时间戳

首页 > 技术文章 > centos apache svn配置

centos apache svn配置

saneri 2016-08-17 16:41 原文

单独安装svn服务:

安装svn软件

yum install subversion

创建根目录

mkdir -p /var/www/svn

创建版本库repos

svnadmin create /var/www/svn/repos

查看是否安装成功,出现版本信息为成功

svnserve --version

修改vim /var/www/svn/repos/conf/svnserve.conf 配置文件  

去掉如下几行的注释
anon-access = none
auth-access = write
password-db = passwd
authz-db = authz
###################################################################
anon-access = none 		     # 使非授权用户无法访问
auth-access = write 	          # 使授权用户有写权限
password-db = passwd 	          # 指明密码文件路径
authz-db = authz 			# 访问控制文件
####################################################################

修改passwd文件

[users]

# harry = harryssecret
# sally = sallyssecret

user1 = 123
user2 = 123

用户名 = 密码
各语句都必须顶格写, 左侧不能留空格, 否则会出错.

修改authz认证文件

vim /var/www/svn/repos/conf/auth
[groups]

admin = user1

[repos:/]

@admin = rw

user2 = r

将用户添加到组,可以添加多个用户,用户之间用逗号分开

各语句都必须顶格写, 左侧不能留空格, 否则会出错.

启动svn服务:

svnserve -d -r /var/www/svn/

访问地址:

svn://ip/repos

至此单独svn的部署完毕!  

Apache+SVN配置

  

开始安装步骤:

安装subversionhttpd mod_dav_svn

yum install httpd -y 

yum install subversion mod_dav_svn -y

安装好svn后svn的配置文件默认在Apache的目录/etc/httpd/conf.d/下

[root@localhost~]# ll /etc/httpd/conf.d/
总用量 20
-rw-r--r--  1 root root 1796 4月  17 2014 perl.conf
-rw-r--r--. 1 www  www   674 10月 31 2014 php.conf
-rw-r--r--  1 www  www   392 7月  18 23:24 README
-rw-r--r--  1 www  www  1663 8月  16 15:47 subversion.conf
-rw-r--r--  1 www  www   299 7月  12 19:00 welcome.conf  

打开配置文件subversion.conf

[root@localhost conf.d]# more subversion.conf    

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

#
# Example configuration to enable HTTP access for a directory
# containing Subversion repositories, "/var/www/svn".  Each repository
# must be both:

文件开头这两行为加载svn模块,如果没有则表示安装不成功.

让apache支持svn访问,并制定svn的版本库目录位置

vim /etc/httpd/conf.d/subversion.conf

<Location /repos>                             #创建的svn根目录
        DAV svn
        SVNPath /var/www/svn/repos/               #svn版本库路径
        AuthType Basic
        AuthName "svn"
        AuthUserFile /var/www/svn/repos/conf/passwd     #svn的密码文件路径
        Require valid-user
</Location>  

创建svn版本库:

mkdir -p /var/www/svn

svnadmin create /var/www/svn/repos

chown -R apache:apache /var/www/svn/repos

repos目录下会生成七个文件:

[root@localhost ]# ll /var/www/svn/repos/ 
总用量 28
drwxr-xr-x 2 www www 4096 8月  16 13:00 conf
drwxr-xr-x 3 www www 4096 8月  16 16:42 dav
drwxr-sr-x 6 www www 4096 8月  16 16:42 db
-r--r--r-- 1 www www    2 8月  15 18:37 format
drwxr-xr-x 2 www www 4096 8月  15 18:37 hooks
drwxr-xr-x 2 www www 4096 8月  15 19:28 locks
-rw-r--r-- 1 www www  229 8月  15 18:37 README.txt

添加用户分配权限

创建svn的账号,并制定密码文件:

htpasswd –c /var/www/svn/repos/conf/passwd  admin

//例如创建用户名为admin,会提示输入密码,密码最好有点复杂强度。

//注意这里的路径一定要和上面/etc/httpd/conf.d/subversion.conf文件中的路径一样,参数“-c”的意思是创建这个文件,再次创建其他账号的时候不要再加“-c”否则文件会被覆盖掉。

