Centos 5.5 配备独立的 Subversion 1.6.12 (SVN)服务器
Centos 5.5 配置独立的 Subversion 1.6.12 (SVN)服务器
subversion(以下简称svn)是近年来崛起的版本管理工具,是cvs的接班人。
svn服务器有2种运行方式:
1. 独立服务器
2. 借助apache。
二种方式各有利弊,可以根据自己的需要进行配置,我不需要Http进行访问,只需要客户端可以Commit & update 就可以,下面是我选择的第一种方式-独立的SVN服务器。
svn存储版本数据也有2种方式:
1. BDB
2. FSFS。
因为BDB方式在服务器中断时,有可能锁住数据(朋友在搞ldap时就深受其害,没法根治),所以还是FSFS方式更安全一点,我也选择这种方式。
我的系统环境:Centos-5.5 + Php-5.3.3 + Nginx-0.8.49 + Mysql-5.5.5m3+subersion-1.6.12
================================================================
============ 以上介绍系统完成,下面开始SVN安装 ==============
================================================================
获取svn安装包,直接切换到root用户进行所有操作:
最新版下载地址:http://subversion.apache.org/
直接到下载页面:http://svn.haxx.se/dev/archive-2010-06/0320.shtml
1 |
[root@hexu.org]$ wget "http://subversion.tigris.org/downloads/subversion-1.6.12.tar.gz"
|
2 |
[root@hexu.org]$ wget "http://subversion.tigris.org/downloads/subversion-deps-1.6.12.tar.gz"
|
下载完成之后,开始编译:
1 |
[root@hexu.org]$ tar xfvz subversion-1.6.12.tar.gz
|
2 |
[root@hexu.org]$ tar xfvz subversion-deps-1.6.12.tar.gz
|
3 |
[root@hexu.org]$ cd subversion-1.6.12
|
4 |
[root@hexu.org]$ ./configure -–prefix=/usr/local/svn -–without-berkeley-db
|
注:以svnserve方式运行,不加apache编译参数。以fsfs格式存储版本库,不编译berkeley-db
如果最后出现下面WARNING,我们直接忽略即可。因为不使用BDB存储。
configure: WARNING: we have configured without BDB filesystem support You don't seem to have Berkeley DB version 4.0.14 or newer installed and linked to APR-UTIL. We have created Makefiles which will build without the Berkeley DB back-end; your repositories will use FSFS as the default back-end. You can find the latest version of Berkeley DB here: http://www.sleepycat.com/download/index.shtml
编译完成之后,开始安装:
1 |
[root@hexu.org]$ make && make install
|
如果 make install 出现下面错误:
error while loading shared libraries: libiconv.so.2: cannot open shared object file: No such file or directory
解决办法:
01 |
#1、编辑/etc/ld.so.conf文件: |
02 |
[root@hexu.org]$ vi /etc/ld.so.conf
|
03 |
# 添加下面一行
|
04 |
/usr/local/lib
|
05 |
06 |
#2、保存后运行ldconfig。 |
07 |
[root@hexu.org]$ /sbin/ldconfig |
08 |
09 |
#3、再重新运行make install 问题得到解决。 |
10 |
[root@hexu.org]$ make install
|
11 |
12 |
#注:ld.so.conf和ldconfig用于维护系统动态链接库 |
测试是否安装成功:
1 |
[root@hexu.org]$ /usr/local/svn/bin/svnserve --version
|
如果显示如下,svn安装成功:
svnserve, version 1.6.12 (r955767) compiled Sep 1 2010, 01:36:17 Copyright (C) 2000-2009 CollabNet. Subversion is open source software, see http://subversion.tigris.org/ This product includes software developed by CollabNet (http://www.Collab.Net/). The following repository back-end (FS) modules are available: * fs_fs : Module for working with a plain file (FSFS) repository. Cyrus SASL authentication is available.
================================================================
============ 为了方便下操作,下面将SVN的BIN添加到PATH ====================
================================================================
在/etc/profile最后加入 SVN Path 以方便操作:
01 |
#1、编辑/etc/profile文件,添加PATH |
02 |
[root@hexu.org]$ vi /etc/profile
|
03 |
#比如像下面这样添加: |
04 |
PATH=/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/svn/bin:$PATH
|
05 |
06 |
#添加完成执行,马上生效: |
07 |
[root@hexu.org]$ source /etc/profile
|
08 |
09 |
#测试查看设置是否成功 |
10 |
[root@hexu.org]$ echo $PATH
|
11 |
/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/svn/bin:......
