308 lines
10 KiB
Markdown
308 lines
10 KiB
Markdown
|
---
|
|||
|
|
title: CentOS7 安装 SVN
|
|||
|
|
date: 2023-01-07
|
|||
|
|
author: ac
|
|||
|
|
tags:
|
|||
|
|
- svn
|
|||
|
|
categories:
|
|||
|
|
- DevOps
|
|||
|
|
---
|
|||
|
|
|
|||
|
|
### 1.安装服务
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
sudo yum install subversion
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
这条命令用来安装 `subversion` 软件包,该软件包同时包含服务端和客户端程序。
|
|||
|
|
|
|||
|
|
安装完成后,机器上会多出 `svn` ,`svnadmin`,`svnserve` 等命令。
|
|||
|
|
|
|||
|
|
- `svn` 是`subversion`的客户端命令行工具;
|
|||
|
|
- `svnadmin` 和 `svnserve` 是服务端程序命令;
|
|||
|
|
|
|||
|
|
可以执行 `svn` 命令说明安装成功。
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos ~]# svn --version
|
|||
|
|
svn, version 1.7.14 (r1542130)
|
|||
|
|
compiled Sep 30 2020, 17:44:04
|
|||
|
|
|
|||
|
|
Copyright (C) 2013 The Apache Software Foundation.
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
安装过程会在背后处理很多事情,其中一个就是“注册”了subversion服务,只不过是处于禁用状态。
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos ~]# systemctl list-unit-files --all | grep svn
|
|||
|
|
svnserve.service disabled
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
简单分析一下这个服务。
|
|||
|
|
|
|||
|
|
1. `centos` 使用 `systemd` 作为 `init` 进程,它是个大管家。一个系统服务就是特定位置的一个 `.service` 文件。
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos sysconfig]# systemctl show svnserve.service | grep Path
|
|||
|
|
FragmentPath=/usr/lib/systemd/system/svnserve.service
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
所以 subversion 服务对应的文件就是`/usr/lib/systemd/system/svnserve.service`。
|
|||
|
|
|
|||
|
|
2. 查看 `svnserve.service`文件。
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos sysconfig]# cat /usr/lib/systemd/system/svnserve.service
|
|||
|
|
[Unit]
|
|||
|
|
Description=Subversion protocol daemon
|
|||
|
|
After=syslog.target network.target
|
|||
|
|
|
|||
|
|
[Service]
|
|||
|
|
Type=forking
|
|||
|
|
EnvironmentFile=/etc/sysconfig/svnserve
|
|||
|
|
ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS
|
|||
|
|
|
|||
|
|
[Install]
|
|||
|
|
WantedBy=multi-user.target
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
`svnserve.service`文件解析:
|
|||
|
|
|
|||
|
|
- `[Service]` 表明这是一个系统服务
|
|||
|
|
|
|||
|
|
- `ExecStart` 给出启动服务的命令
|
|||
|
|
|
|||
|
|
- `EnvironmentFile` 设置环境变量的配置文件地址,查看配置文件:
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos sysconfig]# cat /etc/sysconfig/svnserve
|
|||
|
|
# OPTIONS is used to pass command-line arguments to svnserve.
|
|||
|
|
#
|
|||
|
|
# Specify the repository location in -r parameter:
|
|||
|
|
OPTIONS="-r /var/svn"
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
所以启动服务实际执行的命令就会是:
|
|||
|
|
`/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid -r /var/svn`
|
|||
|
|
这里的` -r /var/svn `是指定了 `svn` 服务存放仓库的路径。
|
|||
|
|
一个 `svn` 服务可以同时管理多个仓库,每个仓库就是 `/var/svn` 下的一个子目录。
|
|||
|
|
**安装 `svn` 不会自动创建这个目录,所以需要手动创建。**
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
### 2.创建存放仓库
|
|||
|
|
|
|||
|
|
手动创建 `/var/svn` 目录,创建仓库 `reptest` :
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos repositories]# mkdir -p /var/svn