创建权限控制文件 authz,也可以直接使用默认文件  

[groups]        				#定义组

manager = admin
yanfa = user1,user2			     #组名为yanfa,组内的成员为user1,user2
ceshi = test1,test2
	
[repos:/]					#定义用户或组对svn根目录的权限
@manager = rw			          #manager组有读和写的权限
* = r

[repos:/yanfa]
@admin = rw
@yanfifa = rw
* = r 
[repos:/ceshi]
@ceshi = rw
* = r

这里的文件夹repos:/yanfa和repos:/ceshi 并不是在svn根目录下创建的,而是由有读写权限的用户上传上去的。

至此,svn+Apache搭建完毕,启动服务

/etc/init.d/httpd start 
svnserve -d -r /var/www/svn/

#svn默认端口为3690,关闭svn可以killall svnserve

访问svn地址并跟踪日志信息:

http://ip地址/repos

[root@localhost ~]# ls -lh /etc/httpd/logs/
总用量 104K
-rw-r--r--  1 root   root   211K 8月  16 18:26 access_log
-rw-r--r--  1 root   root   395K 8月  16 18:26 error_log

 

Linux下实现客户端修改SVN密码  

  

  

注意:
1、ChangePasswd.ini、ChangePasswd.cgi文件必须放在apache的cgi-bin(根据自己电脑上的路径来,我的是/var/www/cgi-bin)下。
2、修改密码文件的所有者是apache,如果不是,执行chown apache:apache passwd(密码文件)。
3、如果密码是用htpasswd -c 或-m所建,执行htpasswd -b /var/www/svn/repos/conf/passwd usrname password更新。

一、创建ChangePasswd.ini文件

创建一个空文件:
touch /var/www/cgi-bin/ChangePasswd.ini  
a.将以下内容复制到ChangePasswd.ini中
b.注意将文件中authuserfile、logfile处改为你自己的路径。第一行为所建用户和密码文件的路径。第二行为修改密码的日志的路径(该文件是自己建的)。
cat /var/www/cgi-bin/ChangePasswd.ini  
[path]
authuserfile=/var/www/svn/repos/conf/passwd
logfile=/var/www/cgi-bin/ChangePasswd.log
[setup]
pwdminlen=8
[html]
title=SVN用户密码自助修改
description=SVN用户密码自助修改
yourname=用户名
oldpwd=旧密码
newpwd1=新密码
newpwd2=确认新密码
btn_change=修 改
btn_reset=重 置

changepwdok=成功修改密码
changepwdfailed=修改密码失败
servererror=服务器错误
passmustgreater=新密码位数必须大于
twopassnotmatched=两密码不一致
entername=请输入用户名
enterpwd=密码未输入
errorpwd=你的密码不正确
back=返回
ChangePasswd.ini文件内容

二、创建ChangePasswd.cgi文件并设置其权限

创建一个空文件:

touch /var/www/cgi-bin/ChangePasswd.cgi
a.将以下内容复制到ChangePasswd.cgi中,设置其权限为755(可执行)
b.命令:chmod 755 ChangePasswd.cgi.
c.文件中126行改为自己的ChangePasswd.ini文件存放位置; my $inifile = "/var/www/cgi-bin/ChangePasswd.ini";
[root@localhost~]# cat /var/www/cgi-bin/ChangePasswd.cgi
#!/usr/bin/perl -w

use strict;
use CGI;
my $time        = localtime;
my $remote_id   = $ENV{REMOTE_HOST} || $ENV{REMOTE_ADDR};
my $admin_email = $ENV{SERVER_ADMIN};

my $cgi = new CGI;
my $pwd_not_alldiginal = "密码不能全为数字";
my $pwd_not_allchar = "密码不能全为字符";
my $user_not_exists ="该用户不存在";
my $file_not_found ="文件不存在,请联系管理员";

my $authuserfile;
my $logfile;
my $pwdminlen;
my $title;
my $description;
my $yourname;
my $oldpwd;
my $newpwd1;
my $newpwd2;
my $btn_change;
my $btn_reset;

my $changepwdok;
my $changepwdfailed;
my $oldpwderror;
my $passmustgreater;
my $twopassnotmatched;
my $entername;
my $enterpwd;
my $errorpwd;
my $back;

