--- title: CentOS7 安装 SVN date: 2023-01-07 author: ac tags: - svn categories: - DevOps --- ### 1.安装服务 ```shell sudo yum install subversion ``` 这条命令用来安装 `subversion` 软件包,该软件包同时包含服务端和客户端程序。 安装完成后,机器上会多出 `svn` ,`svnadmin`,`svnserve` 等命令。 - `svn` 是`subversion`的客户端命令行工具; - `svnadmin` 和 `svnserve` 是服务端程序命令; 可以执行 `svn` 命令说明安装成功。 ```shell [root@VM-8-4-centos ~]# svn --version svn, version 1.7.14 (r1542130) compiled Sep 30 2020, 17:44:04 Copyright (C) 2013 The Apache Software Foundation. ``` 安装过程会在背后处理很多事情,其中一个就是“注册”了subversion服务,只不过是处于禁用状态。 ```shell [root@VM-8-4-centos ~]# systemctl list-unit-files --all | grep svn svnserve.service disabled ``` 简单分析一下这个服务。 1. `centos` 使用 `systemd` 作为 `init` 进程,它是个大管家。一个系统服务就是特定位置的一个 `.service` 文件。 ```shell [root@VM-8-4-centos sysconfig]# systemctl show svnserve.service | grep Path FragmentPath=/usr/lib/systemd/system/svnserve.service ``` 所以 subversion 服务对应的文件就是`/usr/lib/systemd/system/svnserve.service`。 2. 查看 `svnserve.service`文件。 ```shell [root@VM-8-4-centos sysconfig]# cat /usr/lib/systemd/system/svnserve.service [Unit] Description=Subversion protocol daemon After=syslog.target network.target [Service] Type=forking EnvironmentFile=/etc/sysconfig/svnserve ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS [Install] WantedBy=multi-user.target ``` `svnserve.service`文件解析: - `[Service]` 表明这是一个系统服务 - `ExecStart` 给出启动服务的命令 - `EnvironmentFile` 设置环境变量的配置文件地址,查看配置文件: ```shell [root@VM-8-4-centos sysconfig]# cat /etc/sysconfig/svnserve # OPTIONS is used to pass command-line arguments to svnserve. # # Specify the repository location in -r parameter: OPTIONS="-r /var/svn" ``` 所以启动服务实际执行的命令就会是: `/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid -r /var/svn` 这里的` -r /var/svn `是指定了 `svn` 服务存放仓库的路径。 一个 `svn` 服务可以同时管理多个仓库,每个仓库就是 `/var/svn` 下的一个子目录。 **安装 `svn` 不会自动创建这个目录,所以需要手动创建。** ### 2.创建存放仓库 手动创建 `/var/svn` 目录,创建仓库 `reptest` : ```shell [root@VM-8-4-centos repositories]# mkdir -p /var/svn [root@VM-8-4-centos repositories]# pth=/var/svn/reptest [root@VM-8-4-centos repositories]# svnadmin create $pth ``` `svnadmin` 是服务端辅助管理工具,它可以创建空仓库。 项目中使用的仓库一般有 `trunk/`,` tags/`, `branches/ `三个子目录。这里只简单创建空的目录。 ### 3.配置账号 每个仓库下都有 `conf/svnserve.conf` 文件,它是所在仓库的主配置文件。 ```shell [root@VM-8-4-centos conf]# cat svnserve.conf ### This file controls the configuration of the svnserve daemon, if you ### use it to allow access to this repository. (If you only allow ### access through http: and/or file: URLs, then this file is ### irrelevant.) ### Visit http://subversion.apache.org/ for more information. [general] ### The anon-access and auth-access options control access to the ### repository for unauthenticated (a.k.a. anonymous) users and ### authenticated users, respectively. ### Valid values are "write", "read", and "none". ### Setting the value to "none" prohibits both reading and writing; ### "read" allows read-only access, and "write" allows complete ### read/write access to the repository. ### The sample settings below are the defaults and specify that anonymous ### users have read-only access to the repository, while authenticated ### users have read and write access to the repository. # anon-access = read # auth-access = write ### The password-db option controls the location of the password ### database file. Unless you specify a path starting with a /, ### the file's location is relative to the directory containing ### this configuration file. ### If SASL is enabled (see below), this file will NOT be used. ### Uncomment the line below to use the default password file. # password-db = passwd ### The authz-db option controls the location of the authorization ### rules for path-based access control. Unless you specify a path ### starting with a /, the file's location is relative to the the ### directory containing this file. If you don't specify an ### authz-db, no path-based access control is done. ### Uncomment the line below to use the default authorization file. # authz-db = authz ### This option specifies the authentication realm of the repository. ### If two repositories have the same authentication realm, they should ### have the same password database, and vice versa. The default realm ### is repository's uuid. # realm = My First Repository ### The force-username-case option causes svnserve to case-normalize ### usernames before comparing them against the authorization rules in the ### authz-db file configured