SVN

最新推荐文章于 2024-08-01 16:21:06 发布

komeiming

最新推荐文章于 2024-08-01 16:21:06 发布

阅读量122

点赞数

分类专栏： ubuntu 文章标签： SVN subversion Access Ubuntu Apache

ubuntu 专栏收录该内容

14 篇文章

订阅专栏

sudo apt-get install subversion libapache2-svn

sudo svnadmin create /svn

$ sudo chown -R root:subversion svn

$ sudo chmod -R g+rws svn

sudo gedit /etc/apache2/mods-enabled/dav_svn.conf
# dav_svn.conf - Example Subversion/Apache configuration
#
# For details and further options see the Apache user manual and
# the Subversion book.
#
# NOTE: for a setup with multiple vhosts, you will want to do this
# configuration in /etc/apache2/sites-available/*, not here.

# <Location URL> ... </Location>
# URL controls how the repository appears to the outside world.
# In this example clients access the repository as http://hostname/svn/
# Note, a literal /svn should NOT exist in your document root.
<Location /svn>

# Uncomment this to enable the repository
DAV svn

# Set this to the path to your repository
SVNParentPath /svn
# Alternatively, use SVNParentPath if you have multiple repositories under
# under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
# You need either SVNPath and SVNParentPath, but not both.
#SVNParentPath /svn

# Access control is done at 3 levels: (1) Apache authentication, via
# any of several methods. A "Basic Auth" section is commented out
# below. (2) Apache <Limit> and <LimitExcept>, also commented out
# below. (3) mod_authz_svn is a svn-specific authorization module
# which offers fine-grained read/write access control for paths
# within a repository. (The first two layers are coarse-grained; you
# can only enable/disable access to an entire repository.) Note that
# mod_authz_svn is noticeably slower than the other two layers, so if
# you don't need the fine-grained control, don't configure it.

# Basic Authentication is repository-wide. It is not secure unless
# you are using https. See the 'htpasswd' command to create and
# manage the password file - and the documentation for the
# 'auth_basic' and 'authn_file' modules, which you will need for this
# (enable them with 'a2enmod').
   AuthType Basic
    AuthName "Subversion Repository"
    #AuthUserFile /etc/apache2/dav_svn.passwd
    AuthUserFile /svn/svn1/conf/passwd
# To enable authorization via mod_authz_svn
# AuthzSVNAccessFile /etc/apache2/dav_svn.authz
# AuthzSVNAccessFile /svn/svn1/conf/authz

# The following three lines allow anonymous read, but make
# committers authenticate themselves. It requires the 'authz_user'
# module (enable it with 'a2enmod').
<LimitExcept GET PROPFIND OPTIONS REPORT>
    Require valid-user
</LimitExcept>

</Location>

The DAV line needs to be uncommented to enable the dav module

# Uncomment this to enable the repository,
DAV svn

The SVNPath line should be set to the same place your created the repository with the svnadmin command.

# Set this to the path to your repository
SVNPath /svn

The next section will let you turn on authentication. This is just basic authentication, so don't consider it extremely secure. The password file will be located where the AuthUserFile setting sets it to… probably best to leave it at the default.

# Uncomment the following 3 lines to enable Basic Authentication
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/apache2/dav_svn.passwd

To create a user on the repository use, the following command:

sudo htpasswd2 -cm /etc/apache2/dav_svn.passwd geek
New password:
Re-type new password:
Adding password for user geek

This installs the apache2-mpm-worker package, which is now preferred over the older apache2-mpm-prefork
apt-get install apache2 apache2-doc file lynx

sudo /etc/init.d/apache2 restart

svn co
svn ci

svn update

If you want to add new files to the repository::

svn add [filename]