|
|||
|
|
[root@VM-8-4-centos repositories]# pth=/var/svn/reptest
|
|||
|
|
[root@VM-8-4-centos repositories]# svnadmin create $pth
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
`svnadmin` 是服务端辅助管理工具,它可以创建空仓库。
|
|||
|
|
项目中使用的仓库一般有 `trunk/`,` tags/`, `branches/ `三个子目录。这里只简单创建空的目录。
|
|||
|
|
|
|||
|
|
### 3.配置账号
|
|||
|
|
|
|||
|
|
每个仓库下都有 `conf/svnserve.conf` 文件,它是所在仓库的主配置文件。
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos conf]# cat svnserve.conf
|
|||
|
|
### This file controls the configuration of the svnserve daemon, if you
|
|||
|
|
### use it to allow access to this repository. (If you only allow
|
|||
|
|
### access through http: and/or file: URLs, then this file is
|
|||
|
|
### irrelevant.)
|
|||
|
|
|
|||
|
|
### Visit http://subversion.apache.org/ for more information.
|
|||
|
|
|
|||
|
|
[general]
|
|||
|
|
### The anon-access and auth-access options control access to the
|
|||
|
|
### repository for unauthenticated (a.k.a. anonymous) users and
|
|||
|
|
### authenticated users, respectively.
|
|||
|
|
### Valid values are "write", "read", and "none".
|
|||
|
|
### Setting the value to "none" prohibits both reading and writing;
|
|||
|
|
### "read" allows read-only access, and "write" allows complete
|
|||
|
|
### read/write access to the repository.
|
|||
|
|
### The sample settings below are the defaults and specify that anonymous
|
|||
|
|
### users have read-only access to the repository, while authenticated
|
|||
|
|
### users have read and write access to the repository.
|
|||
|
|
# anon-access = read
|
|||
|
|
# auth-access = write
|
|||
|
|
### The password-db option controls the location of the password
|
|||
|
|
### database file. Unless you specify a path starting with a /,
|
|||
|
|
### the file's location is relative to the directory containing
|
|||
|
|
### this configuration file.
|
|||
|
|
### If SASL is enabled (see below), this file will NOT be used.
|
|||
|
|
### Uncomment the line below to use the default password file.
|
|||
|
|
# password-db = passwd
|
|||
|
|
### The authz-db option controls the location of the authorization
|
|||
|
|
### rules for path-based access control. Unless you specify a path
|
|||
|
|
### starting with a /, the file's location is relative to the the
|
|||
|
|
### directory containing this file. If you don't specify an
|
|||
|
|
### authz-db, no path-based access control is done.
|
|||
|
|
### Uncomment the line below to use the default authorization file.
|
|||
|
|
# authz-db = authz
|
|||
|
|
### This option specifies the authentication realm of the repository.
|
|||
|
|
### If two repositories have the same authentication realm, they should
|
|||
|
|
### have the same password database, and vice versa. The default realm
|
|||
|
|
### is repository's uuid.
|
|||
|
|
# realm = My First Repository
|
|||
|
|
### The force-username-case option causes svnserve to case-normalize
|
|||
|
|
### usernames before comparing them against the authorization rules in the
|
|||
|
|
### authz-db file configured above. Valid values are "upper" (to upper-
|
|||
|
|
### case the usernames), "lower" (to lowercase the usernames), and
|
|||
|
|
### "none" (to compare usernames as-is without case conversion, which
|
|||
|
|
### is the default behavior).
|
|||
|
|
# force-username-case = none
|
|||
|
|
|
|||
|
|
[sasl]
|
|||
|
|
### This option specifies whether you want to use the Cyrus SASL
|
|||
|
|
### library for authentication. Default is false.
|
|||
|
|
### This section will be ignored if svnserve is not built with Cyrus
|
|||
|
|
### SASL support; to check, run 'svnserve --version' and look for a line
|
|||
|
|
### reading 'Cyrus SASL authentication is available.'
|
|||
|
|
# use-sasl = true
|
|||
|
|
### These options specify the desired strength of the security layer
|
|||
|
|
### that you want SASL to provide. 0 means no encryption, 1 means
|
|||
|
|
### integrity-checking only, values larger than 1 are correlated
|
|||
|
|
### to the effective key length for encryption (e.g. 128 means 128-bit
|
|||
|
|
### encryption). The values below are the defaults.
|
|||
|
|
# min-encryption = 0
|
|||
|
|
# max-encryption = 256
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
在 `svnserve.conf` 文件中有几处需要修改:
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[general]
|
|||
|
|
#匿名访问的权限,可以是read,write,none,默认为read
|
|||
|
|
anon-access=none
|
|||
|
|
#使授权用户有写权限
|
|||
|
|
auth-access=write
|
|||
|
|
#指定用户名口令文件
|
|||
|
|
password-db=passwd
|
|||
|
|
#指定权限文件,当前目录下的authz文件
|
|||
|
|
authz-db=authz
|
|||
|
|
#认证命名空间,subversion会在认证提示里显示,并且作为凭证缓存的关键字
|
|||
|
|
realm=/var/svn/reptest
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
**配置权限配置文件authz**
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[groups]
|
|||
|
|
#用户组
|
|||
|
|
admin = admin,root,test
|
|||
|
|
#用户组所对应的用户
|
|||
|
|
[/]
|
|||
|
|
#库目录权限
|
|||
|
|
@admin = rw
|
|||
|
|
#用户组权限
|
|||
|
|
*=r
|
|||
|
|
#非用户组权限
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
**配置用户口令文件passwd**
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[users]
|
|||
|
|
# harry = harryssecret
|
|||
|
|
# sally = sallyssecret
|
|||
|
|
admin = Admin1234
|
|||
|
|
root = root1234
|
|||
|
|
test = test1234
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
> `svnserve.conf:19: option expected`
|
|||
|
|
>
|
|||
|
|
> 注意修改配置文件时,应把删除注释后的配置前面的空格也删除掉,顶格写。
|
|||
|
|
|
|||
|
|
### 4.启动服务
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
systemctl start svnserve.service
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
问题1:`svnserve: E000098: Can't bind server socket: Address already in use`
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
[root@VM-8-4-centos conf]# systemctl status svnserve.service
|
|||
|
|
● svnserve.service - Subversion protocol daemon
|
|||
|
|
Loaded: loaded (/usr/lib/systemd/system/svnserve.service; disabled; vendor preset: disabled)
|
|||
|
|
Active: failed (Result: exit-code) since Thu 2023-03-09 09:18:18 CST; 4min 10s ago
|
|||
|
|
Process: 14768 ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS (code=exited, status=1/FAILURE)
|
|||
|
|
|
|||
|
|
Mar 09 09:18:18 VM-8-4-centos systemd[1]: Starting Subversion protocol daemon...
