subversion(以下简称svn)是近年来崛起的版本管理工具,是cvs的接班人。
svn服务器有2种运行方式:
1. 独立服务器2. 借助apache。
二种方式各有利弊,可以根据自己的需要进行配置,我不需要Http进行访问,只需要客户端可以Commit & update 就可以,下面是我选择的第一种方式-独立的SVN服务器。
svn存储版本数据也有2种方式:
1. BDB2. FSFS。
因为BDB方式在服务器中断时,有可能锁住数据(朋友在搞ldap时就深受其害,没法根治),所以还是FSFS方式更安全一点,我也选择这种方式。
我的系统环境:Centos-5.5 + Php-5.3.3 + Nginx-0.8.49 + Mysql-5.5.5m3+subersion-1.6.12
================================================================
============以上介绍系统完成,下面开始SVN安装==============
================================================================
获取svn安装包,直接切换到root用户进行所有操作:
最新版下载地址:http://subversion.apache.org/
直接到下载页面:http://svn.haxx.se/dev/archive-2010-06/0320.shtml
1 | [[email protected]]$ wget "<a target="_blank" href="https://www.ancii.com/link/v1/P4BaQnLztCurHvsIQqR_aqgmY9B3OwueIYqki1CCKe5KGT06NHOQmk-yCfMiCt-ocEUDCf7LuLAMdYwT4WOOrw/" rel="nofollow" title="http://subversion.tigris.org/downloads/subversion-1.6.12.tar.gz">http://subversion.tigris.org/downloads/subversion-1.6.12.tar.gz</a>" |
2 | [[email protected]]$ wget "<a target="_blank" href="https://www.ancii.com/link/v1/P4BaQnLztCurHvsIQqR_aqgmY9B3OwueIYqki1CCKe5KGT06NHOQmk-yCfMiCt-oVpBy48E2_thqxvNIAZ1jSiR_ji-zDe3jAi5daEyXHQE/" rel="nofollow" title="http://subversion.tigris.org/downloads/subversion-deps-1.6.12.tar.gz">http://subversion.tigris.org/downloads/subversion-deps-1.6.12.tar.gz</a>" |
下载完成之后,开始编译:
注:以svnserve方式运行,不加apache编译参数。以fsfs格式存储版本库,不编译berkeley-db
如果最后出现下面WARNING,我们直接忽略即可。因为不使用BDB存储。
configure: WARNING: we have configured without BDB filesystem support
You don't seem to have Berkeley DB version 4.0.14 or newer
installed and linked to APR-UTIL. We have created Makefiles which
will build without the Berkeley DB back-end; your repositories will
use FSFS as the default back-end. You can find the latest version of
Berkeley DB here:
http://www.sleepycat.com/download/index.shtml
编译完成之后,开始安装:
如果 make install 出现下面错误:
error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory
解决办法:
01 | #1、编辑/etc/ld.so.conf文件: |
09 | #3、再重新运行make install 问题得到解决。 |
12 | #注:ld.so.conf和ldconfig用于维护系统动态链接库 |
测试是否安装成功:
如果显示如下,svn安装成功:
svnserve, version 1.6.12 (r955767)
compiled Sep 1 2010, 01:36:17
Copyright (C) 2000-2009 CollabNet.
Subversion is open source software, see http://subversion.tigris.org/
This product includes software developed by CollabNet (http://www.Collab.Net/).
The following repository back-end (FS) modules are available:
* fs_fs : Module for working with a plain file (FSFS) repository.
Cyrus SASL authentication is available.
================================================================
============为了方便下操作,下面将SVN的BIN添加到PATH====================
================================================================
在/etc/profile最后加入 SVN Path 以方便操作:
01 | #1、编辑/etc/profile文件,添加PATH |
04 | PATH=/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/svn/bin:$PATH |
11 | /usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/svn/bin:...... |
12 | #上面已经包含了“/usr/local/svn/bin”,说明已经成功。 |
更多详细介绍可参考:http://blog.hexu.org/archives/647.shtml
================================================================
============以上安装完成,下面开始建立SVN版本库=============
================================================================
svn版本库可建多个比如:repos,repos1,repos2….:新建目录和初始化版本库:
初始化版本库完成,开始设置配置svnserve.conf:
02 | ### This file controls the configuration of the svnserve daemon, if you |
03 | ### use it to allow access to this repository. (If you only allow |
04 | ### access through http: and/or file: URLs, then this file is |
07 | ### Visit <a target="_blank" href="https://www.ancii.com/link/v1/P4BaQnLztCurHvsIQqR_aifzBIUa8l8EfOr1luR1YpE/" rel="nofollow" title="http://subversion.tigris.org/">http://subversion.tigris.org/</a> for more information. |
10 | ### These options control access to the repository for unauthenticated |
11 | ### and authenticated users. Valid values are "write", "read", |
12 | ### and "none". The sample settings below are the defaults. |
13 | anon-access = none # 注意这里必须设置,否则所有用户不用密码就可以访问 |
15 | ### The password-db option controls the location of the password |
16 | ### database file. Unless you specify a path starting with a /, |
17 | ### the file's location is relative to the directory containing |
18 | ### this configuration file. |
19 | ### If SASL is enabled (see below), this file will NOT be used. |
20 | ### Uncomment the line below to use the default password file. |
22 | ### The authz-db option controls the location of the authorization |
23 | ### rules for path-based access control. Unless you specify a path |
