Centos7 安装SVN

---

一. 环境

系统版本：Centos7 64位

---

二. 安装SVN

• 通过yum下载svn

[root@sunny ~]# yum install subversion

---

• 查看安装后的版本

[root@sunny ~]# svnserve --versionsvnserve, version 1.7.14 (r1542130)    compiled Nov 20 2015, 19:25:09    Copyright (C) 2013 The Apache Software Foundation.    This software consists of contributions made by many people; see the NOTICE    file for more information.    Subversion is open source software, see http://subversion.apache.org/    The following repository back-end (FS) modules are available:    * fs_base : Module for working with a Berkeley DB repository.    * fs_fs : Module for working with a plain file (FSFS) repository.    Cyrus SASL authentication is available.

subversion默认是把/var/svn作为数据根目录的

---

三. 创建仓库

[root@sunny ~]# mkdir /var/svn[root@sunny ~]# svnadmin create /var/svn/aiyotrip[root@sunny ~]# cd /var/svn/aiyotrip[root@sunny aiyotrip]# lsconf  db  format  hooks  locks  README.txt

conf文件夹放着账号等相关配置

---

四. 配置说明

[root@sunny aiyotrip]# cd conf/[root@sunny conf]# lsauthz  passwd  svnserve.conf[root@sunny conf]# 

authz：权限配置
passwd：账户密码配置
svnserve.conf：svn服务配置文件

---

五. svnserve.conf 配置

anon-access 控制非鉴权用户访问版本库的权限。取值范围为"write"、"read"和"none"。即"write"为可读可写，"read"为只读，"none"表示无访问权限。缺省值：read。 这里我们需要配置成 "none"

auth-access 控制鉴权用户访问版本库的权限。取值范围为"write"、"read"和"none"。即"write"为可读可写，"read"为只读，"none"表示无访问权限。缺省值：write。这里我们配置成 "write"

password-db 指定用户名口令文件名。除非指定绝对路径，否则文件位置为相对conf目录的相对路径。缺省值：passwd

authz-db 指定权限配置文件名，通过该文件可以实现以路径为基础的访问控制。除非指定绝对路径，否则文件位置为相对conf目录的相对路径。缺省值：authz

realm 指定版本库的认证域，即在登录时提示的认证域名称。这里配置成我们创建的仓库名:aiyotrip

配置完成如下：

[root@sunny conf]# vim svnserve.conf### This file controls the configuration of the svnserve daemon, if you### use it to allow access to this repository.  (If you only allow### access through http: and/or file: URLs, then this file is### irrelevant.)### Visit http://subversion.apache.org/ for more information.[general]### The anon-access and auth-access options control access to the### repository for unauthenticated (a.k.a. anonymous) users and### authenticated users, respectively.### Valid values are "write", "read", and "none".### Setting the value to "none" prohibits both reading and writing;### "read" allows read-only access, and "write" allows complete ### read/write access to the repository.### The sample settings below are the defaults and specify that anonymous### users have read-only access to the repository, while authenticated### users have read and write access to the repository.# anon-access = read# auth-access = write### The password-db option controls the location of the password### database file.  Unless you specify a path starting with a /,### the file's location is relative to the directory containing### this configuration file.### If SASL is enabled (see below), this file will NOT be used.### Uncomment the line below to use the default password file.### Visit http://subversion.apache.org/ for more information.[general]### The anon-access and auth-access options control access to the### repository for unauthenticated (a.k.a. anonymous) users and### authenticated users, respectively.### Valid values are "write", "read", and "none".### Setting the value to "none" prohibits both reading and writing;### "read" allows read-only access, and "write" allows complete ### read/write access to the repository.### The sample settings below are the defaults and specify that anonymous### users have read-only access to the repository, while authenticated### users have read and write access to the repository.anon-access = noneauth-access = write### The password-db option controls the location of the password### database file.  Unless you specify a path starting with a /,### the file's location is relative to the directory containing### this configuration file.### If SASL is enabled (see below), this file will NOT be used.### Uncomment the line below to use the default password file.password-db = passwd### The authz-db option controls the location of the authorization### rules for path-based access control.  Unless you specify a path### starting with a /, the file's location is relative to the the### directory containing this file.  If you don't specify an### authz-db, no path-based access control is done.### Uncomment the line below to use the default authorization file.authz-db = authz### This option specifies the authentication realm of the repository.### If two repositories have the same authentication realm, they should### have the same password database, and vice versa.  The default realm### is repository's uuid.realm = aiyotrip### The force-username-case option causes svnserve to case-normalize### usernames before comparing them against the authorization rules in the### authz-db file configured above.  Valid values are "upper" (to upper-### case the usernames), "lower" (to lowercase the usernames), and### "none" (to compare usernames as-is without case conversion, which### is the default behavior).# force-username-case = none[sasl]### This option specifies whether you want to use the Cyrus SASL### library for authentication. Default is false.### This section will be ignored if svnserve is not built with Cyrus### SASL support; to check, run 'svnserve --version' and look for a line### reading 'Cyrus SASL authentication is available.'# use-sasl = true### These options specify the desired strength of the security layer### that you want SASL to provide. 0 means no encryption, 1 means### integrity-checking only, values larger than 1 are correlated### to the effective key length for encryption (e.g. 128 means 128-bit### encryption). The values below are the defaults.# min-encryption = 0# max-encryption = 256

