基本步骤:
1、安装必需的subversion、登录subversion的认证数据库mysql、发布subversion的服务httpd及其相关mod文件、生成https证书的openssl;
2、配置subversion的资料库文件以及访问权限管理文件authz;
3、配置mysql里的认证数据库,便于访问svn;
4、配置httpd关于subersion和mysql的模块文件;
5、配置https证书,通过openssl;
6、注意事项以及常见问题。
完全运行如下:
1)
[simonsun@magic ~]$ uname -a
Linux magic.linux 2.6.18-92.1.22.el5 #1 SMP Tue Dec 16 12:03:43 EST 2008 i686 i686 i386 GNU/Linux
[simonsun@magic ~]$ sudo yum install subversion httpd openssl mod_dav_svn mod_auth_mysql mysql mysql-server mysql-devel
[simonsun@magic ~]$ sudo mkdir /home/subversion
[simonsun@magic ~]$ sudo svnadmin create /home/subversion/test
[simonsun@magic ~]$ sudo cp /home/subversion/test/conf/authz /home/subversion/
[simonsun@magic ~]$ sudo chown apache.apache /home/subversion/ -Rf
[simonsun@magic ~]$ sudo chmod ug+rwx /home/subversion/ -Rf
[simonsun@magic ~]$ sudo vim /home/subversion/authz
在最后添加如下内容(i)
[test:/]
testuser = rw
* =
即:给刚才通过svnadmin创建的资料库test添加访问用户testuser,其资料库权限为读和写rw, *= 表示其他用户没有任何权限访问任何资料库。
2)
下面在mysql里建立登录认证数据库auth,并添加用户名为testuser的记录:
(注:centos下mysql的具体配置参照: CentOS下配置MySQL )
[simonsun@magic ~]$ mysql -u root -p
登录后运行以下建库脚本并添加一条记录,建库脚本参考了/etc/httpd/conf.d/auth_mysql.conf 里的注释内容。
create database auth;
use auth;
CREATE TABLE users ( user_name CHAR(30) NOT NULL, user_passwd CHAR(20) NOT NULL, PRIMARY KEY (user_name) );
GRANT SELECT ON auth.users TO authuser@localhost IDENTIFIED BY 'PaSswoRd2009';
INSERT INTO users VALUES ('testuser', ENCRYPT('testuser'));
3)
下面将上述2个步骤里的资料库信息和登录资料库认证信息配置到httpd里,便于通过http://localhost/svn访问资料库。
(注:centos下httpd的具体配置参照:Linux下无图形化配置万维网服务器httpd )
[simonsun@magic ~]$ sudo vim /etc/httpd/conf.d/subversion.conf
在最后添加如下内容(i),注意各个属性和前面2步一一对应。
<Location /svn>
DAV svn
SVNParentPath /home/subversion/
AuthzSVNAccessFile /home/subversion/authz
AuthName "SimonSun's Repository"
AuthType Basic
AuthMYSQLEnable on
AuthMySQLUser authuser
AuthMySQLPassword "PaSswoRd2009"
AuthMySQLDB auth
AuthMySQLUserTable users
AuthMySQLNameField user_name
AuthMySQLPasswordField user_passwd
require valid-user
</Location>
[simonsun@magic ~]$ sudo /usr/sbin/httpd -t
Syntax OK
4)
下面通过openssl生成证书,便于通过https也能访问资料库。
[simonsun@magic ~]$ sudo vim /etc/httpd/conf/httpd.conf
找到:
#ServerName www.example.com:80
在其后添加(magic.linux为主机名):
ServerName magic.linux:80
[simonsun@magic ~]$ cd /etc/pki/tls/certs/
[simonsun@magic certs]$ sudo mv ../private/localhost.key ../private/localhost.key.bak
[simonsun@magic certs]$ sudo /usr/bin/openssl genrsa -out ../private/localhost.key 1024
Generating RSA private key, 1024 bit long modulus
................................++++++
...........++++++
e is 65537 (0x10001)
[simonsun@magic certs]$ sudo make testcert
umask 77 ; \
/usr/bin/openssl req -utf8 -new -key /etc/pki/tls/private/localhost.key -x509 -days 365 -out /etc/pki/tls/certs/localhost.crt -set_serial 0
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:CN
State or Province Name (full name) [Berkshire]:Beijing
Locality Name (eg, city) [Newbury]:Beijing
Organization Name (eg, company) [My Company Ltd]:Beijing
Organizational Unit Name (eg, section) []:Beijing
Common Name (eg, your name or your server's hostname) []:magic.linux
Email Address []:shellfisher@126.com
[simonsun@magic certs]$ ls
ca-bundle.crt localhost.crt make-dummy-cert Makefile
5)
从新启动一下httpd
[simonsun@magic certs]$ sudo /etc/rc.d/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
现在就可以打开浏览器访问svn资料库了:
http://localhost/svn/test 或者 https://magic.linux/svn/test
用户名和密码是testuser/testuser。
注意事项是,到了最后,如果开启着SELinux(Security-Enhanced Linux)可能会提示httpd访问受限,
如果不常用SELinux,可以在system-config-securitylevel里禁用SELinux。
如果出现其他错误,可以通过查看错误日志来找出问题所在:
[simonsun@magic certs]$ sudo vim /var/log/httpd/error_log
访问subversion资料库的各种日志包含在httpd的日志里,
[simonsun@magic certs]$ sudo ls /var/log/httpd/
access_log access_log.3 error_log.1 error_log.4 ssl_access_log ssl_error_log.2 ssl_request_log
access_log.1 access_log.4 error_log.2 nss_access_log ssl_error_log ssl_error_log.3
access_log.2 error_log error_log.3 nss_error_log ssl_error_log.1 ssl_error_log.4
[simonsun@magic certs]$
参考链接:
http://wiki.centos.org/HowTos/Subversion
http://doc.iusesvn.com/show-12-1.html
=========================
原创作者: shellfish
阅读:5234次
评论:0条
更新时间:2011-05-26
评论 共 0 条 请登录后发表评论