Linux 下部署 SVN 服务

系统环境：centos 7.9
步骤一： 在虚拟机上通过yum安装svnserve

yum -y install subversion

步骤二： 创建版本库目录（此仅为目录，为后面创建版本库提供存放位置）

mkdir /home/svnrepos

步骤三： 创建SVN版本库（XXX为预期的版本库名称，可自定义）

svnadmin create /home/svnrepos/XXX

步骤四： 创建成功后进入/home/svnrepos/XXX目录

cd /home/svnrepos/XXX
ls -l
展示如下：
drwxr-xr-x 2 root root  89 Apr 30 13:09 conf
drwxr-sr-x 7 root root 266 May  7 17:41 db
-r--r--r-- 1 root root   2 Apr 23 19:41 format
drwxr-xr-x 2 root root 231 Apr 23 19:41 hooks
drwxr-xr-x 2 root root  41 Apr 23 19:41 locks
-rw-r--r-- 1 root root 229 Apr 23 19:41 README.txt

目录详解

步骤五： 修改配置文件

cd /home/svnrepos/XXX/conf
ls -l
展示如下：
-rw-r--r-- 1 root root 2013 Apr 30 13:21 authz
-rw-r--r-- 1 root root  958 Apr 27 13:23 passwd
-rw-r--r-- 1 root root 3075 Apr 30 13:09 svnserve.conf

authz：负责账号权限的管理，控制账号是否读写权限
passwd：负责账号和密码的用户名单管理
svnserve.conf：svn服务器配置文件

1. 修改 authz 文件

# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
#
[groups]
group1 = test1
group2 = test2
[/]
@group1 = r
@group2 = wr

[groups]是对成员进行分组，group1组下有账号test1，group2组下有账号test2。

注意：[/]也是必须的，[/]是表示根目录。

group1组对所有文件只有读的权限。
group2组对所有文件有可读可写的权限。

2. 编辑 passwd文件

[users]
# harry = harryssecret
# sally = sallyssecret

test1 = 123
test2 = 123

test1是账号，123是密码

3. 编辑 svnserve.conf 文件（注意：配置的前面不能有空格，一定要顶格写）

### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository.  (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)

### Visit http://subversion.apache.org/ for more information.

[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete 
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
realm = /home/svnrepos
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above.  Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
# force-username-case = none

[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
# use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
# min-encryption = 0
# max-encryption = 256

anon-access = none：表示禁止匿名用户访问。

auth-access = write：表示授权用户拥有读写权限。

password-db = passswd：指定用户名口令文件，即 passwd 文件。

authz-db = authz：指定权限配置文件，即 authz 文件。

realm = /home/svnrepos：指定认证域，即 /home/svnrepos 目录。

步骤六：给防火墙添加开放端口

SVN 默认端口是3690，需要在防火墙策略中开放3690端口

 firewall-cmd --zone=public --add-port=3690/tcp --permanent 

更新防火墙策略

sudo firewall-cmd --reload

查看防火墙开放的端口

sudo firewall-cmd --zone=public --list-ports

步骤七：启动 svnserve 服务

svnserve -d -r /var/svnrepos

查看是否启动成功

ps -ef | grep svnserve

root      9118  8988  0 17:43 pts/0    00:00:00 grep --color=auto svnserve
root     29865     1  0 Apr30 ?        00:00:00 svnserve -d -r /home/svnrepos

以上展示表示启动成功