svn方式很简单,svnadmin create之后svnserve启动就可以访问,用svn+ssh方式需要使用serve的tunel即隧道方式,即在登录时启动一个隧道将请求作为svn方式。
这个方式好像很难找到资料,百度上的真是大多是互相copy,几乎都不验证,费了老半天劲才搞明白如何做。
其中有几点要注意:
1. svn+ssh,需要添加一个linux系统用户,能登录系统的。
2. 用ssh-keygen生成密钥后,需要改为authorized_keys,并且指定command为svnserve的隧道。
3.在checkout时和svn方式不一样,“svn co svn://192.168.11.222/repos”,而后者是“svn co svn+ssh://linuxuser@192.168.11.222/svnroot/repos”,一定要加上路径,否则会说找不到这个repository.
4.新建一个svn用户,在auth里指定权限,在passwd里指定密码,用svn方式就可以访问;同时它可以作为ssh方式的隧道。
5. 新建一个系统用户,在.ssh/authorized_keys指定隧道。
6.需要将svn用户和系统用户都添加到auth里面,否则会说Authorized failed。
以下是详细步骤:
除了“ssh-keygen -t rsa -b 1024”生成密钥那里需要敲几个回车,其他地方都可以直接执行。
echo “for CentOS5.5 x86_64bit”
echo “refer to: http://wiki.centos.org/HowTos/Subversion”
##################################################################################
##################################################################################
# install apache-svn module.
sudo yum install -y subversion
# 安装subversion时会安装svn服务器端
# start svnserver, specifies the svnroot.
sudo mkdir /svnroot
sudo chmod 777 /svnroot
# create repos
cd /svnroot/
svnadmin create repos
# disable anon
cd /svnroot/repos/conf
cat << END > svnserve.conf
[general]
anon-access = none
auth-access = write
password-db = passwd
authz-db = authz
[sasl]
# use-sasl = true
# min-encryption = 0
# max-encryption = 256
END
# add auth
cd /svnroot/repos/conf
# add to the end of file.
cat << END > authz
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# [repository:/baz/fuz]
# @harry_and_sally = rw
[/]
# svnuser is not a system user, just a user in svn, whose password stored in ./passwd.
svnuser=rw
END
# add user to svn
cd /svnroot/repos/conf
cat << END > passwd
[users]
svnuser=svnuser_password
END
# start server
svnserve -d -r /svnroot
# client checkout
cd;
rm -rf repos
svn co svn://192.168.11.222/repos
# support svn+ssh.
##################################################################################
##################################################################################
# add user linuxuser
sudo useradd linuxuser
# set password to linuxuser_password
printf “linuxuser_password\nlinuxuser_password”|sudo passwd linuxuser
# generate public/private key.
sudo su linuxuser
# press enter 3times.
cd;
mkdir .ssh
cd .ssh
ssh-keygen -t rsa -b 1024
# generate tunnel
rm -f authorized_keys
# you may need to modify the svnroot and svnuser if need.
echo -n ‘command=”/usr/bin/svnserve -t -r /svnroot –tunnel-user=svnuser”‘ >> authorized_keys
echo -n ‘,no-port-forwarding,no-pty,no-agent-forwarding,no-X11-forwarding’ >> authorized_keys
echo -n ‘ ‘ >> authorized_keys
cat id_rsa.pub >> authorized_keys
exit
# we must add the svnuser and linuxuser to the svn auth
cd /svnroot/repos/conf
cat << END > authz
[aliases]
# joe = /C=XZ/ST=Dessert/L=Snake City/O=Snake Oil, Ltd./OU=Research Institute/CN=Joe Average
[groups]
# harry_and_sally = harry,sally
# [repository:/baz/fuz]
# @harry_and_sally = rw
[/]
# svnuser is not a system user, just a user in svn, whose password stored in ./passwd.
svnuser=rw
# we must add the linux user also.
linuxuser=rw
END
# chechout
cd;
rm -rf repos
svn co svn+ssh://linuxuser@192.168.11.222/svnroot/repos