本文共 6804 字,大约阅读时间需要 22 分钟。
一、部署环境
操作系统:centos7.4
yum已配置selinux已关闭二、部署svn+apache
1、通过yum安装apache和svn
[root@liyg ~]# yum install -y httpd subversion mod_dav_svn
mod_dav_svn是apache访问svn的模块
2、验证
[root@liyg ~]# httpd -versionServer version: Apache/2.4.6 (CentOS)Server built: Aug 4 2017 03:19:10[root@liyg ~]# svnserve --versionsvnserve, version 1.7.14 (r1542130) compiled Nov 20 2015, 19:25:09[root@liyg ~]# find / -name mod_dav_svn.so[root@liyg ~]# find / -name mod_dav_svn.so/usr/lib64/httpd/modules/mod_dav_svn.so[root@liyg ~]# find / -name mod_authz_svn.so/usr/lib64/httpd/modules/mod_authz_svn.so
3、指定svn目录,并创建仓库
[root@liyg~]# mkdir /svn[root@liyg ~]# svnadmin create /svn/repo[root@liyg ~]# ll /svn/repototal 8drwxr-xr-x 2 root root 54 Dec 3 13:26 confdrwxr-sr-x 6 root root 233 Dec 3 13:26 db-r--r--r-- 1 root root 2 Dec 3 13:26 formatdrwxr-xr-x 2 root root 231 Dec 3 13:26 hooksdrwxr-xr-x 2 root root 41 Dec 3 13:26 locks-rw-r--r-- 1 root root 229 Dec 3 13:26 README.txt
4、修改仓库属主属组为apache
[root@liyg ~]# chown -R apache:apache /svn/repo/[root@liyg ~]# ll /svn/repo/total 8drwxr-xr-x 2 apache apache 54 Dec 3 13:46 confdrwxr-sr-x 6 apache apache 233 Dec 3 13:46 db-r--r--r-- 1 apache apache 2 Dec 3 13:46 formatdrwxr-xr-x 2 apache apache 231 Dec 3 13:46 hooksdrwxr-xr-x 2 apache apache 41 Dec 3 13:46 locks-rw-r--r-- 1 apache apache 229 Dec 3 13:46 README.txt
5、创建svn的用户文件和权限文件
[root@liyg ~]# cd /svn/[root@liyg svn]# touch passwd[root@liyg svn]# cp repo/conf/authz /svn/[root@liyg svn]# chown apache:apache passwd[root@liyg svn]# chown apache:apache authz[root@liyg svn]# lltotal 4-rw-r--r-- 1 apache apache 1080 Dec 3 13:34 authz-rw-r--r-- 1 apache apache 0 Dec 3 13:33 passwddrwxr-xr-x 3 apache apache 23 Dec 3 13:26 repo
6、创建用户admin和guest
[root@liyg svn]# htpasswd -b passwd admin qwer1234Adding password for user admin[root@liyg svn]# htpasswd -b passwd guest qwer1234Adding password for user guest在权限文件里添加(rw读写,r只读)[root@liyg svn]# vim authz...[/]admin = rwguest = r
7、配置httpd
[root@liyg ~]# vim /etc/httpd/conf.d/subversion.confDAV svn SVNParentPath /svn SVNListParentPath on AuthType Basic AuthName "Authorization SVN" AuthzSVNAccessFile /svn/authz AuthUserFile /svn/passwd Require valid-user
8、启动apache服务
[root@liyg ~]# systemctl start httpd[root@liyg ~]# netstat -antp|grep :80tcp6 0 0 :::80 :::* LISTEN 1015/httpd
9、验证部署是否成功
打开浏览器,访问http://ip/svn/repo 输入用户名密码即可访问
三、下载TortoiseSVN客户端来访问进行svn的访问
1、下载并安装
https://tortoisesvn.net/
2、打开并输入svn访问地址进行访问
输入用户名密码即可看到访问结果
四、禁止删除与强制注释
要求:禁止普通用户删除文件,并针对管理员用户使其只在某个项目下的某个文件夹有删除权限,并且所有用户上传文件时需添加注释
实现:通过编写钩子脚本来实现注:因对shell掌握不熟,以下脚本难免有疏漏之处,有改进的地方可以交流下1、