&IniInfo;

if ($cgi -> param())
{#8
my $User = $cgi->param('UserName');
my $UserPwd = $cgi->param('OldPwd');
my $UserNewPwd = $cgi->param('NewPwd1');
my $MatchNewPwd = $cgi->param('NewPwd2');

if (!$User)
     {&Writer_Log("Enter no user name");
       &otherhtml($title,$entername,$back);}
elsif (!$UserPwd )
    {&Writer_Log("Enter no OldPasswd");
     &otherhtml($title,$enterpwd,$back); }
elsif (length($UserNewPwd)<$pwdminlen)
    {&Writer_Log("Password's length must greater than".$pwdminlen);
     &otherhtml($title,$passmustgreater.$pwdminlen,$back);}
elsif ($UserNewPwd =~/^\d+$/)
    {&Writer_Log("New Passwd isn't all diginal");
     &otherhtml($title,$pwd_not_alldiginal,$back);}
elsif ($UserNewPwd =~/^[A-Za-z]+$/)
    {&Writer_Log("New Passwd isn't all char");
     &otherhtml($title,$pwd_not_allchar,$back);}
elsif ($UserNewPwd ne $MatchNewPwd)
    {&Writer_Log("Two new passwords are not matched");
     &otherhtml($title,$twopassnotmatched,$back);}
else
{if($authuserfile)
{#6
open UserFile, "<$authuserfile" or die "打开文件失败:$!";
while (<UserFile>)
    {#5
       my $varstr=$_;

       if($varstr =~/($User)/)
    {#3
     my $eqpos =index($varstr, ":");
     my $UserName = substr($varstr,0,$eqpos);
     my $cryptpwd = substr($varstr,$eqpos + 1,13);
   
     next if($UserName ne $User);
       
     if(crypt($UserPwd,$cryptpwd) eq $cryptpwd)
     {#a
      my $rc = system("/usr/bin/htpasswd -b $authuserfile $User $UserNewPwd");
      if ($rc == 0)
         {#1
            &Writer_Log( $User.":Change Passwd");
            &otherhtml($title,$changepwdok,$back);
          }#1
       else
          {#2
           &Writer_Log( $User.":Change Passwd Failed");
           &otherhtml($title,$changepwdfailed,$back);
          }#2
       exit;
     }#a
     else
     {#b
      &Writer_Log("Old Passwd is Incorrect ");
      &otherhtml($title,$errorpwd,$back);
     }#b
     exit;      
    }#3
       else
    {#4
     if(eof)
     { &Writer_Log($User.":no this user");
       &otherhtml($title,$user_not_exists,$back);
       exit;
     }
     else
     {next;}
    }#4  
     }#5
   close UserFile;
}#6
else
{#7
   &Writer_Log($authuserfile.":no found");
   &otherhtml($title,$file_not_found,$back);
}#7
}
}#8
else
{&Index_Html;}

sub IniInfo{
my $inifile = "/var/www/cgi-bin/ChangePasswd.ini";
open CGI_INI_FILE, "<$inifile" or die "打开文件失败:$!";;
while (<CGI_INI_FILE>)
{
my $eqpos =index($_,'=');
my $len = length($_);