above. Valid values are "upper" (to upper- ### case the usernames), "lower" (to lowercase the usernames), and ### "none" (to compare usernames as-is without case conversion, which ### is the default behavior). # force-username-case = none [sasl] ### This option specifies whether you want to use the Cyrus SASL ### library for authentication. Default is false. ### This section will be ignored if svnserve is not built with Cyrus ### SASL support; to check, run 'svnserve --version' and look for a line ### reading 'Cyrus SASL authentication is available.' # use-sasl = true ### These options specify the desired strength of the security layer ### that you want SASL to provide. 0 means no encryption, 1 means ### integrity-checking only, values larger than 1 are correlated ### to the effective key length for encryption (e.g. 128 means 128-bit ### encryption). The values below are the defaults. # min-encryption = 0 # max-encryption = 256 ``` 在 `svnserve.conf` 文件中有几处需要修改: ```shell [general] #匿名访问的权限,可以是read,write,none,默认为read anon-access=none #使授权用户有写权限 auth-access=write #指定用户名口令文件 password-db=passwd #指定权限文件,当前目录下的authz文件 authz-db=authz #认证命名空间,subversion会在认证提示里显示,并且作为凭证缓存的关键字 realm=/var/svn/reptest ``` **配置权限配置文件authz** ```shell [groups] #用户组 admin = admin,root,test #用户组所对应的用户 [/] #库目录权限 @admin = rw #用户组权限 *=r #非用户组权限 ``` **配置用户口令文件passwd** ```shell [users] # harry = harryssecret # sally = sallyssecret admin = Admin1234 root = root1234 test = test1234 ``` > `svnserve.conf:19: option expected` > > 注意修改配置文件时,应把删除注释后的配置前面的空格也删除掉,顶格写。 ### 4.启动服务 ```shell systemctl start svnserve.service ``` 问题1:`svnserve: E000098: Can't bind server socket: Address already in use` ```shell [root@VM-8-4-centos conf]# systemctl status svnserve.service ● svnserve.service - Subversion protocol daemon Loaded: loaded (/usr/lib/systemd/system/svnserve.service; disabled; vendor preset: disabled) Active: failed (Result: exit-code) since Thu 2023-03-09 09:18:18 CST; 4min 10s ago Process: 14768 ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS (code=exited, status=1/FAILURE) Mar 09 09:18:18 VM-8-4-centos systemd[1]: Starting Subversion protocol daemon... Mar 09 09:18:18 VM-8-4-centos svnserve[14768]: svnserve: E000098: Can't bind server socket: Address already in use Mar 09 09:18:18 VM-8-4-centos systemd[1]: svnserve.service: control process exited, code=exited status=1 Mar 09 09:18:18 VM-8-4-centos systemd[1]: Failed to start Subversion protocol daemon. Mar 09 09:18:18 VM-8-4-centos systemd[1]: Unit svnserve.service entered failed state. Mar 09 09:18:18 VM-8-4-centos systemd[1]: svnserve.service failed. ``` 解决方法: ```shell # 先kill掉原来的svnserve,再启动 [root@VM-8-4-centos conf]# killall svnserve [root@VM-8-4-centos conf]# systemctl start svnserve.service [root@VM-8-4-centos conf]# systemctl status svnserve.service ● svnserve.service - Subversion protocol daemon Loaded: loaded (/usr/lib/systemd/system/svnserve.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2023-03-09 09:22:38 CST; 5s ago Process: 26302 ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS (code=exited, status=0/SUCCESS) Main PID: 26303 (svnserve) CGroup: /system.slice/svnserve.service └─26303 /usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid -r /var/svn Mar 09 09:22:38 VM-8-4-centos systemd[1]: Starting Subversion protocol daemon... Mar 09 09:22:38 VM-8-4-centos systemd[1]: Started Subversion protocol daemon. ``` ### 5.设置服务开机启动 ```shell systemctl enable svnserve.service ``` ### 6. 开放端口 ```shell # 查看svn是否在运行,svn的默认端口是3690 [root@VM-8-4-centos conf]# netstat -tunlp|grep 3690 tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 26303/svnserve [root@VM-8-4-centos conf]# firewall-cmd --state running #添加端口 [root@VM-8-4-centos conf]# firewall-cmd --permanent --add-port=3690/tcp Warning: ALREADY_ENABLED: 3690:tcp success #重启防火墙 [root@VM-8-4-centos conf]# service firewalld restart Redirecting to /bin/systemctl restart firewalld.service [root@VM-8-4-centos conf]# firewall-cmd --list-ports 3690/tcp ``` ### 7.检出使用 ![image-20230309095243364](./images/image-20230309095243364.png) ![image-20230309095403041](./images/image-20230309095403041.png) ## 参考文章 [1] Centos7安装svn服务 [https://blog.csdn.net/chenxizhan1995/article/details/110687345](https://blog.csdn.net/chenxizhan1995/article/details/110687345) [2] CentOS 7 安装配置SVN服务器 [https://www.jianshu.com/p/4e3dd253a209](https://www.jianshu.com/p/4e3dd253a209)