软件:
SVN服务器:subversion
http://subversion.apache.org/packages.html
SVN客户端:TortoiseSVN
http://tortoisesvn.net/downloads.html
一、SVN安装
[root@db ~]# yum -y install subversion
二、配置SVN
新建一个目录用于存放svn的所有文件
[root@db ~]# mkdir /svn
新建一个资源仓库
[root@db ~]# svnadmin create /svn/project
[root@db ~]# ll /svn/project/
total 24
drwxr-xr-x. 2 root root 4096 Aug 18 14:23 conf
drwxr-sr-x. 6 root root 4096 Aug 18 14:23 db
-r--r--r--. 1 root root 2 Aug 18 14:23 format
drwxr-xr-x. 2 root root 4096 Aug 18 14:23 hooks
drwxr-xr-x. 2 root root 4096 Aug 18 14:23 locks
-rw-r--r--. 1 root root 229 Aug 18 14:23 README.txt
各目录用途说明:
hooks目录:放置hook脚本文件的目录
locks目录: 放置subversion的db锁文件
format文件:是一个文本文件,里面只放了一个整数,表示当前文件库配置的版本号
conf目录:这个是仓库的配置文件
配置svn服务的配置文件
[root@db ~]# vim /svn/project/conf/svnserve.conf
[general]
### These options control access to the repository for unauthenticated
### and authenticated users. Valid values are "write", "read",
### and "none". The sample settings below are the defaults.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = /svn/project/conf/passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = /svn/project/conf/authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
realm = My Test Repository
添加访问用户及密码
vi /svn/project/conf/passwd [users] test1 = 123456 test2 = 123456
配置新用户的授权文件
[root@db ~]# vim /svn/project/conf/authz
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
admin = admin
user = test1,test2
# [/foo/bar]
# harry = rw
# &joe = r
# * =
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
[/]
@admin = rw
@user = r
* =
(
[<版本库>:/项目/目录]
@<用户组名> = <权限>
<用户名> = <权限>
/ 表示对根目录(即/svn/project目录)下的所有子目录范围设置权限;
[/abc] 表示对资料库中abc项目设置权限;
创建一个admin组,组成员包括xiaoran.shen和test1
创建一个user组,成员只有test2;
admin组对目录有读写权限;
单个用户test2有读写权限;
*=表示除了上面设置的权限用户组以外,其他所有用户都设置空权限,空权限表示禁止访问本目录,这很重要一定要加上。
)
启用svn服务并且iptables放行3690
[root@db ~]# svnserve -d -r /svn/project/
[root@db ~]# vim /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3690 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@db ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]