if ($_ =~/authuserfile/)
{$authuserfile= substr($_, $eqpos + 1, $len - $eqpos -2);}
elsif ($_ =~/logfile/)
{$logfile= substr($_, $eqpos + 1);}
elsif ($_ =~/pwdminlen/)
{$pwdminlen= substr($_, $eqpos + 1);}
elsif ($_ =~/title/)
{$title = substr($_, $eqpos + 1);}
elsif ($_ =~/description/)
{$description = substr($_, $eqpos + 1);}
elsif ($_ =~/yourname/)
{$yourname = substr($_, $eqpos + 1);}
elsif ($_ =~/oldpwd/)
{$oldpwd= substr($_, $eqpos + 1);}
elsif ($_ =~/newpwd1/)
{$newpwd1= substr($_, $eqpos + 1);}
elsif ($_ =~/newpwd2/)
{$newpwd2= substr($_, $eqpos + 1);}
elsif ($_ =~/btn_change/)
{$btn_change = substr($_, $eqpos + 1);}
elsif ($_ =~/btn_reset/)
{$btn_reset = substr($_, $eqpos + 1);}
elsif ($_ =~/changepwdok/)
{$changepwdok = substr($_, $eqpos + 1);}
elsif ($_ =~/changepwdfailed/)
{$changepwdfailed = substr($_, $eqpos + 1);}
elsif ($_ =~/oldpwderror/)
{$oldpwderror = substr($_, $eqpos + 1);}
elsif ($_ =~/passmustgreater/)
{$passmustgreater = substr($_, $eqpos + 1);}
elsif ($_ =~/twopassnotmatched/)
{$twopassnotmatched = substr($_, $eqpos + 1);}
elsif ($_ =~/entername/)
{$entername = substr($_, $eqpos + 1);}
elsif ($_ =~/enterpwd/)
{$enterpwd= substr($_, $eqpos + 1);}
elsif ($_ =~/errorpwd/)
{$errorpwd= substr($_, $eqpos + 1);}
elsif ($_ =~/back/)
{$back = substr($_, $eqpos + 1);}
}
close CGI_INI_FILE;
}

sub Index_Html
{
print "Content-type: text/html\n\n";
print <<END_OF_PAGE;
<html >
<head>
<title>$title</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<body>

<HR>

<center><h1>$description</h1>
</center>
<form method="POST" enctype="multipart/form-data" action="/cgi-bin/ChangePasswd.cgi">
<br>
<TABLE align="center">
<TR><TD class="t_text">$yourname</TD><TD><input type="text" name="UserName" /></TD></TR>
<TR><TD class="t_text">$oldpwd</TD><TD><input type="password" name="OldPwd" /></TD></TR>
<TR><TD class="t_text">$newpwd1</TD><TD><input type="password" name="NewPwd1" /></TD></TR>
<TR><TD class="t_text">$newpwd2</TD><TD><input type="password" name="NewPwd2" /></TD></TR>
</TABLE>
<br>
<TABLE align="center">
<TR><TD><input type="submit" name="chgpasswd" value="$btn_change"> <input type="reset" value="$btn_reset"></TD></TR>
</TABLE>
</form>
<HR>
<font color="#FF0000">注意:新密码位数必需大于$pwdminlen,且为字母与数字组合</font>

</body>
</html>
END_OF_PAGE
}

sub otherhtml{
print "Content-type: text/html\n\n";

print <<END_OF_PAGE;
<html>
<head>
<meta http-equiv="Content-Language" content="zh-cn">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>$_[0]</title>
</head>

<body>
<p align="center"><font size="5">$_[1]</font></p>
<p align="center"><a href="/cgi-bin/ChangePasswd.cgi"><font size="4">$_[2]</font></a></p>

<HR>
</body>

</html>
END_OF_PAGE
}

sub Writer_Log{
if($logfile)
{
my $loginfo ="[".$time."] "." [".$remote_id."] "." || ".$_[0];
open LOGFILE,">>$logfile" or die "Couldn't open LOG FILE for writing: $!";
print LOGFILE ("$loginfo\n");
close LOGFILE;
}
}
ChangePasswd.cgi文件内容

创建ChangePasswd.log文件并设置其权限。

进入目标位置(即你想创建ChangePasswd.log的位置),如: /var/www/cgi-bin(根据自己的位置定),创建一个名为ChangePasswd.log的文件并赋予该文件写的权限:
 
命令:
chmod 666 ChangePasswd.log 
四、修改密码
通过http://ip/cgi-bin/ChangePasswd.cgi修改密码
 
#80对应自己设置的端口。
至此,apache+svn及客户端更改密码配置完成,如有错误查看日志解决!
 
 

参考文档:

http://blog.163.com/dk_linux/blog/static/2032261662014101110411064/

http://blog.sina.com.cn/s/blog_dbc555ef0102v73r.html

 

  

推荐阅读