前言

• OS: CentOS Linux release 7.9.2009 (Core)

通过yum源安装subversion 和 mod_dav_svn

shell> yum install subversion
shell> yum install mod_dav_svn
1
2

• 通过yum源安装的subversion，既包含服务端，又包含客户端。
• 通过yum源安装的mod_dav_svn，是个带了mod_dav、mod_dav_svn、mod_authz_svn的apache。

检查subversion是否安装成功

shell> svn --version
svn, version 1.10.2 (r1835932)
   compiled Feb 22 2021, 05:02:40 on x86_64-redhat-linux-gnu

Copyright (C) 2018 The Apache Software Foundation.
This software consists of contributions made by many people;
see the NOTICE file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository access (RA) modules are available:

* ra_svn : Module for accessing a repository using the svn network protocol.
  - with Cyrus SASL authentication
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme
* ra_serf : Module for accessing a repository via WebDAV protocol using serf.
  - using serf 1.3.9 (compiled with 1.3.9)
  - handles 'http' scheme
  - handles 'https' scheme

The following authentication credential caches are available:

* Plaintext cache in /root/.subversion
* Gnome Keyring
* GPG-Agent
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

检查apache是否安装成功

尝试启动apache，如果能够启动成功，就表示apache安装成功。

1. 查看apache版本

shell> httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built:   Mar 24 2022 14:57:57
1
2
3

2. 启动 apache

shell> systemctl start httpd
1

3. 查看 apache 的运行状态，其状态为Active: active (running)时，表示apache已启动成功。

shell> systemctl status httpd
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: active (running) since Sun 2022-09-04 10:55:17 CST; 1s ago
     Docs: man:httpd(8)
           man:apachectl(8)
 Main PID: 25818 (httpd)
   Status: "Processing requests..."
    Tasks: 6
   Memory: 3.0M
   CGroup: /system.slice/httpd.service
           ├─25818 /usr/sbin/httpd -DFOREGROUND
           ├─25819 /usr/sbin/httpd -DFOREGROUND
           ├─25820 /usr/sbin/httpd -DFOREGROUND
           ├─25821 /usr/sbin/httpd -DFOREGROUND
           ├─25822 /usr/sbin/httpd -DFOREGROUND
           └─25823 /usr/sbin/httpd -DFOREGROUND

Sep 04 10:55:17 tencent-test-02 systemd[1]: Starting The Apache HTTP Server...
Sep 04 10:55:17 tencent-test-02 httpd[25818]: AH00558: httpd: Could not reliably determine the server's fully q...ssage
Sep 04 10:55:17 tencent-test-02 systemd[1]: Started The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

4. 还可以通过浏览器访问 apache，查看其提供的默认网页
   
   注意：不同版本的apache提供的默认网页是不一样的。

apache无法启动错误：Address already in use

apache无法启动，查看日志，发现错误为Address already in use。

shell> systemctl start httpd
Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details.

shell> systemctl status httpd.service
● httpd.service - The Apache HTTP Server
   Loaded: loaded (/usr/lib/systemd/system/httpd.service; disabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Sun 2022-09-04 10:57:01 CST; 1min 6s ago
     Docs: man:httpd(8)
           man:apachectl(8)
  Process: 26171 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE)
 Main PID: 26171 (code=exited, status=1/FAILURE)

Sep 04 10:57:01 tencent-test-02 systemd[1]: Starting The Apache HTTP Server...
Sep 04 10:57:01 tencent-test-02 httpd[26171]: AH00558: httpd: Could not reliably determine the server's fully q...ssage
Sep 04 10:57:01 tencent-test-02 httpd[26171]: (98)Address already in use: AH00072: make_sock: could not bind to...:]:80
Sep 04 10:57:01 tencent-test-02 httpd[26171]: (98)Address already in use: AH00072: make_sock: could not bind to....0:80
Sep 04 10:57:01 tencent-test-02 httpd[26171]: no listening sockets available, shutting down
Sep 04 10:57:01 tencent-test-02 httpd[26171]: AH00015: Unable to open logs
Sep 04 10:57:01 tencent-test-02 systemd[1]: httpd.service: main process exited, code=exited, status=1/FAILURE
Sep 04 10:57:01 tencent-test-02 systemd[1]: Failed to start The Apache HTTP Server.
Sep 04 10:57:01 tencent-test-02 systemd[1]: Unit httpd.service entered failed state.
Sep 04 10:57:01 tencent-test-02 systemd[1]: httpd.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

错误为Address already in use时，有两个解决办法：

• 方法1：找到占用80端口的程序，kill掉该程序，然后再启动apache即可。
• 方法2：更换个端口（不用80端口了）。

配置mod_dav_svn

能看懂英文的，参考这里：

• https://svnbook.red-bean.com/en/1.1/ch06s04.html
• https://svnbook.red-bean.com/en/1.7/svn.serverconfig.httpd.html