|
|||
|
|
Mar 09 09:18:18 VM-8-4-centos svnserve[14768]: svnserve: E000098: Can't bind server socket: Address already in use
|
|||
|
|
Mar 09 09:18:18 VM-8-4-centos systemd[1]: svnserve.service: control process exited, code=exited status=1
|
|||
|
|
Mar 09 09:18:18 VM-8-4-centos systemd[1]: Failed to start Subversion protocol daemon.
|
|||
|
|
Mar 09 09:18:18 VM-8-4-centos systemd[1]: Unit svnserve.service entered failed state.
|
|||
|
|
Mar 09 09:18:18 VM-8-4-centos systemd[1]: svnserve.service failed.
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
解决方法:
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
# 先kill掉原来的svnserve,再启动
|
|||
|
|
[root@VM-8-4-centos conf]# killall svnserve
|
|||
|
|
[root@VM-8-4-centos conf]# systemctl start svnserve.service
|
|||
|
|
[root@VM-8-4-centos conf]# systemctl status svnserve.service
|
|||
|
|
● svnserve.service - Subversion protocol daemon
|
|||
|
|
Loaded: loaded (/usr/lib/systemd/system/svnserve.service; disabled; vendor preset: disabled)
|
|||
|
|
Active: active (running) since Thu 2023-03-09 09:22:38 CST; 5s ago
|
|||
|
|
Process: 26302 ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS (code=exited, status=0/SUCCESS)
|
|||
|
|
Main PID: 26303 (svnserve)
|
|||
|
|
CGroup: /system.slice/svnserve.service
|
|||
|
|
└─26303 /usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid -r /var/svn
|
|||
|
|
|
|||
|
|
Mar 09 09:22:38 VM-8-4-centos systemd[1]: Starting Subversion protocol daemon...
|
|||
|
|
Mar 09 09:22:38 VM-8-4-centos systemd[1]: Started Subversion protocol daemon.
|
|||
|
|
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
### 5.设置服务开机启动
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
systemctl enable svnserve.service
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
### 6. 开放端口
|
|||
|
|
|
|||
|
|
```shell
|
|||
|
|
# 查看svn是否在运行,svn的默认端口是3690
|
|||
|
|
[root@VM-8-4-centos conf]# netstat -tunlp|grep 3690
|
|||
|
|
tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 26303/svnserve
|
|||
|
|
[root@VM-8-4-centos conf]# firewall-cmd --state
|
|||
|
|
running
|
|||
|
|
#添加端口
|
|||
|
|
[root@VM-8-4-centos conf]# firewall-cmd --permanent --add-port=3690/tcp
|
|||
|
|
Warning: ALREADY_ENABLED: 3690:tcp
|
|||
|
|
success
|
|||
|
|
#重启防火墙
|
|||
|
|
[root@VM-8-4-centos conf]# service firewalld restart
|
|||
|
|
Redirecting to /bin/systemctl restart firewalld.service
|
|||
|
|
[root@VM-8-4-centos conf]# firewall-cmd --list-ports
|
|||
|
|
3690/tcp
|
|||
|
|
```
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
### 7.检出使用
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
## 参考文章
|
|||
|
|
|
|||
|
|
[1] Centos7安装svn服务 [https://blog.csdn.net/chenxizhan1995/article/details/110687345](https://blog.csdn.net/chenxizhan1995/article/details/110687345)
|
|||
|
|
|
|||
|
|
[2] CentOS 7 安装配置SVN服务器 [https://www.jianshu.com/p/4e3dd253a209](https://www.jianshu.com/p/4e3dd253a209)
|
|||
|
|
|
|||
|
|
|