Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. Installation of Subversion on Ubuntu, with Apache, SSL, and BasicAuth. 1。安装 subversion 和 apache2 的组件(已经认为您已经安装了 apache2), sudo apt-get install subversion libapache2-svn 在/etc/apache2/mods-enabled 中会多出来一下几个链接文件(实际文件在 mods-available 中,我们不需要去 管,只需要关注 enabled 目录就成): dav_fs.load dav_svn.conf dav_fs.conf dav.load dav_svn.load 2。建立 svn 数据库 a. 只建立一个仓库: sudo svnadmin create /var/svn ls /var/svn 你将得到这样的结果,则说明建立成功 conf dav db format hooks locks README.txt sudo chown -R root:svn /var/svn sudo chmod -R g+rws /var/svn # 给 svn 组赋予读写权限,可以根据需要更改相应权限 sudo chmod -R o-rwx /var/svn # 删除其他无关人员的读、写、执行权限,默认情况下可能其他人有读权限 # 注:有关权限修改的问题可以查看相关 linux 命令 b.建立多个仓库($REPOS 是自己定义的仓库名称): sudo mkdir /var/svn sudo svnadmin create /var/svn/$REPOS sudo chown -R root:svn /var/svn /$REPOS sudo chmod -R g+rws /var/svn/$REPOS # 给 svn 组赋予读写权限,可以根据需要更改相应权限 sudo chmod -R o-rwx /var/svn/$REPOS # 删除其他无关人员的读、写、执行权限,默认情况下可能其他人有读权 限 ls /var/svn/$REPOS
  2. 2. 你将得到这样的结果,则说明建立成功 conf dav db format hooks locks README.txt #注意:建立一个仓库时/etc/apache2/mods-enabled/dav_svn.conf (步骤 3) 应该注释掉 SVNParentPath:/var/svn 行,而去掉 SVNPath /var/svn 前面的注释。 3。配置 apache cd /etc/apache2/mods-enabled sudo vi dav_svn.conf 按照提示去掉一些文件注释,最终的文件看起来如下 # dav_svn.conf - Example Subversion/Apache configuration # # For details and further options see the Apache user manual and # the Subversion book. # # NOTE: for a setup with multiple vhosts, you will want to do this # configuration in /etc/apache2/sites-available/*, not here. # <Location URL> ... </Location> # URL controls how the repository appears to the outside world. # In this example clients access the repository as http://hostname/svn/ # Note, a literal /svn should NOT exist in your document root. <Location /svn> # Uncomment this to enable the repository DAV svn # Set this to the path to your repository #SVNPath /var/svn # Alternatively, use SVNParentPath if you have multiple repositories under
  3. 3. # under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...). # You need either SVNPath and SVNParentPath, but not both. SVNParentPath /var/svn # Access control is done at 3 levels: (1) Apache authentication, via # any of several methods. A "Basic Auth" section is commented out # below. (2) Apache <Limit> and <LimitExcept>, also commented out # below. (3) mod_authz_svn is a svn-specific authorization module # which offers fine-grained read/write access control for paths # within a repository. (The first two layers are coarse-grained; you # can only enable/disable access to an entire repository.) Note that # mod_authz_svn is noticeably slower than the other two layers, so if # you don't need the fine-grained control, don't configure it. # Basic Authentication is repository-wide. It is not secure unless # you are using https. See the 'htpasswd' command to create and # manage the password file - and the documentation for the # 'auth_basic' and 'authn_file' modules, which you will need for this # (enable them with 'a2enmod'). AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd # To enable authorization via mod_authz_svn #AuthzSVNAccessFile /etc/apache2/dav_svn.authz # The following three lines allow anonymous read, but make # committers authenticate themselves. It requires the 'authz_user' # module (enable it with 'a2enmod'). #<LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user
  4. 4. # SSLRequireSSL #</LimitExcept> </Location> 或者象这样来实现独立的域名情况: <VirtualHost> ServerName svn.rollenc.com DocumentRoot /var/svn <Location /> DAV svn SVNPath /var/svn AuthType Basic AuthName "Subversion Repository" AuthUserFile /etc/apache2/dav_svn.passwd <LimitExcept GET PROPFIND OPTIONS REPORT> Require valid-user </LimitExcept> </Location> </VirtualHost> 4。建立密码文件 建立第一个用户需要加-c 参数 sudo htpasswd2 -c /etc/apache2/dav_svn.passwd username 输入两次密码 建立其他用户: sudo htpasswd2 /etc/apache2/dav_svn.passwd username2 注意没有加-c,加-c 的话会清除掉以前存在的密码。 如果 username2 为已存在用户,那这句命令的意义就是修改密码
  5. 5. 5.重启 apache sudo apache2 -k restart 如果一切正常的话,使用浏览器打开 应该看到如下信息 Revision 0: / Powered by Subversion version 1.3.1 (r19032). OK,安装完成 你可以对他进行一些 import,commit 等操作了 导入版本的文件框架 mkdir -p tmp/lab.rollenc.com/trunk tmp/eemap/trunk #如果你有其他已经写好的需要一起导入的文件,cp 过来让 在相应的 trunk 目录下,然后下一步。 svn import tmp #更具提示输入 message 信息和用户,密码。 我在实验时发现有权限问题,这是你可能需要修改/var/svn 的权限为可读写 sudo chmod -R 777 /var/svn 然后再继续执行上面的 import 操作。 现在使用浏览器打开,可以得到 Revision 1: / * eemap/ * lab.rollenc.com/ 继续 checkout 和 commit 吧,祝你有一个愉快的 subversion。 Defined tags for this entry: subversion, Ubuntu, 技术 作者 rollenc 6.完善成为 https 的方式访问 SVN a.加载 ssl 模块 sudo a2enmod ssl
  6. 6. b .生成认证证书 sudo apt-get install ssl-cert sudo mkdir /etc/apache2/ssl sudo /usr/sbin/make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem ls -l /etc/apache2/sites-available 你看到有一个 default-ssl 文件,则说明生成成功 c 创建虚拟主机($SITENAME 为你的站点名称) sudo cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/$SITENAME sudo vim /etc/apache2/sites-available/$SITENAME add:(保证你看到下面两行) SSLEngine on SSLCertificateFile /etc/apache2/ssl/apache.pem sudo a2ensite $SITENAME d 配置 apache,使 WebDAV and SVN 可用 cd /etc/apache2/mods-enabled sudo vim dav_svn.conf add: SSLRequireSSL e.配置成功 sudo /etc/init.d/apache2 restart 利用 Tortoise SVN 可检出仓库:https://yourServerIp/svn/$REPOS 如果出现如下错误: (98)Address already in use: make_sock: could not bind to address 解决方法: 1、netstat -tuln | grep :443 看端口是否开启 2、sudo less /etc/apache2/ports.conf 是否写了两个 Listen 443
  7. 7. 测试: 网页访问: lynx https://localhost/svn/$REPOS exposes the repository. lynx http://localhost/svn/$REPOS says: eat my shorts , i.e. 403-forbidden. 一个初始化导入: svn import --username $AUTH_USER $A_FILE https://localhost/svn/$REPOS/testdir -m “Testing” 检出: svn co --username $AUTH_USER https://localhost/svn/$REPOS 按照步骤 2 的 b 方法 可以重复添加多个仓库 Above all, check the great SVN Book.