• debian 安装svn apache 小记. AuthzSVNAccessFile 不生效问题.


    docker 使用docker镜像搭建svn+Apache环境

    https://my.oschina.net/u/2006667/blog/637882

    1,安装 apache ,svnapt-get install apache2 subversion libapache2-svn

    不安装apache  是不能通过http方式来访问的.

     subversion服务器是不需要apache的,但是可以使用apache,视具体情况来选择。
            1、如果只要通过file://或svn://来访问,则不需要apache,只安装svn即可,使用svnserve来作为服务。
            2、如果你要建立一个可以通过http://或https://来访问的版本库服务器,则你需要使用apache。

    2,版本信息.

    root# svn --version
    svn, version 1.6.17 (r1128011)
    compiled Dec 20 2014, 19:48:25

    root#apachectl -v

    Server version: Apache/2.2.22 (Debian)
    Server built: Dec 23 2014 22:48:32

    3,创建版本库并将所有权转让给apache2

    svnadmin create  /disk1/d1/svn/project


    chown www-data:www-data -R  /disk1/d1/svn/project

    4,修改 /etc/apache2/mods-enabled/dav_svn.conf

    实际上是软件连接:

    root@iZ233or8cn2Z:/etc/apache2/mods-enabled# ls -l

    lrwxrwxrwx 1 root root 30 Jul 2 17:05 dav_svn.conf -> ../mods-available/dav_svn.conf

    对应了 /mods-available/dav_svn.conf  这个文件.

    打开这个文件可见内容.网上很多版本的dav_svn.conf已经不是最新的版本了.

    root@iZ233or8cn2Z:/etc/apache2/mods-enabled# cat dav_svn.conf
    # dav_svn.conf - Example Subversion/Apache configuration
    #
    # For details and further options see the Apache user manual and
    # the Subversion book.
    #
    # NOTE: for a setup with multiple vhosts, you will want to do this
    # configuration in /etc/apache2/sites-available/*, not here.
    
    # <Location URL> ... </Location>
    # URL controls how the repository appears to the outside world.
    # In this example clients access the repository as http://hostname/svn/
    # Note, a literal /svn should NOT exist in your document root.
    <Location /svn>
    
      # Uncomment this to enable the repository
      DAV svn
    
      # Set this to the path to your repository
      #SVNParentPath /disk1/d1/svn/project
      # Alternatively, use SVNParentPath if you have multiple repositories under
      # under a single directory (/var/lib/svn/repo1, /var/lib/svn/repo2, ...).
      # You need either SVNPath and SVNParentPath, but not both.
      SVNParentPath /disk1/d1/svn
    
      # Access control is done at 3 levels: (1) Apache authentication, via
      # any of several methods.  A "Basic Auth" section is commented out
      # below.  (2) Apache <Limit> and <LimitExcept>, also commented out
      # below.  (3) mod_authz_svn is a svn-specific authorization module
      # which offers fine-grained read/write access control for paths
      # within a repository.  (The first two layers are coarse-grained; you
      # can only enable/disable access to an entire repository.)  Note that
      # mod_authz_svn is noticeably slower than the other two layers, so if
      # you don't need the fine-grained control, don't configure it.
    
      # Basic Authentication is repository-wide.  It is not secure unless
      # you are using https.  See the 'htpasswd' command to create and
      # manage the password file - and the documentation for the
      # 'auth_basic' and 'authn_file' modules, which you will need for this
      # (enable them with 'a2enmod').
      AuthType Basic
      AuthName "Subversion Repository"
    #用户密码文件. AuthUserFile /etc/apache2/dav_svn.passwd # To enable authorization via mod_authz_svn (enable that module separately):
    <IfModule mod_authz_svn.c>   #用户权限 认证文件
    AuthzSVNAccessFile /etc/apache2/dav_svn.authz
    </IfModule> # The following three lines allow anonymous read, but make # committers authenticate themselves. It requires the 'authz_user' # module (enable it with 'a2enmod'). #<LimitExcept GET PROPFIND OPTIONS REPORT>
    #需要用户认证 Require valid-user #</LimitExcept> </Location>

