mac下配置svn伺服器詳解及使用者的許可權管理(親測)
首先,感謝jsntghf和星辰的天空的好文分享,不是他們的文章,我估計需要花費更多的精力和時間。在這裡我只是對他們文章的潤色和自己測試遇到問題的標註。
Mac自帶了svn伺服器和客戶端,所以只需要簡單配置一下就可以使用
1. 建立svn repository
Shell程式碼
svnadmin create /Users/mac22/svn/repository svnadmin: E000002: Repository creation failed svnadmin: E000002: Could not create top-level directory svnadmin: E000002: Can't create directory '/Users/mac22/svn/repository': No such file or directory
注:mac22是當前登入的使用者名稱,你需要把它更換成你自己的使用者名稱,在建立的時候確保已經svn/repository已經存在,上面的錯誤就是我沒有建立svn/repository造成的
如果在終端輸入svnadmin create /Users/mac22/svn/repository 程式碼,無提示說明建立成功,如下圖所示:
2. 配置svn使用者許可權/Users/mac22/svn/repository/conf/目錄下存在3個檔案: authz、passwd、snvserve.conf
你可以選擇使用文字編輯開啟,也可以使用終端開啟,我這裡選擇了後者
Shell 程式碼
解釋一下主要的幾個命令:cd:進入某一個目錄;ls:瀏覽當前目錄的子目錄 vi: 對檔案進行編輯<pre name="code" class="ruby">martins-mac:conf mac22$ cd /Users/mac22/svn/repository/conf martins-mac:conf mac22$ ls authz passwd svnserve.conf martins-mac:conf mac22$ vi authz
authz內容顯示如下,然後按"i"鍵進行編輯:
### This file is an example authorization file for svnserve. ### Its format is identical to that of mod_authz_svn authorization ### files. ### As shown below each section defines authorizations for the path and ### (optional) repository specified by the section name. ### The authorizations follow. An authorization line can refer to: ### - a single user, ### - a group of users defined in a special [groups] section, ### - an alias defined in a special [aliases] section, ### - all authenticated users, using the '$authenticated' token, ### - only anonymous users, using the '$anonymous' token, ### - anyone, using the '*' wildcard. ### ### A match can be inverted by prefixing the rule with '~'. Rules can ### grant read ('r') access, read-write ('rw') access, or no access ### (''). [aliases] # joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average [groups] # 使用者組 admins=admin # admins是組名,admin是組員,可以寫多個,用”,“分隔.如admins=admin,master
# harry_and_sally = harry,sally
# harry_sally_and_joe = harry,sally,&joe
# [/foo/bar]
# harry = rw
# &joe = r
# * =
<span style="color:#ff0000;">[/]</span>
<span style="color:#ff0000;">@admins=rw # 這裡的意思是admins組的成員都有rw的許可權,rw是讀寫得許可權,也可以寫成admin=rw,只賦予某一個使用者有讀寫許可權
* = # 這裡如果不寫的意思是,下一級目錄的使用者不具備繼承關係,也就是沒有訪問/的許可權,* = r,就是別>的使用者只能遠觀了, * = rw,就讓其他的使用者也有繼承關係了,就是也可具備讀寫許可權</span>
# [repository:/baz/fuz]
# @harry_and_sally = rw
# * = r
~
編輯之後,切換到英文輸入法,然後點選esc,接著輸入:wq儲存,如果輸入有誤可以輸入:q不儲存直接退出
在終端輸入vi passwd編輯passwd,內容如下:
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
admin=123456 # authz 的使用者名稱對應起來,後面是使用者密碼
# harry = harryssecret
# sally = sallyssecret
修改之後記得儲存
在終端輸入vi svnserve.conf編輯svnserve.conf,內容如下:
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit http://subversion.apache.org/ for more information.
[general]
### The anon-access and auth-access options control access to the
### repository for unauthenticated (a.k.a. anonymous) users and
### authenticated users, respectively.
### Valid values are "write", "read", and "none".
### Setting the value to "none" prohibits both reading and writing;
### "read" allows read-only access, and "write" allows complete
### read/write access to the repository.
### The sample settings below are the defaults and specify that anonymous
### users have read-only access to the repository, while authenticated
### users have read and write access to the repository.
<span style="color:#ff0000;"># anon-access = read 匿名使用者有讀的許可權
anon-access = none # 禁用匿名使用者讀的許可權
auth-access = write # 登入使用者的寫的許可權</span>
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the directory containing
### this configuration file.
### If SASL is enabled (see below), this file will NOT be used.
### Uncomment the line below to use the default password file.
<span style="color:#ff0000;">password-db = passwd</span>
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the the
### directory containing this file. If you don't specify an
### authz-db, no path-based access control is done.
### Uncomment the line below to use the default authorization file.
<span style="color:#ff0000;">authz-db = authz</span>
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
# realm = My First Repository
### The force-username-case option causes svnserve to case-normalize
### usernames before comparing them against the authorization rules in the
### authz-db file configured above. Valid values are "upper" (to upper-
### case the usernames), "lower" (to lowercase the usernames), and
### "none" (to compare usernames as-is without case conversion, which
### is the default behavior).
# force-username-case = none
[sasl]
### This option specifies whether you want to use the Cyrus SASL
### library for authentication. Default is false.
### This section will be ignored if svnserve is not built with Cyrus
### SASL support; to check, run 'svnserve --version' and look for a line
### reading 'Cyrus SASL authentication is available.'
# use-sasl = true
### These options specify the desired strength of the security layer
### that you want SASL to provide. 0 means no encryption, 1 means
### integrity-checking only, values larger than 1 are correlated
### to the effective key length for encryption (e.g. 128 means 128-bit
### encryption). The values below are the defaults.
# min-encryption = 0
# max-encryption = 256
3. 啟動伺服器
Shell 程式碼
martins-mac:conf mac22$ svnserve -d -r /Users/mac22/svn/repository/
martins-mac:conf mac22$
svnserve 啟動svn服務; -d 標示svnserve將會作為一個服務程式執行在後臺 -r 標示將/Users/mac22/svn/repository/作為根目錄(網路搜尋的,忘求證)4. 向svn庫匯入一個根目錄
Shell程式碼
martins-mac:conf mac22$ svn import /Users/mac22/svnroot/ svn://localhost:3690/svnroot --username admin --password 123456 -m "Initial import"
Committed revision 1.
martins-mac:conf mac22$
如果出現上面Committed revision 1.說明根目錄建立成功
注:因為我之前已經建立了一個svn,所以這裡為了區分用了一個埠3690,如果你之前沒有建立過,就不需要用埠,直接svn//localhost/svnroot
5. 簽出根目錄
Shell程式碼
martins-mac:conf mac22$ cd /Users/mac22/svncheckout/
martins-mac:svncheckout mac22$ svn checkout svn://localhost/svnroot --username=admin --password=123456
Checked out revision 1.
martins-mac:svncheckout mac22$
解釋一下上面程式碼,先進入你需要簽出的目錄,然後執行簽出,成功之後,會看到如下圖所示:
我個人推薦使用CornerStone,雖然介面不太漂亮,但是比較實用
1. 新增Repository
2. 配置svn server
3. 等待片刻,提示成功,顯示一下介面
到這裡要告一段落,下篇將介紹使用者許可權控制,如果有建議和問題請回復,謝謝!