centos7搭建svn服务器及客户端设置

linux  /  管理员 发布于 1年前   333

centos7搭建svn服务器及客户端设置

centos7貌似预装了svn服务（有待确认），因此我们直接启动该服务即可

一、svn服务端配置（服务器IP假设为192.168.100.1）

步骤1：创建存放代码库目录

mkdir -p /var/svn

步骤2：启动svn服务

svnserve -d -r /var/svn

步骤3：创建代码库something

[root@model ~]# cd /var/svn

[root@model svn]# svnadmin create something

[root@model svn]# cd something

[root@model something]# ls

conf  db  format  hooks  locks  README.txt

[root@model something]# cd conf

[root@model conf]# ls

authz  passwd  svnserve.conf

步骤4：配置svnserve.conf文件

[root@model conf]# vi svnserve.conf

### This file controls the configuration of the svnserve daemon, if you

### use it to allow access to this repository.  (If you only allow

### access through http: and/or file: URLs, then this file is

### irrelevant.)

### Visit http://subversion.apache.org/ for more information.

[general]

### The anon-access and auth-access options control access to the

### repository for unauthenticated (a.k.a. anonymous) users and

### authenticated users, respectively.

### Valid values are "write", "read", and "none".

### Setting the value to "none" prohibits both reading and writing;

### "read" allows read-only access, and "write" allows complete

### read/write access to the repository.

### The sample settings below are the defaults and specify that anonymous

### users have read-only access to the repository, while authenticated

### users have read and write access to the repository.

# anon-access = read

# auth-access = write

anon-access = none

auth-access = write

### The password-db option controls the location of the password

### database file.  Unless you specify a path starting with a /,

### the file's location is relative to the directory containing

### this configuration file.

### If SASL is enabled (see below), this file will NOT be used.

### Uncomment the line below to use the default password file.

# password-db = passwd

password-db = passwd

### The authz-db option controls the location of the authorization

### rules for path-based access control.  Unless you specify a path

### starting with a /, the file's location is relative to the the

### directory containing this file.  If you don't specify an

### authz-db, no path-based access control is done.

### Uncomment the line below to use the default authorization file.

# authz-db = authz

authz-db = authz

### This option specifies the authentication realm of the repository.

### If two repositories have the same authentication realm, they should

### have the same password database, and vice versa.  The default realm

### is repository's uuid.

# realm = My First Repository

#此选项指定的库的认证领域

raalm = /var/svn/something

### The force-username-case option causes svnserve to case-normalize

### usernames before comparing them against the authorization rules in the

### authz-db file configured above.  Valid values are "upper" (to upper-

### case the usernames), "lower" (to lowercase the usernames), and

### "none" (to compare usernames as-is without case conversion, which

### is the default behavior).

# force-username-case = none

[sasl]

### This option specifies whether you want to use the Cyrus SASL

### library for authentication. Default is false.

### This section will be ignored if svnserve is not built with Cyrus

### SASL support; to check, run 'svnserve --version' and look for a line

### reading 'Cyrus SASL authentication is available.'

# use-sasl = true

### These options specify the desired strength of the security layer

### that you want SASL to provide. 0 means no encryption, 1 means

### integrity-checking only, values larger than 1 are correlated

"svnserve.conf" 71L, 3173C written

步骤5：配置passwd文件

[root@model conf]# vi passwd

### This file is an example password file for svnserve.

### Its format is similar to that of svnserve.conf. As shown in the

### example below it contains one section labelled [users].

### The name and password for each user follow, one account per line.

[users]

# harry = harryssecret

# sally = sallyssecret

user = 123456

"passwd" 11L, 326C written

步骤6：配置authz文件

[root@model conf]# vi authz

### This file is an example authorization file for svnserve.

### Its format is identical to that of mod_authz_svn authorization

### files.

### As shown below each section defines authorizations for the path and

### (optional) repository specified by the section name.

### The authorizations follow. An authorization line can refer to:

###  - a single user,

###  - a group of users defined in a special [groups] section,

###  - an alias defined in a special [aliases] section,

###  - all authenticated users, using the '$authenticated' token,

###  - only anonymous users, using the '$anonymous' token,

###  - anyone, using the '*' wildcard.

###

### A match can be inverted by prefixing the rule with '~'. Rules can

### grant read ('r') access, read-write ('rw') access, or no access

### ('').

[aliases]

# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average

[groups]

# harry_and_sally = harry,sally

# harry_sally_and_joe = harry,sally,&joe

admin = user

# [/foo/bar]

# harry = rw

# &joe = r

# * =

[/]

user = rw

# [repository:/baz/fuz]

# @harry_and_sally = rw

# * = r

[something:/]

@admin = rw

"authz" 35L, 1093C written

此处的意思是用户usr_0对目录[/]（代码库something的根目录）下的所有文件，具有读（r）和写（w）的权限

步骤7：关闭防火墙及防火墙开机自启动

systemctl stop firewalld.service

systemctl disable firewalld.service

至此，svn服务端配置完毕

二、svn客户端配置（客户端IP假设为192.168.100.2）

步骤1：关闭防火墙

[root@localhost svn]# systemctl stop firewalld.service

[root@localhost svn]# systemctl disable firewalld.service

Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

步骤2：创建客户端svn上提取文件存放目录

[root@localhost /]# mkdir /svn

步骤3：登录svn服务器并检出something库中的文件

[root@localhost svn]# svn co --username user --password 123456 svn://192.168.100.1/something

-----------------------------------------------------------------------

注意!  你的密码，对于认证域:

   <svn://192.168.100.1:3690> /var/svn/something

只能明文保存在磁盘上!  如果可能的话，请考虑配置你的系统，让 Subversion

可以保存加密后的密码。请参阅文档以获得详细信息。你可以通过在“/root/.subversion/servers”中设置选项“store-plaintext-passwords”为“yes”或“no”，

来避免再次出现此警告。

-----------------------------------------------------------------------

保存未加密的密码(yes/no)?n

A    something/package

A    something/package/apache-maven-3.5.0-bin.tar.gz

A    something/package/mysql-5.6.37-linux-glibc2.12-x86_64.tar.gz

A    something/package/jdk-8u141-linux-x64.gz

A    something/package/apache-tomcat-7.0.79.tar.gz

取出版本 6。

[root@localhost svn]# ls

something

更新svn版本库

[root@localhost package]# 

[root@localhost package]# 

[root@localhost package]# svn up /svn/something

正在升级 '/svn/something':

认证领域: <svn://192.168.100.1:3690> /var/svn/something

“user”的密码: 

-----------------------------------------------------------------------

注意!  你的密码，对于认证域:

   <svn://192.168.100.1:3690> /var/svn/something

只能明文保存在磁盘上!  如果可能的话，请考虑配置你的系统，让 Subversion

可以保存加密后的密码。请参阅文档以获得详细信息。

你可以通过在“/root/.subversion/servers”中设置选项“store-plaintext-passwords”为“yes”或“no”，

来避免再次出现此警告。

-----------------------------------------------------------------------

保存未加密的密码(yes/no)?n

D    jenkins.war

更新到版本 7。