Use and permission configuration of SVN Server in Linux

Use and permission configuration of SVN Server in Linux

I. Install SVN

In Linux, you can directly obtain the svn server using the following command: (the server system I use is the stable version of Debian 7.5)

Apt-get install subversion

After the installation is complete, you can view the installed version through svnserve -- version. The svn server version I use is 1.6.17:

2. Create a code library

Create a database (take the test database as an example ):

Sudo svnadmin create/home/user/svn/test

In this way, a simple code repository is created.

Start the svn service:

Svnserve-d-r/home/user/svn/test

Then the client can access svn through "svn: // ip. ip/test.

 

Iii. Permission Configuration

After entering the test directory, you will see a "conf" folder in it, enter the conf folder, ls, and you will see three files authz, passwd, and svnserve. conf three configuration files, where authz is used to configure user access permissions, passwd is used to configure the user and password, svnserve. conf is used to configure the entire svnserve process.

Use nano or vi to open svnserve. conf, find "# password-db = passwd". This statement specifies the user configuration file corresponding to the current database. We need to delete the "#" And space at the front of the file;

Find "# anon-access = none"

The first sentence of "# auth-access = write" is used to control anonymous access. We can set it to none directly, the second sentence is used to control the permissions of users who have been verified to allow access to the database. Here we can set it to write. Of course, we also need to delete the "#" And spaces in the front;

Find "# authz-db = authz", which is used to specify the user permission configuration file for the current database. we delete the "#" And space at the front of the file, in this way, the database must match the user permission according to the configuration file authz during running.

By now, all our configuration files can play their due role, and the following is the detailed Configuration:

For passwd:

Simply add a user directly at the end. The format is "user name = password", for example, "test_user = 12345"

For authz:

There are two types of configuration: [groups] configuration and configuration starting with [repo.

1. The configuration of [groups] is easy to understand, that is, group. The format is also relatively simple, that is, "group_name = user1, user2, user3". If there are multiple users, you can directly splice them with ",", for example:

 

[Groups]

 

# Manager

G_manager = michael

# Beijing office staff

G_beijing = scofield

# Shanghai office staff

G_shanghai = lincon

# General Headquarters staff

G_headquarters = rory, linda

2. configuration starting with [repo:/]. The [gourps] configuration above is used to divide user groups: /] the configuration at the beginning is used to divide the user's read and write permissions. repo indicates the name of your database, that is, the "test" database created by the "svnadmin create/home/user/svn/test" command is used above. The following example shows how to use it:

Restrict the root directory of the Project. Only the manager can modify the directory. Others can only read the directory:

[Test:/]

@ G_manager = rw

* = R

"[Test:/]" indicates the relative root node of the directory structure, or the root directory of the test project. "@" Indicates the group name, not the user name. Because there is only one michael in the g_manager group, you can replace the line "@ g_manager = rw" with "michael = rw", which means exactly the same.

"*" Indicates "all others except those mentioned above", that is, "all others except department managers"

"* = R" indicates "those users can only read but cannot write ".

For subdirectories under the root directory, the permission configuration method is the same. You need to specify the address, that is, [test:/folder1/folder2]. I will not go into details here.

Note: In the configuration, we may encounter a situation like "* =", which aims to cut off the inheritance of permissions. If this statement is added to the permission configuration of a level-1 directory, it indicates that other users except the users in this configuration do not have any rights to this level-1 directory and are neither readable, not writable.

After all the three files are configured, the next step is to make them take effect. First, we need to ensure that the svnserve service has been stopped, you can run "ps aux | grep svn" to check that svn is still running, if it is still running, stop it by "kill-9 [svn process number, then run the "svnserve-d-r/home/user/svn/" command to restart the svn service. All the three files configured above work!