SVN服務器搭建詳解--權限劃分

環境準備

SVN使用場景說明
svn說白了就是一種實現文件共享管理的軟件，分紅服務器端和客戶端，全部的文件都存放在服務器端，每一個人能夠用客戶端把文件取到本地查看，也能夠在本地修改後上傳到服務器端，這樣你們就能夠隨時得到最新版的文件。
TortoiseSVN 就是最經常使用的一種SVN客戶端軟件。checkout的功能就是把服務器端的整個庫取到本地來，checkout操做通常只須要用一次，完成checkout以後，再想得到最新版文件時，用的是update而再也不須要checkout

這裏使用CentOS7.3的阿里雲服務器，須要關閉防火牆以及selinux。

[root@iZwz93cntl0pzsqbzlrghnZ ~]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)

查看當前YUM 源

[root@iZwz93cntl0pzsqbzlrghnZ ~]# ll /etc/yum.repos.d/
total 12
-rw-r--r-- 1 root root 675 Sep 17 22:45 CentOS-Base.repo
-rw-r--r-- 1 root root 230 Sep 17 22:45 epel.repo
-rw-r--r-- 1 root root 202 Sep 17 22:49 gitlab-ce.repo

開始安裝SVN服務器

[root@iZwz93cntl0pzsqbzlrghnZ ~]# yum -y install subversion

檢查SVN服務是否安裝成功

[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnadmin --version
svnadmin, version 1.7.14 (r1542130)
   compiled Apr 11 2018, 02:40:28

Copyright (C) 2013 The Apache Software Foundation.
This software consists of contributions made by many people; see the NOTICE
file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository back-end (FS) modules are available:

* fs_base : Module for working with a Berkeley DB repository.
* fs_fs : Module for working with a plain file (FSFS) repository.

建立兩個項目，一個是測試部門專用，一個研發部門專用

[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnadmin create /data/svn/yanfa
[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnadmin create /data/svn/ceshi

添加認證的用戶名以及權限授予的文件

[root@iZwz93cntl0pzsqbzlrghnZ ~]# touch /data/svn/passwd
[root@iZwz93cntl0pzsqbzlrghnZ ~]# touch /data/svn/authz

修改每一個項目的配置文件，主要修改五個地方，同時去掉註釋

anon-access = none
auth-access = write
password-db = passwd
authz-db = authz
realm = ceshi

[root@iZwz93cntl0pzsqbzlrghnZ ~]# vim /data/svn/ceshi/conf/svnserver.conf
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
##若是沒有認證或者權限，則不可看
anon-access = none
####認證成功，具備寫的權限
auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
##認證文件保存的地址，記錄了登錄的用戶以及密碼
password-db = /data/svn/passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
### 對項目的權限進行控制
authz-db = /data/svn/authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
realm = ceshi

[root@iZwz93cntl0pzsqbzlrghnZ ~]# vim /data/svn/yanfa/conf/svnserver.conf
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
##若是沒有認證或者權限，則不可看
anon-access = none
####認證成功，具備寫的權限
auth-access = write
### The password-db option controls the location of the password
### database file.  Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
##認證文件保存的地址，記錄了登錄的用戶以及密碼
password-db = /data/svn/passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control.  Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file.  If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
### 對項目的權限進行控制
authz-db = /data/svn/authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa.  The default realm
### is repository's uuid.
realm = yanfa

添加認證的用戶以及密碼

[root@iZwz93cntl0pzsqbzlrghnZ ~]# cat /data/svn/passwd
### This file is an example password file for svnserve.
[users]
##總監
boss = roYN6aTpsH6GndfQVoMYUNxGzjH2Ue
…………
…………
#能夠添加不少個用戶
#開發
kaifa_01 = 539aupKsoeeFBejv5B1A9BR1TkTSN7
kaifa_02 = uWCxqJOOLwWW90IKnZiActpjJgKRih
…………
…………
#能夠添加不少個用戶
#測試
ceshi_01 = roYN6aTUNxGzjHGndfQTkTSN7OLwW1
ceshi_02 = 0IKnZiOLwYN6A9BR1TkkTSwWCxqJss
…………
…………
#能夠添加不少個用戶
#運維
yunwei_01 = soeeOLwYN6A9BR1TkoeeFBejvsa121
…………
…………
#能夠添加不少個用戶

針對項目或者部門進行受權

[root@iZwz93cntl0pzsqbzlrghnZ ~]# cat /data/svn/authz
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
ceshi = ceshi_01,ceshi_02
kaifa = kaifa_01,kaifa_02
###將運維以及領導加入到管理員的組中
admin=yunwei_01,boss
###
[ceshi:/]
@admin = rw
@ceshi = rw
[yanfa:/]
@admin = rw
@kaifa = rw

啓動SVN服務

### 這裏有兩個啓動方式，一個是但項目啓動方式，一個是多項目啓動方式;
單項目的啓動方式直接加上項目的路徑，好比**svnserve -d -r /data/svn/ceshi**
###下列方式爲多項目啓動方式。
[root@iZwz93cntl0pzsqbzlrghnZ ~]# svnserve -d -r /data/svn/

客戶端的安裝以及使用

下載下面兩個安裝程序，一個是SVN的客戶端，一個是中文包；
下載地址是：https://tortoisesvn.net/downloads.html
TortoiseSVN-1.10.1.28295-x64-svn-1.10.2.msi
LanguagePack_1.10.1.28295-x64-zh_CN .msi

爲了不沒必要要的麻煩，必定要勾選command line client tools 選項

完成安裝

安裝中文包

完成安裝，勾選使用語言包