Linux搭建svn平台

svn简介

SVN是Subversion的简称，是一个开放源代码的版本控制系统，相较于RCS、CVS，它采用了分支管理系统，它的设计目标就是取代CVS。互联网上很多版本控制服务已从CVS迁移到Subversion。说得简单一点SVN就是用于多个人共同开发同一个项目，共用资源的目的。

svn的docker搭建方法

docker run --restart always --name svn --net=yzfar -d -v /root/dockers/svn:/var/opt/svn -p 3690:3690 garethflowers/svn-server

简析

• /root/dockers/svn为宿主机的文件目录，/var/opt/svn为容器内的文件目录
• –restart always命令可以实现容器在宿主机开机时自启动
• -p 3690:3690表示将宿主机的3690端口映射到容器的3690端口，此端口为svn服务的默认端口，可以根据需要自行修改
• –net=yzfar 为docker的网络名称

创建svn仓库和账户

• 加入容器操作

docker exec -it svn /bin/sh

• 创建名称为svn的资源仓库

svnadmin create svn

创建成功后svn目录内应该包含以下文件:
README.txt conf db format hooks locks

• 进入conf 资源仓库配置，修改svnserve.conf

anon-access = none             # 匿名用户不可读写，也可设置为只读 read
auth-access = write            # 授权用户可写
password-db = passwd           # 密码文件路径，相对于当前目录
authz-db = authz               # 访问控制文件
realm = /var/opt/svn/svn       # 认证命名空间，会在认证提示界面显示，并作为凭证缓存的关键字，可以写仓库名称比如svn

• 配置账号与密码，修改 passwd文件，格式为“账号 = 密码”

[users]
# harry = harryssecret
# sally = sallyssecret
admin = 123456

• 配置账户权限，修改 authz文件

[groups]
owner = admin
[/]               # / 表示所有仓库
admin = rw        # 用户 admin 在所有仓库拥有读写权限
[svn:/]           # 表示以下用户在仓库 svn 的所有目录有相应权限
@owner = rw       # 表示 owner 组下的用户拥有读写权限

svn的centos搭建方法

二，安装SV
官网下载： http://subversion.apache.org/packages.html
SVN客户端TortoiseSVN :https://tortoisesvn.net/downloads.html

1,yum install subversion安装

yum install subversion

2,新建一个目录用于存储SVN目录

[root@localhost]mkdir /svn

3,新建一个测试仓库

[root@localhost svn]# svnadmin create /svn/test/
[root@localhost svn]# ll /svn/test/
total 24
drwxr-xr-x. 2 root root 4096 Jul 28 18:12 conf
drwxr-sr-x. 6 root root 4096 Jul 28 18:12 db
-r--r--r--. 1 root root    2 Jul 28 18:12 format
drwxr-xr-x. 2 root root 4096 Jul 28 18:12 hooks
drwxr-xr-x. 2 root root 4096 Jul 28 18:12 locks
-rw-r--r--. 1 root root  229 Jul 28 18:12 README.txt

以下关于目录的说明：

hooks目录：放置hook脚步文件的目录

locks目录：用来放置subversion的db锁文件和db_logs锁文件的目录，用来追踪存取文件库的客户端

format目录：是一个文本文件，里边只放了一个整数，表示当前文件库配置的版本号

conf目录：是这个仓库配置文件（仓库用户访问账户，权限）

4,配置SVN服务的配置文件svnserver.conf：

[root@localhost conf]# vim svnserve.conf 
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository.  (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit http://subversion.tigris.org/ for more information.
[general]
### These options control access to the repository for unauthenticated
### and authenticated users.  Valid values are "write", "read",
### and "none".  The sample settings below are the defaults.
anon-access = read         ##注意前边不要有空格，要顶齐
auth-access = write         ##注意前边不要有空格，要顶齐
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd        ##注意前边不要有空格，要顶齐
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz           
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
realm = This is My First Test Repository   ##这个是提示信息
[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
# use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
# min-encryption = 0
# max-encryption = 256

5，配置访问用户及密码

[root@localhost conf]# vim passwd 
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret
lqb = lqb123456
test1 = 123456
test2 = 654321

6，配置新用户的授权文件

[root@localhost conf]# vim authz     
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to:
###  - a single user,
###  - a group of users defined in a special [groups] section,
###  - an alias defined in a special [aliases] section,
###  - all authenticated users, using the '$authenticated' token,
###  - only anonymous users, using the '$anonymous' token,
###  - anyone, using the '*' wildcard.
###
### A match can be inverted by prefixing the rule with '~'. Rules can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
# [/foo/bar]
# harry = rw
# &joe = r
# * =
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
admin = lqb,test2
user = test1
[/svn/test/]
@admin = rw 
@user = r

备注：

admin = lqb,test2 创建admin组，组成员为：lqb,test2

user = test1 创建用户组，用户成员：test1

[test:/] 赋予根权限，为了便于管理和权限的控制，可以把权限细化到版本库中相应的目录

@admin = rw admin组有读写的权限

@user = ruser组只有读的权限

*=表示除了上面设置的权限用户组以外，其他所有用户都设置空权限，空权限表示禁止访问本目录，这很重要一定要加上。

备注：版本库的目录格式如下:

[<版本库>:/项目/目录]

@<用户组名> = 权限

<用户名> = 权限

其中[]內容有許多写法：

[/],表示根目录及其一下的路径，根目录是svnserver启动时指定好的，上述实例中我们指定为:/svn/svndata([/]=/svn/svndata).[/]就是表示对全部版本设置的权限

[test:/],表示对版本库test设置权限；

[test:/svnadmin],表示对版本库test中的svnadmin项目设置权限；

[test:/svnadmin/second],表示对版本库test中的svnadmin项目的目录设置权限；

权限的主体可以是用户组，用户或者*，用户组在前面要以@开头，*表示全部用户

权限分为：r ,w, rw和null ,null空表示没有任何权限。

auhtz配置文件中的每个参数，开头不能有空格，对于组要以@开头，用户不需要。

7，启动svn服务

[root@localhost conf]#svnserve -d -r /svn/

注意：更改svnserver.conf时需要重启SVN服务，更改authz，passwd文件时则不需要重启服务

二，通过客户端进行连接：

<一>，Windos客户端连接操作

1,使用windows的客户端来进行连接

2，在Linux使用如下命令行：

[root@localhost conf]# svn co svn://192.168.200.200/test
A    test/工作文档.txt.bak
A    test/soft
Checked out revision 2.

如果失败的话，基本上可以断定authz文件的配置有问题，可以修改下：

admin = lqb,test2
user = test1
[/]
@admin = rw 
@user = r 
* =      ###表示除了上面设置的权限用户组以外，其他所有用户都设置空权限，空权限表示禁止访问本目录