Debian installs SVN Apache little kee. Authzsvnaccessfile does not take effect.

Source: Internet
Author: User
Tags md5 md5 encryption svn fully qualified domain name

1, install Apache, svnapt-get install apache2 subversion LIBAPACHE2-SVN

Not installing Apache is not accessible in HTTP mode.

The Subversion server does not require Apache, but Apache can be used, depending on the situation.
1, if only through file://or svn://to access, then do not need Apache, only install SVN, use Svnserve as a service.
2. If you want to build a repository server that can be accessed by http://or https://, you will need to use Apache.

2, version information.

root# SVN--version
SVN, version 1.6.17 (r1128011)
Compiled Dec 20 2014, 19:48:25

Root#apachectl-v

Server version: apache/2.2.22 (Debian)
Server Built:dec 23 2014 22:48:32

3, create the repository and transfer all rights to Apache2

Svnadmin Create/disk1/d1/svn/project


Chown Www-data:www-data-r/disk1/d1/svn/project

4, modify/etc/apache2/mods-enabled/dav_svn.conf

is actually a software connection:

[Email protected]:/etc/apache2/mods-enabled# ls-l

lrwxrwxrwx 1 of root root 2 17:05 dav_svn.conf. /mods-available/dav_svn.conf

Corresponds to the/mods-available/dav_svn.conf this file.

Open this file for visible content. Many versions of dav_svn.conf on the web are not the latest version.

[email protected]:/etc/apache2/mods-enabled# cat dav_svn.conf# dav_svn.conf-example Subversion/apache configuration## for details and further options see the Apache User manual and# the Subversion book.## note:for a setup W ith multiple vhosts, you'll want to does this# configuration in/etc/apache2/sites-available/*, not here.#< LocationURL>...</ Location># URL Controls how the repository appears to the outside world.# in this example clients access the repository as HTTP ://hostname/svn/# note, a literal/svn should not exist in your document root.< Location/SVN># Uncomment this to enable the repository DAV SVN # Set this to the path to your repository #SVNParentPath/disk1 /d1/svn/project # Alternatively, use Svnparentpath if you had multiple repositories under # under a single directory (/  VAR/LIB/SVN/REPO1,/var/lib/svn/repo2, ...).  # You need either Svnpath and Svnparentpath, but not both. SVNPARENTPATH/DISK1/D1/SVN # Access control is do at 3 levels: (1) Apache authentication, via # any of several method  S. A "Basic Auth" section was commented out # below. (2) Apache<Limit>and<limitexcept> #用户密码文件. AUTHUSERFILE/ETC/APACHE2/DAV_SVN.PASSWD # To enable authorization via MOD_AUTHZ_SVN (enable that module separately): 
    <Ifmodulemod_authz_svn.c>#用户权限 Certification Documents
Authzsvnaccessfile/etc/apache2/dav_svn.authz</Ifmodule># The following three lines allow anonymous read, but make # Committers authenticate themselves. It requires the ' Authz_user ' # module (enable it with ' a2enmod '). #<limitexceptGET PROPFIND OPTIONS Report>
#需要用户认证 Require Valid-user #</limitexcept> </ Location>

5, modify the SVN permission settings, the permission principal can be a person or group, the directory for the node to set the read/write bit, the following is a sample:
/etc/apache2/dav_svn.authz
Directory structure
SVN---
+++++++project
++++++++++++++client
++++++++++++++++++++test1
++++++++++++++document
[Groups]admin = Test1,test2group_a =test3

[svn:/]
*=
[project:/]
*=

@admin =RW

[Project:/client]
*=

@group_a =RW

@admin =RW
[Project:/client/test1]
*=
Test1=rw
[Project:/document]
*=
Test2=rw

*= empty is not authorized,

R Read

W Write permission

6. Create an Account

#/etc/apache2

First add-chtpasswd-c dav_svn.passwd test//htpasswd dav_svn.test2

Reset Password:

[Email protected]:/etc/apache2# htpasswd--helpusage:        htpasswd [-CMDPSD] passwordfile username        htpasswd-b[ CMDPSD] passwordfile username password        Htpasswd-n[mdps] username        Htpasswd-nb[mdps] Username password-c  Create a new file. -N  Don ' t update file; display results on stdout.-M force  MD5 Encryption of the password (default).  #-M Reset password -D force  CRYPT encryption of the password.-p do not  encrypt the password (plaintext).-S
    force SHA Encryption of the password. -B Use the password from the  command line rather than prompting for it.-D  Delete the specified user. On other systems than Windows, NetWare and TPF the '-p ' flag would probably not work. The SHA algorithm does not use a salt and are less secure than the MD5 algorithm.

#

Htpasswd-m dav_svn.passwd liutxxx

7, restart Apache in effect

[Email protected]:/etc/apache2# service apache2 Restart
Restarting Web server:apache2apache2:Could not reliably determine the server ' s fully qualified domain name, using 10.175 .197.65 for ServerName
... waiting apache2:could not reliably determine the server ' s fully qualified domain name, using 10.175.197.65 for server Name
.

8, Access.

Go to Web page open http://127.0.0.1/svn/project/Document/

All users are found to have access and permissions do not take effect.

Once suspected:

1, the permissions file path is correct

2, permission file Dav_svn.authz whether chmod 777 Dav_svn.authz

3, focus ...

The old version is reported as "Apache illegal directive ' authzsvnaccessfile '" but the new version did not report an error, but the same reason.

Restart Apache report illegal directive ' authzsvnaccessfile ', then most likely is ' authz_svn_module ' does not load or Apache own load order problem, can in mods-available/ Dav.load manually loading the module solves the problem. (Add the last line below)

Reference URL: http://www.cnblogs.com/liuyangnuts/archive/2013/03/19/2965256.html

# File:/etc/apache2/mods-available/dav.loadloadmodule dav_module/usr/lib/apache2/modules/mod_dav.soloadmodule Authz_svn_module/usr/lib/apache2/modules/mod_authz_svn.so

The new version will not report Authzsvnaccessfile will only have no authority, this is disgusting my day.

Restart Apache:service apache2 Restart

Then go to the Web page to see, can correctly verify permissions.

The SVN build is now complete.

Debian installs SVN Apache little memory. Authzsvnaccessfile does not take effect.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.