CentOS Native certified Apache certified MySQL Certified

Source: Internet
Author: User
Tags http authentication readable svn

This system: centos6.5_x64 local lamp environment ip:192.168.184.129

First, build svn, to achieve SVN access, local user authentication

Second, the implementation of HTTP access, Apache local file authentication


Subversion Directory Description:
*dav directory: is to provide Apache and MOD_DAV_SVN use of the directory, let them store internal data
*DB Directory: All version-controlled data storage files
*hooks directory: The directory where the hook script files are placed
*locks directory: Used to place subversion to see the hard lock data of the directory, used to track access to the vault client
*format file: is a text file with only an integer in it. Represents the version number of the current vault configuration
*conf directory: Is the configuration file of this warehouse (user access account, permissions, etc.) of the warehouse


First, build SVN service;

1, build SVN service;

[email protected] ~]# Yum install ntsysv vim-enhanced Subversion mod_perl gcc-c++ make Unzip-y

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/58/44/wKioL1StN43SR00EAANx0Qfip7Q061.jpg "title=" 1.png " alt= "Wkiol1stn43sr00eaanx0qfip7q061.jpg"/>

2. Create a new directory to store all SVN files and build repositories

[Email protected] ~]# mkdir/opt/svn[[email protected] ~]# svnadmin CREATE/OPT/SVN/SVN

3. Initialize the directory in the repository;

Warehouse Directory Structure Description:

[[email protected] ~]# mkdir svn svn/dev svn/qa svn/ops svn/pub svn/ops/web svn/ops/wap[[email protected] ~]# tree Svnsvn├ ──dev #研发目录 ├──ops #运维目录 │├──wap #工程目录 │└──web├──pub #公共目录 └──qa #测试目录6 directories, 0 files

Import Warehouse:

[[Email protected] ~]# SVN import svn/file:///opt/svn/svn/-M "Init svn repo" Add svn/ops add Svn/ops/wap Increase Svn/ops/web increase svn/qa increase svn/pub increase Svn/dev post-commit version is 1. [Email protected] ~]# RM-RF svn/


4. Add Users

To add SVN users is very simple, just add a "Username=password" entry in the/opt/svn/svn/conf/passwd file.

[Email protected] conf]# Pwd/opt/svn/svn/conf[[email protected] conf]# cat passwd |grep-v ^#[users]admin = admin #管 Manager dev = Dev #研发测试账号qa = QA Ops = OPSZQ = Zq #普通个人账号

5. Modify the user access policy
/opt/svn/opt/conf/authz record the user's access policy,

[[email protected] conf]# Cat authz[groups]g_admin = Adming_dev = Devg_qa = Qag_ops = ops,zq[svn:/] @g_admin = rw* =[svn:/d EV] @g_admin = Rw@g_dev = Rw@g_qa = r* =[svn:/qa] @g_admin = Rw@g_qa = Rw@g_dev = R@g_ops = r* =[svn:/ops] @g_admin = Rw@g_op s = Rw@g_qa = r* =[svn:/pub] @g_admin = Rw@g_ops = Rw@g_qa = Rw@g_dev = rw* =

Note: The above information indicates that only the Admin user group has read and write access to the root directory. R indicates that the directory has Read permissions, W indicates that the directory has write permissions, and RW indicates that the directory has read and write permissions. The last line of * = indicates that no one else is allowed to access this directory except for the user group with the permissions set above. This is very important, be sure to add!

6. Modify the svnserve.conf file for the user and policy configuration to take effect.

[email protected] conf]# Cat svnserve.conf[general]anon-access = noneauth-access = Writepassword-db =/opt/svn/svn/conf /passwdauth-db =/OPT/SVN/SVN/CONF/AUTHZ[SASL]
anon-access controls the permissions of non-authenticated users to access the repository. The value range is "write", "read" and "none" i.e. "write" is readable writable, "read" is read-only and "none" means no access. Default value: Read
Auth-access Controls access to the repository for authentication users. The values range from "write", "read" and "none". That is, "write" is readable and writable, "read" is read-only and "none" means no access. Default value: Write
PASSWORD-DB Specifies the user name password file name. The file location is relative to the relative path of the Conf directory unless you specify an absolute path. Default value: passwd
AUTHZ-DB Specifies the permission profile file name through which path-based access control can be implemented. The file location is relative to the relative path of the Conf directory unless you specify an absolute path. Default value: Authz

7. Start SVN service

[Email protected] ~]# svnserve-d-R/OPT/SVN

8. Testing Service

[[Email protected] ~]# SVN co svn://192.168.184.129/svn--no-auth-cache--username username--password passwd

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/58/51/wKiom1SuMNvQmCnEAAKXXo9jMRc301.jpg "title=" a1.jpg "alt=" Wkiom1sumnvqmcneaakxxo9jmrc301.jpg "/>


Test submission

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/58/4E/wKioL1SuMsnwBdVCAAGKfHhGfis117.jpg "title=" a2.jpg "alt=" Wkiol1sumsnwbdvcaagkfhhgfis117.jpg "/>


Second, the implementation of HTTP access, Apache local file authentication

Because the password for the SVN server is plaintext, the HTTP server is not supported, so it needs to be converted to the HTTP supported format.

1, install Apache SVN integrated Dependency package, will produce two so files,

LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so
[email protected] ~]# Yum install mod_dav_svn-y

2. Convert SVN User Configuration to HTTP authentication file

Here is a small script; easy conversion

[Email protected] conf]# Pwd/opt/svn/svn/conf[[email protected] conf]# cat stoh.pluse warnings;use strict;open (FILE, "p ASSWD ") or Die (" Cannot open the passwd file!!! N "), open (Out_file," >webpasswd ") or Die (" Cannot open the WEBPASSWD FILE!!! N "), Close (Out_file), foreach (<FILE>) {if ($_ =~ m/^[^#].*=/) {$_ =~ s/=//; ' Htpasswd-b webpasswd $_ ';}}

to convert;

[[Email protected] conf]# perl stoh.pladding password for user adminadding password for user devadding password for user q aadding Password for user opsadding password for user zq

3. Modify httpd.conf to add content about SVN server

[Email protected] conf]# Vim/etc/httpd/conf/httpd.conf#add for Svn<location/svn>dav svnsvnpath/opt/svn/svn/ AuthType basicauthname "Authentication for SVN" authuserfile/opt/svn/svn/conf/webpasswdauthzsvnaccessfile/opt/svn/ Svn/conf/authzsatisfy Allrequire valid-user</location>

Restart Service

[Email protected] conf]#/etc/init.d/httpd restart

4, the page test;

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/58/4E/wKioL1SuNkeBSCKeAAEPJcqNnG4284.jpg "style=" float: none; "title=" a3.jpg "alt=" Wkiol1sunkebsckeaaepjcqnng4284.jpg "/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/58/51/wKiom1SuNYbTnG08AAC4ZCos-5g315.jpg "style=" float: none; "title=" a4.jpg "alt=" Wkiom1sunybtng08aac4zcos-5g315.jpg "/>

Switch Account Test

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/58/4E/wKioL1SuNq7g0sWeAAFnkLDbeIE890.jpg "style=" float: none; "title=" a5.jpg "alt=" Wkiol1sunq7g0sweaafnkldbeie890.jpg "/>



This article is from the "Big Wind" blog, please be sure to keep this source http://lansgg.blog.51cto.com/5675165/1602593

CentOS Native certified Apache certified MySQL Certified

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.