    5,修改svn权限设置,权限主体可为个人或小组,以目录为节点设置读/写位,下面是样例:

    /etc/apache2/dav_svn.authz
    目录结构
    svn---
    +++++++project
    ++++++++++++++Client
    ++++++++++++++++++++test1
    ++++++++++++++Document
    [groups]
    admin = test1,test2
    group_a =test3
    
    

    [svn:/]
    *=
    [project:/]
    *=

    @admin =rw

    
    

    [project:/Client]
    *=

    @group_a=rw

    @admin=rw
    [project:/Client/test1]
    *=
    test1=rw
    [project:/Document]
    *=
    test2=rw

     

    *=空 是没有权限 ,

    r 读取

    w写入 权限

    6. 创建账户

    #/etc/apache2

    //首次加 -c
    htpasswd -c dav_svn.passwd test
    //
    htpasswd dav_svn.test2

    重置密码:

    root@iZ233or8cn2Z:/etc/apache2# htpasswd --help
    Usage:
            htpasswd [-cmdpsD] passwordfile username
            htpasswd -b[cmdpsD] passwordfile username password
    
            htpasswd -n[mdps] username
            htpasswd -nb[mdps] username password
     -c  Create a new file.
     -n  Don't update file; display results on stdout.
     -m  Force MD5 encryption of the password (default).  # -m 重置密码
     -d  Force CRYPT encryption of the password.
     -p  Do not encrypt the password (plaintext).
     -s  Force SHA encryption of the password.
     -b  Use the password from the command line rather than prompting for it.
     -D  Delete the specified user.
    On other systems than Windows, NetWare and TPF the '-p' flag will probably not work.
    The SHA algorithm does not use a salt and is less secure than the MD5 algorithm.

    #

    htpasswd -m dav_svn.passwd liutxxx

    
    

    7,重启apache生效

    root@iZ233or8cn2Z:/etc/apache2# service apache2 restart
    Restarting web server: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 10.175.197.65 for ServerName
    ... waiting apache2: Could not reliably determine the server's fully qualified domain name, using 10.175.197.65 for ServerName
    .

    8,访问.

    去网页打开 http://127.0.0.1/svn/project/Document/

    发现所有用户都能访问,权限不生效.

    一度怀疑:

    1,权限文件路径是否正确 

    2,权限文件 dav_svn.authz 是否chmod 777 dav_svn.authz

    3,重点...

    老版本是报 "apache报非法指令'AuthzSVNAccessFile' " 但新版本没有报错,却原因一样.

    重启apache报非法指令'AuthzSVNAccessFile',那么很可能是'authz_svn_module'没加载或apache自己加载顺序的问题,可以在 mods-available/dav.load手动加载该模块解决问题。(添加下文中的最后一行即可)

    参考网址:http://www.cnblogs.com/liuyangnuts/archive/2013/03/19/2965256.html

    # file: /etc/apache2/mods-available/dav.load
    
    LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so
    LoadModule authz_svn_module /usr/lib/apache2/modules/mod_authz_svn.so

     新版本 不会报AuthzSVNAccessFile 只会没有权限,这点恶心了我一天.

    重启apache : service apache2 restart

    再去网页看看,能正确验证权限.

    至此 svn 的搭建完成了.

  • 相关阅读:
    2/4 关于 Vue.js 中 this.$nextTick 的个人简单解释
    2/3 初次搭建 Vue 项目遇到的问题汇总
    前端中常见的布局
    如何判断一个变量是否为数组(isArray)
    ubuntu下安装截图工具
    正向代理、反向代理
    javascript中的基本数据类型
    css3 中的渐变
    javascript中的toString()
    ubuntu下面安装nodejs
  • 原文地址:https://www.cnblogs.com/bleachli/p/4616849.html
Copyright © 2020-2023  润新知