To get a status of which files have changed::

svn stat
SubVersion for local repositories

Ubuntu feisty中的apache2安装包有BUG，安装后缺少apache2-ssl-certificate命令，这样如果我们要启用apache的ssl服务，就生成不了站点证书
可以通过自己编译apache2源码来安装，安装方法如下：

wget http://librarian.launchpad.net/6917265/files.tar
tar xvf files.tar

然后安装Apache2 deb源代码及相关编译依赖包，然后编译安装apache2：

sudo apt-get build-dep apache2
sudo apt-get source -d apache2
dpkg-source -x apache2_2.2.3-3.2build1.dsc
cd apache2-2.2.3
fakeroot debian/rules binary(如果没有安装fakeroot，请先安装）
sudo dpkg -i ../*.deb（您也可以选择性的安装您需要的Apache2 deb包)

如果您不愿自己编译，可以到这里下载编译好的Apache2 Deb包。

这样安装的apache2包含完整的工具，下面我们来配置Apache2 ssl支持：

先生成站点证书：

sudo apache2-ssl-certificate -days 365

接着启用Apache2 的ssl模块：

sudo a2enmod ssl

增加ssl端口443监听：

echo "Listen 443" | sudo tee -a /etc/apache2/ports.conf

创建并启用ssl站点：

sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-available/ssl
sudo gedit /etc/apache2/sites-available/ssl

修改其内容，设定对应端口，启用ssl，指定站点证书文件位置等，修改后类似如下：

NameVirtualHost *:443
 *:443>
        ServerAdmin webmaster@localhost
 
        SSLEngine On
        SSLCertificateFile /etc/apache2/ssl/apache.pem
 
        DocumentRoot /var/www/
         />
                Options FollowSymLinks
                AllowOverride None
        >
 
         /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
                # This directive allows us to have apache2's default start page
                # in /apache2-default/, but still have / go to the right place
                # Commented out for Ubuntu
                #RedirectMatch ^/$ /apache2-default/
        >
 
        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
         "/usr/lib/cgi-bin">
                AllowOverride None
                Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        >
 
        ErrorLog /var/log/apache2/error.log
 
        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn
 
        CustomLog /var/log/apache2/access.log combined
        ServerSignature On
 
    Alias /doc/ "/usr/share/doc/"
     "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    >
 
>

修改default站点配置，指定其端口为80：

sudo gedit /etc/apache2/sites-available/default

将其内容前面两行修改为：

NameVirtualHost *:80
80>

然后启用上面配置的ssl站点：

sudo a2ensite ssl

启动Apache2：

sudo /etc/init.d/apache2 start

大功告成，现在您可以使用https://127.0.0.1测试服务是否正常启动，也可以使用以下命令查看apache ssl服务是否启动：

netstat -na|grep :443

正常的话您应该可以看到如下的输入：

tcp6       0      0 :::443                  :::*                    LISTEN

建立控制用户访问权限的文件svn-access-filename
[svn1:/]               //这表示，仓库svn1的根目录下的访问权限
harry = rw             // svn1仓库harry用户具有读和写权限
sally = r               // svn1仓库sally用户具有读权限
[svn2:/]               //svn2仓库根目录下的访问权限
harry = r               // harry用户在svn2仓库根目录下只有读权限
sally =               // sally用户在 svn2仓库根目录下无任何权限
[svn2:/src]           //svn2仓库下src目录的访问权限
harry=rw
sally=r
[/]                  // 这个表示在所有仓库的根目录下
* = r               // 这个表示对所有的用户都具有读权限
[groups]               // 这个表示群组设置
svn1-developers = harry, sally           // 这个表示某群组里的成员
svn2-developers = sally
[svn1:/]
@svn1-developers = rw       // 如果在前面加上@符号，则表示这是个群组权限设置

然后修改httpd.conf配置：
<Location /svn>
DAV svn
SVNParentPath /svn
AuthType Basic
AuthName “Subversion repository”
AuthUserFile /svn-auth-filename （保存用户名和密码）
Require valid-user
AuthzSVNAccessFile /svn-access-filename（保存用户访问的权限策略）
</Location>