1. Preface
Today, the leader asked to set up a set of svn servers to store some documents, which was supposed to be a very simple thing, but the process was not so smooth, mainly because he did not understand the problems caused by SVNParentPath and SVNPath, and only after finding the documents and debugging, did he find out their use and difference, so I hereby record it.
2.centos 7 builds svn+apache server
Turn off selinux and firewall
-
Install svn and apache and mod Dav svn modules
yum install httpd svn mod_dav_svn
Check the svn and apache versions to make sure the installation is successful
[root@chenxz-test1 conf.d]# svn --version svn, version 1.7.14 (r1542130) compiled Apr 11 2018, 02:40:28 Copyright (C) 2013 The Apache Software Foundation. This software consists of contributions made by many people; see the NOTICE file for more information. Subversion is open source software, see http://subversion.apache.org/ The following repository access (RA) modules are available: * ra_neon : Module for accessing a repository via WebDAV protocol using Neon. - handles 'http' scheme - handles 'https' scheme * ra_svn : Module for accessing a repository using the svn network protocol. - with Cyrus SASL authentication - handles 'svn' scheme * ra_local : Module for accessing a repository on local disk. - handles 'file' scheme [root@chenxz-test1 conf.d]# httpd -v Server version: Apache/2.4.6 (CentOS) Server built: Aug 8 2019 11:41:18
4. Create warehouse
#Create warehouse catalog [root@chenxz-test1 ~]# mkdir -p /home/data/svn #Create svn warehouse [root@chenxz-test1 ~]# svnadmin create /home/data/svn/test
5. Create svn user
#Create svn user and password [root@chenxz-test1 conf.d]# htpasswd -c /home/data/svn/passwd chenxz New password: Re-type new password: Adding password for user chenxz
6. User rights management
svn user permissions are controlled by authz file, which is composed of [groups] configuration section and several version library path permission sections
[groups] configuration segment format: < user group > = < user list >
The user list is composed of several user groups or user names. The user groups or user names are separated by commas "," and the prefix "@" is used when referencing user groups
Format of version library path permission section:
[< version library name >: < Path >] for example, the section name of version library path permission section of version library abc path / TMP is "[abc:/tmp]".
The version library name in the segment name can be omitted. If the version library name is omitted, the path permission section of the version library is effective for access control of the same path in all version libraries. Such as: [/tmp]
There are three types of row formats configured in the path permission section of the version Library:
< user name > = < Permission >
< user group > = < Permission >
* = < Permission >
Where "*" indicates any user; the value range of permission is' ','r' and 'rw', '' indicates that there is no permission for the version library path, 'R' indicates that there is read-only permission, 'rw' indicates that there is read-write permission.
Note: only a single user or user group can be configured per line of configuration.
#authz files are available in the conf folder of each warehouse. This is for unified management of user rights, so copy the authorization file from the warehouse to the warehouse's parent directory, cp /home/data/svn/test/conf/authz /home/data/svn/ #Add the following configuration at the end of the auth file [/] chenxz = rw
7. Modify the configuration file / etc / httpd / conf.d/subversion.conf (if not, create a new one)
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn> DAV svn SVNParentPath /home/data/svn AuthType Basic AuthName "Authorization SVN" AuthzSVNAccessFile /home/data/svn/authz AuthUserFile /home/data/svn/passwd Require valid-user </Location>
8. Configure apache permissions on SVN directory
[root@chenxz-test1 ~]# chown apache.apache /home/data/svn/ -R
9. Start apache
[root@chenxz-test1 conf.d]# systemctl start httpd
10. Use http to access, enter the user name and password, and return the version number to build successfully
3. The difference between svnparentpath and SVNPath
Baidu's "the difference between SVNParentPath and SVNPath" is basically the following statement
Find mod ﹣ DAV ﹣ mod in svn Chinese website. You can see the description of SVNParentPath and SVNPath on the official website
So the difference between the two is that SVNParentPath specifies the superior directory of the warehouse, which can manage all the warehouses under its configuration directory. The advantage of this is that only one authz file is needed to manage users. If you need a super administrator account, you can log in to all the warehouses under SVNParentPath. At this time, configuring [/] in the authz file can represent all the warehouses In this case, the [/] configured in authz file can only represent the warehouse, and the disadvantage is that for each additional warehouse, you need to add a Loca to apache Tion. Two configurations and corresponding access methods are shown below.
1. apache configuration when using SVNParentPath
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so #location: the parent directory of the warehouse is used here <Location /svn> DAV svn #To the parent directory of the warehouse SVNParentPath /home/data/svn AuthType Basic AuthName "Authorization SVN" AuthzSVNAccessFile /home/data/svn/authz AuthUserFile /home/data/svn/passwd Require valid-user </Location>
Access mode http://ip / upper level of warehouse / warehouse name Such as http://192.168.202.128/svn/test
2. apache configuration when using SVNPath
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so #location use warehouse directory here <Location /test> DAV svn #Point to warehouse directory SVNPath /home/data/svn/test AuthType Basic AuthName "Authorization SVN" #The authz file points to the authz under the warehouse. Of course, it will not be wrong to point to a unified authz, but it will lose the significance of using SVNPath AuthzSVNAccessFile /home/data/svn/test/conf/authz AuthUserFile /home/data/svn/passwd Require valid-user </Location> #Multiple location s required for multiple warehouses <Location /mytest> DAV svn SVNPath /home/data/svn/mytest AuthType Basic AuthName "Authorization SVN" AuthzSVNAccessFile /home/data/svn/mytest/conf/authz AuthUserFile /home/data/svn/passwd Require valid-user </Location>
Access mode http://ip / warehouse name For example, http://192.168.202.128/test
4. Problems encountered
The problems are all caused by the incorrect directory following the location, SVNPath and SVNParentPath. For example, I configure it as follows
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /test> DAV svn SVNParentPath /home/data/svn/test AuthType Basic AuthName "Authorization SVN" AuthzSVNAccessFile /home/data/svn/authz AuthUserFile /home/data/svn/passwd Require valid-user </Location>
The following error will appear
For example, I configure it as follows
LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /test> DAV svn SVNPath /home/data/svn AuthType Basic AuthName "Authorization SVN" AuthzSVNAccessFile /home/data/svn/authz AuthUserFile /home/data/svn/passwd Require valid-user </Location>
The following error will appear
Reference resources:
1. CentOS7+Apache+SVN installation configuration and HTTP access
2. SVNParentPath and SVNPath in SVN+apache
3. Mod - SVN