qiusj
/
meface
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
meface/docs/article/devops/svn.md

308 lines
10 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: CentOS7 安装 SVN
date: 2023-01-07
author: ac
tags:
- svn
categories:
- DevOps
---
### 1.安装服务
```shell
sudo yum install subversion
```
这条命令用来安装 `subversion` 软件包,该软件包同时包含服务端和客户端程序。
安装完成后,机器上会多出 `svn` `svnadmin``svnserve` 等命令。
- `svn` 是`subversion`的客户端命令行工具;
- `svnadmin``svnserve` 是服务端程序命令;
可以执行 `svn` 命令说明安装成功。
```shell
[root@VM-8-4-centos ~]# svn --version
svn, version 1.7.14 (r1542130)
compiled Sep 30 2020, 17:44:04
Copyright (C) 2013 The Apache Software Foundation.
```
安装过程会在背后处理很多事情其中一个就是“注册”了subversion服务只不过是处于禁用状态。
```shell
[root@VM-8-4-centos ~]# systemctl list-unit-files --all | grep svn
svnserve.service disabled
```
简单分析一下这个服务。
1. `centos` 使用 `systemd` 作为 `init` 进程,它是个大管家。一个系统服务就是特定位置的一个 `.service` 文件。
```shell
[root@VM-8-4-centos sysconfig]# systemctl show svnserve.service | grep Path
FragmentPath=/usr/lib/systemd/system/svnserve.service
```
所以 subversion 服务对应的文件就是`/usr/lib/systemd/system/svnserve.service`。
2. 查看 `svnserve.service`文件。
```shell
[root@VM-8-4-centos sysconfig]# cat /usr/lib/systemd/system/svnserve.service
[Unit]
Description=Subversion protocol daemon
After=syslog.target network.target
[Service]
Type=forking
EnvironmentFile=/etc/sysconfig/svnserve
ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS
[Install]
WantedBy=multi-user.target
```
`svnserve.service`文件解析:
- `[Service]` 表明这是一个系统服务
- `ExecStart` 给出启动服务的命令
- `EnvironmentFile` 设置环境变量的配置文件地址,查看配置文件:
```shell
[root@VM-8-4-centos sysconfig]# cat /etc/sysconfig/svnserve
# OPTIONS is used to pass command-line arguments to svnserve.
#
# Specify the repository location in -r parameter:
OPTIONS="-r /var/svn"
```
所以启动服务实际执行的命令就会是:
`/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid -r /var/svn`
这里的` -r /var/svn `是指定了 `svn` 服务存放仓库的路径。
一个 `svn` 服务可以同时管理多个仓库,每个仓库就是 `/var/svn` 下的一个子目录。
**安装 `svn` 不会自动创建这个目录,所以需要手动创建。**
### 2.创建存放仓库
手动创建 `/var/svn` 目录,创建仓库 `reptest`
```shell
[root@VM-8-4-centos repositories]# mkdir -p /var/svn
[root@VM-8-4-centos repositories]# pth=/var/svn/reptest
[root@VM-8-4-centos repositories]# svnadmin create $pth
```
`svnadmin` 是服务端辅助管理工具,它可以创建空仓库。
项目中使用的仓库一般有 `trunk/`,` tags/`, `branches/ `三个子目录。这里只简单创建空的目录。
### 3.配置账号
每个仓库下都有 `conf/svnserve.conf` 文件,它是所在仓库的主配置文件。
```shell
[root@VM-8-4-centos conf]# cat svnserve.conf
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit http://subversion.apache.org/ for more information.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
# anon-access = read
# auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
# password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
# authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
# realm = My First Repository
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above. Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
# force-username-case = none
[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
# use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
# min-encryption = 0
# max-encryption = 256
```
`svnserve.conf` 文件中有几处需要修改:
```shell
[general]
#匿名访问的权限可以是read,write,none,默认为read
anon-access=none
#使授权用户有写权限
auth-access=write
#指定用户名口令文件
password-db=passwd
#指定权限文件当前目录下的authz文件
authz-db=authz
#认证命名空间subversion会在认证提示里显示并且作为凭证缓存的关键字
realm=/var/svn/reptest
```
**配置权限配置文件authz**
```shell
[groups]
#用户组
admin = admin,root,test
#用户组所对应的用户
[/]
#库目录权限
@admin = rw
#用户组权限
*=r
#非用户组权限
```
**配置用户口令文件passwd**
```shell
[users]
# harry = harryssecret
# sally = sallyssecret
admin = Admin1234
root = root1234
test = test1234
```
> `svnserve.conf:19: option expected`
>
> 注意修改配置文件时,应把删除注释后的配置前面的空格也删除掉,顶格写。
### 4.启动服务
```shell
systemctl start svnserve.service
```
问题1`svnserve: E000098: Can't bind server socket: Address already in use`
```shell
[root@VM-8-4-centos conf]# systemctl status svnserve.service
● svnserve.service - Subversion protocol daemon
Loaded: loaded (/usr/lib/systemd/system/svnserve.service; disabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Thu 2023-03-09 09:18:18 CST; 4min 10s ago
Process: 14768 ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS (code=exited, status=1/FAILURE)
Mar 09 09:18:18 VM-8-4-centos systemd[1]: Starting Subversion protocol daemon...