[root@liyg ~]# cd /svn/repo/hooks/[root@liyg hooks]# lltotal 36-rw-r--r-- 1 apache apache 1977 Dec 3 13:46 post-commit.tmpl-rw-r--r-- 1 apache apache 1638 Dec 3 13:46 post-lock.tmpl-rw-r--r-- 1 apache apache 2289 Dec 3 13:46 post-revprop-change.tmpl-rw-r--r-- 1 apache apache 1567 Dec 3 13:46 post-unlock.tmpl-rw-r--r-- 1 apache apache 3426 Dec 3 13:46 pre-commit.tmpl-rw-r--r-- 1 apache apache 2434 Dec 3 13:46 pre-lock.tmpl-rw-r--r-- 1 apache apache 2786 Dec 3 13:46 pre-revprop-change.tmpl-rw-r--r-- 1 apache apache 2122 Dec 3 13:46 pre-unlock.tmpl-rw-r--r-- 1 apache apache 2780 Dec 3 13:46 start-commit.tmpl
修改pre-commit.tmpl为pre-commit,并给予755权限
[root@liyg hooks]# cp pre-commit.tmpl pre-commit[root@liyg hooks]# chmod 755 pre-commit[root@liyg hooks]# lltotal 40-rw-r--r-- 1 apache apache 1977 Dec 3 13:46 post-commit.tmpl-rw-r--r-- 1 apache apache 1638 Dec 3 13:46 post-lock.tmpl-rw-r--r-- 1 apache apache 2289 Dec 3 13:46 post-revprop-change.tmpl-rw-r--r-- 1 apache apache 1567 Dec 3 13:46 post-unlock.tmpl-rwxr-xr-x 1 apache apache 3426 Dec 3 14:25 pre-commit-rw-r--r-- 1 apache apache 3426 Dec 3 13:46 pre-commit.tmpl-rw-r--r-- 1 apache apache 2434 Dec 3 13:46 pre-lock.tmpl-rw-r--r-- 1 apache apache 2786 Dec 3 13:46 pre-revprop-change.tmpl-rw-r--r-- 1 apache apache 2122 Dec 3 13:46 pre-unlock.tmpl-rw-r--r-- 1 apache apache 2780 Dec 3 13:46 start-commit.tmpl
2、编辑文件
#!/bin/shREPOS="$1"TXN="$2"SVNLOOK=/usr/bin/svnlookUSER=`$SVNLOOK author -t $TXN $REPOS`superuser="zhangliqiang,liyang,liuqingxi,yanghongjia,liufeng,mashiyuan,dubaihui,zhangcong,qinshaowei,lijie,guozhixing"if [ " `echo $superuser | grep $USER |wc -l`" -eq 1 ];then echo "superuser! all pemmision!"else if [ `$SVNLOOK changed -t $TXN $REPOS |grep "^D "|wc -l` -gt 0 ];then a=`$SVNLOOK changed -t $TXN $REPOS |grep "^D " | awk -F " " '{print $2}' ` echo $a > /app/svn/svnroot/chinese.test b=$USER c=`grep $b /app/svn/user-path | awk -F " " '{print $2}'` flag=0 for i in `echo $a`#!/bin/shREPOS="$1"TXN="$2"SVNLOOK=/usr/bin/svnlookUSER=`$SVNLOOK author -t $TXN $REPOS`superuser="zhangliqiang,liyang,liuqingxi,yanghongjia,liufeng,mashiyuan,dubaihui,zhangcong,qinshaowei,lijie,guozhixing"if [ " `echo $superuser | grep $USER |wc -l`" -eq 1 ];then echo "superuser! all pemmision!"else if [ `$SVNLOOK changed -t $TXN $REPOS |grep "^D "|wc -l` -gt 0 ];then a=`$SVNLOOK changed -t $TXN $REPOS |grep "^D " | awk -F " " '{print $2}' ` echo $a > /app/svn/svnroot/chinese.test b=$USER c=`grep $b /app/svn/user-path | awk -F " " '{print $2}'` flag=0 for i in `echo $a` do for j in `echo $c` do if [ `echo ${i#"$j"/}` != `echo $i` ];then flag=1 fi done if [ ${flag} == "0" ];then echo "You can not delete the files in these files. Please check the permissions" >&2 exit 3 fi flag=0 done fifiLOGMSG=$($SVNLOOK log -t "$TXN" "$REPOS" | grep "[a-zA-Z0-9]" | wc -c)if [ "$LOGMSG" -lt 1 ]; thenecho -e "\n Please write a note "1>&2exit 1fi
转载于:https://blog.51cto.com/12244079/2325325