|
12 |
#上面已经包含了“/usr/local/svn/bin”,说明已经成功。 |
更多详细介绍可参考:http://blog.hexu.org/archives/647.shtml
================================================================
============ 以上安装完成,下面开始建立SVN版本库 =============
================================================================
svn版本库可建多个比如:repos,repos1,repos2….:
新建目录和初始化版本库:
1 |
#新建SVN存放数据文件的版本库目录 |
2 |
[root@hexu.org]$ mkdir -p /data/svn/repos
|
3 |
4 |
#初始化版本库,生成相关配置文件: |
5 |
[root@hexu.org]$ svnadmin create /data/svn/repos |
初始化版本库完成,开始设置配置svnserve.conf:
01 |
[root@hexu.org]$ vi /data/svn/repos/conf/svnserve.conf
|
02 |
### This file controls the configuration of the svnserve daemon, if you |
03 |
### use it to allow access to this repository. (If you only allow |
04 |
### access through http: and/or file: URLs, then this file is |
05 |
### irrelevant.) |
06 |
07 |
### Visit http://subversion.tigris.org/ for more information. |
08 |
09 |
[general] |
10 |
### These options control access to the repository for unauthenticated |
11 |
### and authenticated users. Valid values are "write", "read", |
12 |
### and "none". The sample settings below are the defaults. |
13 |
anon-access = none # 注意这里必须设置,否则所有用户不用密码就可以访问
|
14 |
auth-access = write |
15 |
### The password-db option controls the location of the password |
16 |
### database file. Unless you specify a path starting with a /, |
17 |
### the file's location is relative to the directory containing |
18 |
### this configuration file. |
19 |
### If SASL is enabled (see below), this file will NOT be used. |
20 |
### Uncomment the line below to use the default password file. |
21 |
password-db = passwd
|
22 |
### The authz-db option controls the location of the authorization |
23 |
### rules for path-based access control. Unless you specify a path |
24 |
### starting with a /, the file's location is relative to the the |
25 |
### directory containing this file. If you don't specify an |
26 |
### authz-db, no path-based access control is done. |
27 |
### Uncomment the line below to use the default authorization file. |
28 |
authz-db = authz |
29 |
### This option specifies the authentication realm of the repository. |
30 |
### If two repositories have the same authentication realm, they should |
31 |
### have the same password database, and vice versa. The default realm |
32 |
### is repository's uuid. |
33 |
realm = repos |
34 |
[sasl] |
35 |
### This option specifies whether you want to use the Cyrus SASL |
36 |
### library for authentication. Default is false. |
37 |
### This section will be ignored if svnserve is not built with Cyrus |
38 |
### SASL support; to check, run 'svnserve --version' and look for a line |
39 |
### reading 'Cyrus SASL authentication is available.' |
40 |
# use-sasl = true |
41 |
### These options specify the desired strength of the security layer |
42 |
### that you want SASL to provide. 0 means no encryption, 1 means |
43 |
### integrity-checking only, values larger than 1 are correlated |
44 |
### to the effective key length for encryption (e.g. 128 means 128-bit |
45 |
### encryption). The values below are the defaults. |
46 |
# min-encryption = 0 |
47 |
# max-encryption = 256 |
注意:对用户配置文件的修改立即生效,不必重启svn。
初始化版本库完成,开始设置passwd 用户账号信息:
01 |
[root@hexu.org]$ vi /data/svn/repos/conf/passwd.
|
02 |
### This file is an example password file for svnserve. |
03 |
### Its format is similar to that of svnserve.conf. As shown in the |
04 |
### example below it contains one section labelled [users]. |
05 |
### The name and password for each user follow, one account per line. |
06 |
# 在下面添加用户和密码,每行一组 username = password |
07 |
[users]
|
08 |
# harry = harryssecret |
09 |
# sally = sallyssecret |
10 |
tiboo = password1 |
11 |
olinux = password2 |
初始化版本库完成,开始设置authz 用户访问权限:
01 |
### This file is an example authorization file for svnserve. |
02 |
### Its format is identical to that of mod_authz_svn authorization |
03 |
### files. |
04 |
### As shown below each section defines authorizations for the path and |
05 |