---

六. 编辑用户配置文件

[root@sunny conf]# vim passwd ### This file is an example password file for svnserve.### Its format is similar to that of svnserve.conf. As shown in the### example below it contains one section labelled [users].### The name and password for each user follow, one account per line.[users]# harry = harryssecret# sally = sallyssecret# 用户名 = 密码zhangsan = zhangsan123lisi = lisi123wangwu = wangwu123zhaoliu = zhangliu123

---

七. 编辑权限配置文件

该配置文件由一个[groups]用户组配置和若干个[<版本库名>:<路径>]版本库路径权限段组成。

权限的取值范围为 空,r和rw，空表示对该版本库路径无任何权限，r表示具有只读权限，rw表示有读写权 限。

版本库路径权限段中配置行格式有如下三种：
<用户名> = <权限>
<用户组> = <权限>
* = <权限>
注意：每行配置只能配置单个用户或用户组。

---

• 组配置[groups]
  <用户组> = <用户列表>
  一个用户组可以有多个用户，用户之间 逗号 隔开。引用用户组时要使用前缀”@”(如：引用用户组”admin”要使用字符 串”@admin”)。

[groups]# harry_and_sally = harry,sally# harry_sally_and_joe = harry,sally,&joeadmin = zhangsanvip = lisi,wangwuvisitor = zhaoliiu

这里就分了三个组，管理员组，vip组，游客组

---

• 版本库路径权限段配置
  [<版本库名>:<路径>]
  如上所述，我创建的版本库为 aiyotrip，在这个版本库中有vip目录(vip组成员可以访问)，一个visitor目录(游客组成员可以访问)，下面我们进行权限的配置

[aiyotrip:/]@admin = rw* = [aiyotrip:/vip]@vip = rw* = r[aiyotrip:/visitor]@visitor = rw* = r

admin 组对整个版本库由读写权限，其他没有权限
vip组对vip路径有读写权限，其他只有读权限
visitor组对visitor有读写权限，其他只有读权限

---

• 启动svn

[root@sunny conf]# svnserve -d -r /var/svn/aiyotrip/

---

• 测试安装结果

[root@sunny conf]# svn co svn://47.93.232.127/aiyotripAuthentication realm: <svn://47.93.232.127:3690> /var/svn/aiyotripPassword for 'root': Authentication realm: <svn://47.93.232.127:3690> /var/svn/aiyotripUsername: taokaiPassword for 'taokai': -----------------------------------------------------------------------ATTENTION!  Your password for authentication realm:   <svn://47.93.232.127:3690> /var/svn/aiyotripcan only be stored to disk unencrypted!  You are advised to configureyour system so that Subversion can store passwords encrypted, ifpossible.  See the documentation for details.

证明安装成功了