SVN服务器搭建详解--权限划分

环境准备

SVN使用场景说明
svn说白了就是一种实现文件共享管理的软件,分成服务器端和客户端,所有的文件都存放在服务器端,每个人可以用客户端把文件取到本地查看,也可以在本地修改后上传到服务器端,这样大家就可以随时获得最新版的文件。
TortoiseSVN 就是最常用的一种SVN客户端软件。checkout的功能就是把服务器端的整个库取到本地来,checkout操作一般只需要用一次,完成checkout之后,再想获得最新版文件时,用的是update而不再需要checkout

这里使用CentOS7.3的阿里云服务器,需要关闭防火墙以及selinux。

[root@iZwz93cntl0pzsqbzlrghnZ ~]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)

查看当前YUM 源

[root@iZwz93cntl0pzsqbzlrghnZ ~]# ll /etc/yum.repos.d/
total 12
-rw-r--r-- 1 root root 675 Sep 17 22:45 CentOS-Base.repo
-rw-r--r-- 1 root root 230 Sep 17 22:45 epel.repo
-rw-r--r-- 1 root root 202 Sep 17 22:49 gitlab-ce.repo

开始安装SVN服务器

[root@iZwz93cntl0pzsqbzlrghnZ ~]# yum -y install subversion

检查SVN服务是否安装成功


[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnadmin --version
svnadmin, version 1.7.14 (r1542130)
   compiled Apr 11 2018, 02:40:28

Copyright (C) 2013 The Apache Software Foundation.
This software consists of contributions made by many people; see the NOTICE
file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository back-end (FS) modules are available:

* fs_base : Module for working with a Berkeley DB repository.
* fs_fs : Module for working with a plain file (FSFS) repository.

创建两个项目,一个是测试部门专用,一个研发部门专用

[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnadmin create /data/svn/yanfa
[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnadmin create /data/svn/ceshi

添加认证的用户名以及权限授予的文件

[root@iZwz93cntl0pzsqbzlrghnZ ~]# touch /data/svn/passwd
[root@iZwz93cntl0pzsqbzlrghnZ ~]# touch /data/svn/authz

修改每个项目的配置文件,主要修改五个地方,同时去掉注释

anon-access = none
auth-access = write
password-db = passwd
authz-db = authz
realm = ceshi

[root@iZwz93cntl0pzsqbzlrghnZ ~]# vim /data/svn/ceshi/conf/svnserver.conf
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
##如果没有认证或者权限,则不可看
anon-access = none
####认证成功,具有写的权限
auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
##认证文件保存的地址,记录了登陆的用户以及密码
password-db = /data/svn/passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
### 对项目的权限进行控制
authz-db = /data/svn/authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
realm = ceshi


[root@iZwz93cntl0pzsqbzlrghnZ ~]# vim /data/svn/yanfa/conf/svnserver.conf
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
##如果没有认证或者权限,则不可看
anon-access = none
####认证成功,具有写的权限
auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
##认证文件保存的地址,记录了登陆的用户以及密码
password-db = /data/svn/passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
### 对项目的权限进行控制
authz-db = /data/svn/authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
realm = yanfa

添加认证的用户以及密码

[root@iZwz93cntl0pzsqbzlrghnZ ~]# cat /data/svn/passwd
### This file is an example password file for svnserve.
[users]
##总监
boss = roYN6aTpsH6GndfQVoMYUNxGzjH2Ue
…………
…………
#可以添加很多个用户
#开发
kaifa_01 = 539aupKsoeeFBejv5B1A9BR1TkTSN7
kaifa_02 = uWCxqJOOLwWW90IKnZiActpjJgKRih
…………
…………
#可以添加很多个用户
#测试
ceshi_01 = roYN6aTUNxGzjHGndfQTkTSN7OLwW1
ceshi_02 = 0IKnZiOLwYN6A9BR1TkkTSwWCxqJss
…………
…………
#可以添加很多个用户
#运维
yunwei_01 = soeeOLwYN6A9BR1TkoeeFBejvsa121
…………
…………
#可以添加很多个用户

针对项目或者部门进行授权

 [root@iZwz93cntl0pzsqbzlrghnZ ~]# cat /data/svn/authz
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
ceshi = ceshi_01,ceshi_02
kaifa = kaifa_01,kaifa_02
###将运维以及领导加入到管理员的组中
admin=yunwei_01,boss
###
[ceshi:/]
@admin = rw
@ceshi = rw
[yanfa:/]
@admin = rw
@kaifa = rw

启动SVN服务

### 这里有两个启动方式,一个是但项目启动方式,一个是多项目启动方式;
单项目的启动方式直接加上项目的路径,比如**svnserve -d -r /data/svn/ceshi**
###下列方式为多项目启动方式。
[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnserve -d -r /data/svn/

客户端的安装以及使用

下载下面两个安装程序,一个是SVN的客户端,一个是中文包;
下载地址是:https://tortoisesvn.net/downloads.html
TortoiseSVN-1.10.1.28295-x64-svn-1.10.2.msi
LanguagePack_1.10.1.28295-x64-zh_CN .msi

在这里插入图片描述

在这里插入图片描述

为了避免不必要的麻烦,一定要勾选command line client tools 选项

在这里插入图片描述

完成安装

在这里插入图片描述

安装中文包

在这里插入图片描述

完成安装,勾选使用语言包

在这里插入图片描述

posted @ 2018-09-18 23:47  sujc-blogs  阅读(1049)  评论(0编辑  收藏  举报