr/bin/ |
2.编辑httpd.conf
去除注释 Include conf/extra/httpd-dav.conf Include conf/extra/httpd-ssl.conf 添加两行 LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so |
3.配置apache
在httpd.conf增加
<Location /> DAV svn SVNParentPath /svnroot SVNListParentPath On AuthzSVNAccessFile /svnroot/acl.conf AuthType Basic AuthName "Subversion" AuthzForceUsernameCase Lower AuthUserFile /svnroot/auth.conf Require valid-user SSLRequireSSL#若增加此行只支持https </Location> |
4.创建证书
# cd /usr/local/apache/conf 创建证书 # openssl genrsa -des3 -out ca.key 1024 # openssl req -new -x509 -days 365 -key ca.key -out ca.crt # openssl genrsa -des3 -out server.key 4096 # openssl req -new -key server.key -out server.csr # openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt 重启apache时不需要密码 # cp server.key server.key.org # openssl rsa -in server.key.org -out server.key # chmod 400 server.key 客户端证书 # openssl genrsa -out client.key 1024 # openssl req -new -out client.csr -key client.key # openssl x509 -req -in client.csr -out client.crt -signkey client.key -CA ca.crt -CAkey ca.key -CAcreateserial -days 3650 # openssl pkcs12 -export -clcerts -in client.crt -inkey client.key -out client.p12
# cp ca.crt /svnroot/ # cp client.p12 /svnroot/ |
5.创建权限控制文件
# /usr/local/apache/bin/htpasswd -cm /svnroot/svn-auth-conf yumeng #第一次创建使用-cm参数 后续均使用-m即可 # vim /svnroot/acl.conf 增加 [groups] [/] |
6.启动apache
# /usr/local/apache/bin/apachectl -t # /usr/local/apache/bin/apachectl start |