### (optional) repository specified by the section name. |
06 |
### The authorizations follow. An authorization line can refer to: |
07 |
### - a single user, |
08 |
### - a group of users defined in a special [groups] section, |
09 |
### - an alias defined in a special [aliases] section, |
10 |
### - all authenticated users, using the '$authenticated' token, |
11 |
### - only anonymous users, using the '$anonymous' token, |
12 |
### - anyone, using the '*' wildcard. |
13 |
### |
14 |
### A match can be inverted by prefixing the rule with '~'. Rules can |
15 |
### grant read ('r') access, read-write ('rw') access, or no access |
16 |
### (''). |
17 |
18 |
[aliases] |
19 |
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average |
20 |
21 |
# [groups] |
22 |
# harry_and_sally = harry,sally |
23 |
# harry_sally_and_joe = harry,sally,&joe |
24 |
25 |
# [/foo/bar] |
26 |
# harry = rw |
27 |
# &joe = r |
28 |
# * = |
29 |
30 |
# [repository:/baz/fuz] |
31 |
# @harry_and_sally = rw |
32 |
# * = r |
33 |
#### ==================== 下面我新加的 ==================== ### |
34 |
[groups]
|
35 |
grp_hexu = tiboo, olinux # grp_hexu 组包括两个用户tiboo, olinux
|
36 |
37 |
[/] |
38 |
tiboo = # tiboo对根目录没有任何权限
|
39 |
olinux = rw # olinux对根目录有读写权限
|
40 |
41 |
[repos:/hexu.org] # 对repos仓库的hexu.org项目进行权限 限制
|
42 |
@grp_hexu = rw # 限制grp_hexu 组对hexu.org项目有读写权限
|
43 |
olinux = # 限制olinux所有权限,其它用户有读写权限
|
44 |
45 |
[repos:/test.org] # 对repos仓库的test.org项目进行权限 限制
|
46 |
@grp_hexu = rw # 限制grp_hexu 组对test.org项目有读写权限
|
47 |
olinux= r # 限制olinux只有读权限,其它用户有读写权限
|
其中,1个用户组可以包含1个或多个用户,用户间以逗号分隔。
下面是举例一个最简单的svnserver.conf & passwd & authz配置:
01 |
## svnserver.conf 配置 |
02 |
[root@hexu.org]$ vi /data/svn/repos/conf/svnserve.conf
|
03 |
[general] |
04 |
anon-access = none |
05 |
auth-access = write |
06 |
password-db = passwd
|
07 |
authz-db = authz |
08 |
realm = repos |
09 |
10 |
## passwd 配置 |
11 |
[root@hexu.org]$ vi /data/svn/repos/conf/passwd
|
12 |
[users]
|
13 |
#user1 = password1 |
14 |
#user2 = password2 |
15 |
olinux = olinux |
16 |
17 |
## authz 配置 |
18 |
[root@hexu.org]$ vi /data/svn/repos/conf/authz
|
19 |
[aliases] |
20 |
[groups]
|
21 |
[/] |
22 |
olinux = rw |
启动svn服务器和新建svn用户:
01 |
# 以SVN身份运行,新建用户: |
02 |
[root@hexu.org]$ useradd svn
|
03 |
04 |
#设置SVN版本库的用户和组: |
05 |
[root@hexu.org]$ chown -R svn:svn /data/svn
|
06 |
07 |
#启动svn: |
08 |
[root@hexu.org]$ su - svn -c "svnserve -d --listen-port 9999 -r /data/svn"
|
09 |
10 |
#检查是否启动: |
11 |
[root@hexu.org]$ps -ef|grep svn
|
12 |
#如果显示如下,即为启动成功: |
13 |
svn 6941 1 0 15:07 ? 00:00:00 svnserve -d –listen-port 9999 -r /data/svn |
额外说明:
su - svn表示以用户svn的身份启动svn -d表示以daemon方式(后台运行)运行 –listen-port 9999表示使用9999端口,可以换成你需要的端口。但注意,使用1024以下的端口需要root权限 -r /data/svn 指定SVN服务的根目录是/data/svn
通过web方式访问svn有很多方法,请参阅配置websvn或配置bsSvnBrowser的方法。
好了所有配置完成,可以使用客户端SVN进行操作了。
================================================================
============ 以上介绍SVN版本库完成,下面开始测试 =============
================================================================
服务测试方法 1:
view source
print?
01 |
[root@hexu.org]$ cd /tmp
|
02 |
[root@hexu.org]$ mkdir test
|
03 |
[root@hexu.org]$ touch test.txt
|
04 |
[root@hexu.org]$ svn import /tmp/test/ file:///usr/local/svndata/repos -m "this is thie first import"
|
05 |
[root@hexu.org]$ mkdir -p /tmp/test2
|
06 |
[root@hexu.org]$ cd /tmp/test2
|
07 |
[root@hexu.org]$ svn co file:///usr/local/svndata/repos /tmp/test2/
|
08 |
#或者: |
09 |
[root@hexu.org]$ svn co svn://{your-server-ip}:9999/repos/ |
10 |
11 |
#这时应该可以看到文件test.txt. |
服务测试方法 2:
1 |
[root@hexu.org]$ telnet {your-server-ip} 9999 检查端口是不是通的 |
如果telnet 检查不通,有可能是防火墙(iptables)里面端口没开:
01 |
[root@hexu.org]$ vi /etc/sysconfig/iptables
|
02 |
-A RH-Firewall-1-INPUT -p tcp --dport 9999 -j ACCEPT |
03 |
04 |
#保存完成,重启 iptables |
05 |
[root@hexu.org]$ /etc/init.d/iptables restart |
06 |
#或 |
07 |
[root@hexu.org]$ service iptables restart |
08 |
09 |
有关权限设置可以参考: |
10 |
11 |
http://blog.chinaunix.net/u/33048/showart_2079175.html |
12 |
13 |
http://blog.****.net/saiya_kwok/archive/2009/02/20/3914294.aspx |