新增 subversion.conf.inc 文件

在 /etc/httpd/conf.d 目录下，新增 subversion.conf.inc 文件：

shell> cd /etc/httpd/conf.d
shell> vim subversion.conf.inc
1
2

subversion.conf.inc 文件内容：

# 所有请求都要求先登录

    # 认证类型为基本认证
    # 认证类型为基本认证时，未登录的情况下，将在浏览器中弹出一个认证（登录）对话框。
    AuthType Basic
    # 认证名称。 认证对话框的标题
    # 在认证对话框中输入用户名和密码
    AuthName "Subversion Repository"
    # 认证功能使用的、保持用户名和密码的文件
    AuthUserFile /home/svn/htpasswd
    # 要求验证用户（即：不能匿名访问）
    Require valid-user

# svn 配置

    DAV svn 
    # 如果只有一个SVN仓库，使用该选项
    # SVNPath /absolute/path/to/repository
    # 如果有多个SVN仓库，使用该选项
    SVNParentPath /home/svn
    # 打开这个选项可以列出ParentPath下面的所有库。取值： on/off
    SVNListParentPath off
    # 所有仓库共用一个访问权限配置文件
    AuthzSVNAccessFile /home/svn/authz.conf
    # 每个仓库一个访问权限配置文件。仓库目录/conf/authz.conf
    # AuthzSVNReposRelativeAccessFile authz.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

• 从 Subversion 1.7 开始, 还可以用 配置指令 AuthzSVNReposRelativeAccessFile 指定 每个仓库各自的访问权限配置文件.

新增 VirtualHost

在 /etc/httpd/conf.d 目录下，新增 subversion_vhost.conf 文件：

shell> cd /etc/httpd/conf.d
shell> vim subversion_vhost.conf
1
2

不启用HTTPS时，subversion_vhost.conf 文件内容：

    DocumentRoot "/var/www/empty/html_ssl"
    ServerName xxx.xxx.com

    
        ErrorDocument 403 "
403
https
"
        ErrorDocument 404 "
404
https
"

        RewriteEngine On
        RewriteRule "/svn" "-" [END]
        RewriteRule "/svn/.*" "-" [END]
        RewriteRule ".*" "-" [R=404]
    

    Include conf.d/subversion.conf.inc

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

启用HTTPS时，subversion_vhost.conf 文件内容：

    DocumentRoot "/var/www/empty/html_ssl"
    ServerName xxx.xxx.com

    SSLEngine on
    SSLCertificateFile /etc/httpd/cert.d/com.xxx.xxx.cert
    SSLCertificateKeyFile /etc/httpd/cert.d/com.xxx.xxx.key
    SSLCertificateChainFile /etc/httpd/cert.d/cacert.pem

    
        ErrorDocument 403 "
403
https
"
        ErrorDocument 404 "
404
https
"

        RewriteEngine On
        RewriteRule "/svn" "-" [END]
        RewriteRule "/svn/.*" "-" [END]
        RewriteRule ".*" "-" [R=404]
    

    Include conf.d/subversion.conf.inc

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

• 443端口为https

htpasswd 文件

已存在htpasswd 文件，增加用户：

shell> htpasswd -m /home/svn/htpasswd rose
New password: *******
Re-type new password: *******
Adding password for user rose
1
2
3
4

• htpasswd 命令中使用 -m 选项时，使用 MD5 加密密码。
• subversion.passwd文件不存在时， htpasswd 命令中添加 -c 选项会创建文件。

修改密码：

shell> htpasswd -m /home/svn/htpasswd jack
New password: ***** 
Re-type new password: *****
Adding password for user jack
1
2
3
4

删除用户：

shell> htpasswd -D /home/svn/htpasswd jack
1

新增 authz.conf 文件

参考这里：https://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html

在 /home/svn/ 目录下，新增 authz.conf 文件：

shell> cd /home/svn
shell> vim authz.conf  
1
2

authz 文件内容：

[test:/]
rose=r
jack=rw
1
2
3

名为test的svn仓库，rose有read权限，jack有read和write权限。

apache reload

shell> systemctl reload httpd 
1

新建SVN仓库

shell> svnadmin create /home/svn/test
shell> chown -R apache /home/svn/test
1
2

• 修改/home/svn/test目录的所有者为apache。

访问

修改subversion.authz 文件内容：

[test:/]
rose=
jack=rw
1
2
3

apache reload后，再次访问如下图

svn commit 错误：could not begin a transaction

发生错误could not begin a transaction，是因为 apache 没有svn仓库所在目录的权限。
修改 apache 帐号的权限：

shell> chown -R apache /home/svn/test
1

关于 Satisfy

如果不想让用户匿名访问svn仓库，就不要加这个选项了。
参考：

• https://blog.csdn.net/weixin_34268169/article/details/92600408
• https://cloud.tencent.com/developer/ask/sof/53801

参考

• https://subversion.apache.org/packages.html
• 《Subversion 与版本控制》 在线阅读：https://svnbook.red-bean.com/
• Subversion 1.7 : https://svnbook.red-bean.com/en/1.7/index.html
• Subversion 1.8 : https://svnbook.red-bean.com/nightly/zh/index.html