Linux 搭建SVN服务

检查SVN服务版本

svnserve --version

[root@eason ~]# svnserve --version svnserve，版本 1.7.14 (r1542130) 编译于 Sep 30 2020，17:44:04 版权所有 (C) 2013 Apache 软件基金会。 此软件包含了许多人的贡献，请查看文件 NOTICE 以获得更多信息。 Subversion 是开放源代码软件，请参阅 http://subversion.apache.org/ 站点。 下列版本库后端(FS) 模块可用: * fs_base : 模块只能操作BDB版本库。 * fs_fs : 模块与文本文件(FSFS)版本库一起工作。 Cyrus SASL 认证可用。 [root@eason ~]#

如果没有安装，执行安装命令

yum install subversion

建立仓库base文件夹

我这里的位置是 /usr/local/svn

[root@eason svn]# pwd /usr/local/svn

建立仓库

svnadmin create svnrepos

• db目录：就是所有版本控制的数据存放文件
• hooks目录：放置hook脚本文件的目录
• locks目录：用来放置subversion见艰苦锁定数据的目录，用来追踪存取文件库的客户端
• format文件：是一个文本文件，里面只放了一个整数，表示当前文件库配置的版本号
• conf目录：是这个仓库的配置文件（仓库的用户访问账号、权限等）

[root@eason svnrepos]# ll 总用量 24 drwxr-xr-x 2 root root 4096 1月 16 17:51 conf drwxr-sr-x 6 root root 4096 1月 16 18:21 db -r--r--r-- 1 root root 2 1月 16 17:46 format drwxr-xr-x 2 root root 4096 1月 16 17:46 hooks drwxr-xr-x 2 root root 4096 1月 16 17:46 locks -rw-r--r-- 1 root root 229 1月 16 17:46 README.txt [root@eason svnrepos]#

配置仓库

主要配置conf目录下的authz、passwd、和svnserve.conf

配置访问用户名和密码

编辑passwd文件，在最下方加入用户名和密码

### This file is an example password file for svnserve. ### Its format is similar to that of svnserve.conf. As shown in the ### example below it contains one section labelled [users]. ### The name and password for each user follow, one account per line. [users] # harry = harryssecret # sally = sallyssecret admin = 123456

配置访问权限

编辑authz文件，加入下方配置：

[/]
admin = rw
* = r

### This file is an example authorization file for svnserve. ### Its format is identical to that of mod_authz_svn authorization ### files. ### As shown below each section defines authorizations for the path and ### (optional) repository specified by the section name. ### The authorizations follow. An authorization line can refer to: ### - a single user, ### - a group of users defined in a special [groups] section, ### - an alias defined in a special [aliases] section, ### - all authenticated users, using the '$authenticated' token, ### - only anonymous users, using the '$anonymous' token, ### - anyone, using the '*' wildcard. ### ### A match can be inverted by prefixing the rule with '~'. Rules can ### grant read ('r') access, read-write ('rw') access, or no access ### (''). [aliases] # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average [groups] # harry_and_sally = harry,sally # harry_sally_and_joe = harry,sally,&joe # [/foo/bar] # harry = rw # &joe = r # * = # [repository:/baz/fuz] # @harry_and_sally = rw # * = r [/] admin = rw * = r

编辑svnserve.conf文件

放开注释，注意，编辑过程中前方不要留空格

anon-access = read
auth-access = write

password-db = passwd

authz-db = authz

realm = svnrepos

### This file controls the configuration of the svnserve daemon, if you ### use it to allow access to this repository. (If you only allow ### access through http: and/or file: URLs, then this file is ### irrelevant.) ### Visit http://subversion.apache.org/ for more information. [general] ### The anon-access and auth-access options control access to the ### repository for unauthenticated (a.k.a. anonymous) users and ### authenticated users, respectively. ### Valid values are "write", "read", and "none". ### Setting the value to "none" prohibits both reading and writing; ### "read" allows read-only access, and "write" allows complete ### read/write access to the repository. ### The sample settings below are the defaults and specify that anonymous ### users have read-only access to the repository, while authenticated ### users have read and write access to the repository. anon-access = read auth-access = write ### The password-db option controls the location of the password ### database file. Unless you specify a path starting with a /, ### the file's location is relative to the directory containing ### this configuration file. ### If SASL is enabled (see below), this file will NOT be used. ### Uncomment the line below to use the default password file. password-db = passwd ### The authz-db option controls the location of the authorization ### rules for path-based access control. Unless you specify a path ### starting with a /, the file's location is relative to the the ### directory containing this file. If you don't specify an ### authz-db, no path-based access control is done. ### Uncomment the line below to use the default authorization file. authz-db = authz ### This option specifies the authentication realm of the repository. ### If two repositories have the same authentication realm, they should ### have the same password database, and vice versa. The default realm ### is repository's uuid. realm = svnrepos ### The force-username-case option causes svnserve to case-normalize ### usernames before comparing them against the authorization rules in the ### authz-db file configured above. Valid values are "upper" (to upper- ### case the usernames), "lower" (to lowercase the usernames), and ### "none" (to compare usernames as-is without case conversion, which ### is the default behavior). # force-username-case = none [sasl] ### This option specifies whether you want to use the Cyrus SASL ### library for authentication. Default is false. ### This section will be ignored if svnserve is not built with Cyrus ### SASL support; to check, run 'svnserve --version' and look for a line ### reading 'Cyrus SASL authentication is available.' # use-sasl = true ### These options specify the desired strength of the security layer ### that you want SASL to provide. 0 means no encryption, 1 means ### integrity-checking only, values larger than 1 are correlated ### to the effective key length for encryption (e.g. 128 means 128-bit ### encryption). The values below are the defaults. # min-encryption = 0 # max-encryption = 256

重启svn服务

svnserve -d -r /usr/local/svn 表示/usr/local/svn作为根路径

sudo pkill svnserve svnserve -d -r /usr/local/svn

访问测试

如果没开通3690，需要开启放行策略，访问svn地址为：svn://ip/仓库名称，在我这里是svn://39.102.208.xxx/svnrepos