Mar 09 09:18:18 VM-8-4-centos svnserve[14768]: svnserve: E000098: Can't bind server socket: Address already in use
Mar 09 09:18:18 VM-8-4-centos systemd[1]: svnserve.service: control process exited, code=exited status=1
Mar 09 09:18:18 VM-8-4-centos systemd[1]: Failed to start Subversion protocol daemon.
Mar 09 09:18:18 VM-8-4-centos systemd[1]: Unit svnserve.service entered failed state.
Mar 09 09:18:18 VM-8-4-centos systemd[1]: svnserve.service failed.
```
解决方法:
```shell
# 先kill掉原来的svnserve再启动
[root@VM-8-4-centos conf]# killall svnserve
[root@VM-8-4-centos conf]# systemctl start svnserve.service
[root@VM-8-4-centos conf]# systemctl status svnserve.service
● svnserve.service - Subversion protocol daemon
Loaded: loaded (/usr/lib/systemd/system/svnserve.service; disabled; vendor preset: disabled)
Active: active (running) since Thu 2023-03-09 09:22:38 CST; 5s ago
Process: 26302 ExecStart=/usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 26303 (svnserve)
CGroup: /system.slice/svnserve.service
└─26303 /usr/bin/svnserve --daemon --pid-file=/run/svnserve/svnserve.pid -r /var/svn
Mar 09 09:22:38 VM-8-4-centos systemd[1]: Starting Subversion protocol daemon...
Mar 09 09:22:38 VM-8-4-centos systemd[1]: Started Subversion protocol daemon.
```
### 5.设置服务开机启动
```shell
systemctl enable svnserve.service
```
### 6. 开放端口
```shell
# 查看svn是否在运行svn的默认端口是3690
[root@VM-8-4-centos conf]# netstat -tunlp|grep 3690
tcp 0 0 0.0.0.0:3690 0.0.0.0:* LISTEN 26303/svnserve
[root@VM-8-4-centos conf]# firewall-cmd --state
running
#添加端口
[root@VM-8-4-centos conf]# firewall-cmd --permanent --add-port=3690/tcp
Warning: ALREADY_ENABLED: 3690:tcp
success
#重启防火墙
[root@VM-8-4-centos conf]# service firewalld restart
Redirecting to /bin/systemctl restart firewalld.service
[root@VM-8-4-centos conf]# firewall-cmd --list-ports
3690/tcp
```
### 7.检出使用
![image-20230309095243364](./images/image-20230309095243364.png)
![image-20230309095403041](./images/image-20230309095403041.png)
## 参考文章
[1] Centos7安装svn服务 [https://blog.csdn.net/chenxizhan1995/article/details/110687345](https://blog.csdn.net/chenxizhan1995/article/details/110687345)
[2] CentOS 7 安装配置SVN服务器 [https://www.jianshu.com/p/4e3dd253a209](https://www.jianshu.com/p/4e3dd253a209)
Reference in New Issue View Git Blame Copy Permalink