軟件:
SVN服務器:subversion
http://subversion.apache.org/packages.html
SVN客戶端:TortoiseSVN
http://tortoisesvn.net/downloads.html
一、SVN安裝
[root@db ~]# yum -y install subversion
二、配置SVN
新建一個目錄用於存放svn的所有文件
[root@db ~]# mkdir /svn
新建一個資源倉庫
[root@db ~]# svnadmin create /svn/project
[root@db ~]# ll /svn/project/
total 24
drwxr-xr-x. 2 root root 4096 Aug 18 14:23 conf
drwxr-sr-x. 6 root root 4096 Aug 18 14:23 db
-r--r--r--. 1 root root 2 Aug 18 14:23 format
drwxr-xr-x. 2 root root 4096 Aug 18 14:23 hooks
drwxr-xr-x. 2 root root 4096 Aug 18 14:23 locks
-rw-r--r--. 1 root root 229 Aug 18 14:23 README.txt
各目錄用途說明:
hooks目錄:放置hook腳本文件的目錄
locks目錄: 放置subversion的db鎖文件
format文件:是一個文本文件,裏面只放了一個整數,表示當前文件庫配置的版本號
conf目錄:這個是倉庫的配置文件
配置svn服務的配置文件
[root@db ~]# vim /svn/project/conf/svnserve.conf
[general]
### These options control access to the repository for unauthenticated
### and authenticated users. Valid values are "write", "read",
### and "none". The sample settings below are the defaults.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = /svn/project/conf/passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = /svn/project/conf/authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
realm = My Test Repository
添加訪問用戶及密碼
vi /svn/project/conf/passwd [users] test1 = 123456 test2 = 123456
配置新用戶的授權文件
[root@db ~]# vim /svn/project/conf/authz
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
[groups]
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
admin = admin
user = test1,test2
# [/foo/bar]
# harry = rw
# &joe = r
# * =
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
[/]
@admin = rw
@user = r
* =
(
[<版本庫>:/項目/目錄]
@<用戶組名> = <權限>
<用戶名> = <權限>
/ 表示對根目錄(即/svn/project目錄)下的所有子目錄範圍設置權限;
[/abc] 表示對資料庫中abc項目設置權限;
創建一個admin組,組成員包括xiaoran.shen和test1
創建一個user組,成員只有test2;
admin組對目錄有讀寫權限;
單個用戶test2有讀寫權限;
*=表示除了上面設置的權限用戶組以外,其他所有用戶都設置空權限,空權限表示禁止訪問本目錄,這很重要一定要加上。
)
啓用svn服務並且iptables放行3690
[root@db ~]# svnserve -d -r /svn/project/
[root@db ~]# vim /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3690 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@db ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]