1. Install Berkley DB(4.8)
tar -xzvf db-4.8.30.tar.gz
cd db-4.8.30/build_unix
../dist/configure
make && install
2. Install OpenLDAP(2.4.26)
tar -xvfz openldap-stable-20100719.tgz
cd openldap-2.4.23
export CPPFLAGS="-I/usr/local/BerkeleyDB.4.8/include"
export LDFLAGS="-L/usr/local/lib -L/usr/local/BerkeleyDB.4.8/lib -R/usr/local/BerkeleyDB.4.8/lib"
export LD_LIBRARY_PATH="/usr/local/BerkeleyDB.4.8/lib"
./configure
make depend
make && make install
3. Install OpenSSL(1.0.0e)
tar -xvfz openssl-1.0.0e.tar.gz
cd openssl-1.0.0e
./config --prefix=/usr/local --openssldir=/usr/local/openssl shared
make
make test
make install
4. Install apr(1.4.5)
tar -xvfz apr-1.4.5.tar.gz
cd apr-1.4.5
./configure --prefix=/usr/local/apr
make && make install
5. Install apr-util(1.3.12)
tar -xvfz apr-util-1.3.12.tar.gz
cd apr-util-1.3.12
./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr --with-ldap --with-berkeley-db=/usr/local/BerkeleyDB.4.8
make && make install
6. Install Apache HTTP Server(2.2.21)
tar -xvfz httpd-2.2.21.tar.gz
cd httpd-2.2.21
./configure --prefix=/usr/local/apache --with-ldap --enable-mods-shared="all ssl ldap cache proxy authn_alias mem_cache file_cache authnz_ldap charset_lite dav_lock disk_cache" --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util # Complie all DSO
make && make install
7. Install Python(2.7.2)
tar -xvfz Python-2.7.2.tgz
cd Python-2.7.2
./configure
make && make install
8. Install Subversion(1.6.17)
rm-f /usr/local/lib/libsvn*
rm-f /usr/local/lib/libapr*
rm-f /usr/local/lib/libexpat*
rm-f /usr/local/lib/libneon*
wget http://subversion.tigris.org/downloads/subversion-1.6.17.tar.gz
wget http://subversion.tigris.org/downloads/subversion-deps-1.6.17.tar.gz
tar -xvfz subversion-1.6.17.tar.gz
tar -xvfz subversion-deps-1.6.17.tar.gz
cd subversion-1.6.17
./autogen.sh
./configure --with-apxs=/usr/local/apache2/bin/apxs --with-apr=/usr/local/apr --with-apr-util=/usr/local/apr-util --with-berkeley-db
make
make install
# Install python bindings for SWIG
make swig-py
make check-swig-py ### Perform checks
make install-swig-py
ln -s /usr/local/lib/svn-python/libsvn /usr/local/lib/python2.7/site-packages/libsvn
ln -s /usr/local/lib/svn-python/svn /usr/local/lib/python2.7/site-packages/svn
9. Modify /etc/ld.so.conf add the following two line:
/usr/local/lib
/usr/local/lib6
Activate the changes of ld.so.conf:
/sbin/ldconfig
10. Apache configuration for SVN and LDAP integration
Add the following to /usr/local/apache/conf/httpd.conf:
# Enable Subversion Apache Modules
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
<Location /repos>
DAV svn
SVNParentPath /builds/svn
AuthType Basic
AuthName "Subversion Repositories"
AuthzSVNAccessFile /builds/svn/dav_svn.authz
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPBindDN "DC=foo,DC=com"
AuthLDAPBindPassword bind_password
AuthLDAPURL "ldap://foo.com:389/binduser?sAMAccountName?sub?(objectClass=*)"
Require valid-user
</Location>
11. An example of AuthzSVNAccessFile
[groups]
admin = peng
cmteam = peng, user1, user2, user3
# Default access rule for ALL repositories
# Everyone can read, admins can write.
[/]
* = r
@admin = rw
# Allow developers complete access to their project repos
[ApolloCM:/]
@cmteam = rw
user4 = rw
user5 = #user5 is excluded
.