24 | ### starting with a /, the file's location is relative to the the |
25 | ### directory containing this file. If you don't specify an |
26 | ### authz-db, no path-based access control is done. |
27 | ### Uncomment the line below to use the default authorization file. |
29 | ### This option specifies the authentication realm of the repository. |
30 | ### If two repositories have the same authentication realm, they should |
31 | ### have the same password database, and vice versa. The default realm |
32 | ### is repository's uuid. |
35 | ### This option specifies whether you want to use the Cyrus SASL |
36 | ### library for authentication. Default is false. |
37 | ### This section will be ignored if svnserve is not built with Cyrus |
38 | ### SASL support; to check, run 'svnserve --version' and look for a line |
39 | ### reading 'Cyrus SASL authentication is available.' |
41 | ### These options specify the desired strength of the security layer |
42 | ### that you want SASL to provide. 0 means no encryption, 1 means |
43 | ### integrity-checking only, values larger than 1 are correlated |
44 | ### to the effective key length for encryption (e.g. 128 means 128-bit |
45 | ### encryption). The values below are the defaults. |
注意:对用户配置文件的修改立即生效,不必重启svn。
初始化版本库完成,开始设置passwd 用户账号信息:
02 | ### This file is an example password file for svnserve. |
03 | ### Its format is similar to that of svnserve.conf. As shown in the |
04 | ### example below it contains one section labelled [users]. |
05 | ### The name and password for each user follow, one account per line. |
06 | # 在下面添加用户和密码,每行一组 username = password |
初始化版本库完成,开始设置authz 用户访问权限:
01 | ### This file is an example authorization file for svnserve. |
02 | ### Its format is identical to that of mod_authz_svn authorization |
04 | ### As shown below each section defines authorizations for the path and |
05 | ### (optional) repository specified by the section name. |
06 | ### The authorizations follow. An authorization line can refer to: |
08 | ### - a group of users defined in a special [groups] section, |
09 | ### - an alias defined in a special [aliases] section, |
10 | ### - all authenticated users, using the '$authenticated' token, |
11 | ### - only anonymous users, using the '$anonymous' token, |
12 | ### - anyone, using the '*' wildcard. |
14 | ### A match can be inverted by prefixing the rule with '~'. Rules can |
15 | ### grant read ('r') access, read-write ('rw') access, or no access |
19 | # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average |
22 | # harry_and_sally = harry,sally |
23 | # harry_sally_and_joe = harry,sally,&joe |
30 | # [repository:/baz/fuz] |
31 | # @harry_and_sally = rw |
33 | #### ==================== 下面我新加的 ==================== ### |
35 | grp_hexu = tiboo, olinux # grp_hexu 组包括两个用户tiboo, olinux |
38 | tiboo = # tiboo对根目录没有任何权限 |
39 | olinux = rw # olinux对根目录有读写权限 |
41 | [repos:/hexu.org] # 对repos仓库的hexu.org项目进行权限 限制 |
42 | @grp_hexu = rw # 限制grp_hexu 组对hexu.org项目有读写权限 |
43 | olinux = # 限制olinux所有权限,其它用户有读写权限 |
45 | [repos:/test.org] # 对repos仓库的test.org项目进行权限 限制 |
46 | @grp_hexu = rw # 限制grp_hexu 组对test.org项目有读写权限 |
47 | olinux= r # 限制olinux只有读权限,其它用户有读写权限 |
其中,1个用户组可以包含1个或多个用户,用户间以逗号分隔。
下面是举例一个最简单的svnserver.conf & passwd & authz配置:
启动svn服务器和新建svn用户:
13 | svn 6941 1 0 15:07 ? 00:00:00 svnserve -d –listen-port 9999 -r /data/svn |
额外说明:
su - svn表示以用户svn的身份启动svn
-d表示以daemon方式(后台运行)运行
–listen-port 9999表示使用9999端口,可以换成你需要的端口。但注意,使用1024以下的端口需要root权限
-r /data/svn 指定SVN服务的根目录是/data/svn
通过web方式访问svn有很多方法,请参阅配置websvn或配置bsSvnBrowser的方法。
好了所有配置完成,可以使用客户端SVN进行操作了。
================================================================
============以上介绍SVN版本库完成,下面开始测试=============
================================================================
服务测试方法 1:
04 | [[email protected]]$ svn import /tmp/test/ file:///usr/local/svndata/repos -m "this is thie first import" |
服务测试方法 2:
如果telnet 检查不通,有可能是防火墙(iptables)里面端口没开:
02 | -A RH-Firewall-1-INPUT -p tcp --dport 9999 -j ACCEPT |
11 | <a target="_blank" href="https://www.ancii.com/link/v1/ZDJrTjau5DIk0DxdBKBKCyRukHh7V5irQOd_VFJFImUd00FWfjSTjRQEEoa7wz9q2Ey2FAeeSIBesdUanWj57Q/" rel="nofollow" title="http://blog.chinaunix.net/u/33048/showart_2079175.html">http://blog.chinaunix.net/u/33048/showart_2079175.html</a> |
13 | <a target="_blank" href="https://www.ancii.com/link/v1/jWVlODTSLDHLsyq5k2SWqcUzpZoHXghRKTd5TdUugHj2W1Hl1Vi5_ebrztIvJFm4lZIeCd33C6Lj2r6JYMEZYg/" rel="nofollow" title="http://blog.csdn.net/saiya_kwok/archive/2009/02/20/3914294.aspx">http://blog.csdn.net/saiya_kwok/archive/2009/02/20/3914294.aspx</a> |
