SVN服务器的权限配置
言归正传,按照前面的教程装完1.5.5版以后,当svnadmin create /home/svn/yourproject创建仓库后,应该在仓库目录下的config目录有3个文件——authz、passwd、svnserve.conf。下面对3个文件进行说明:
svnserve.conf是基础的配置,用于控制访问的权限将[general]前的注释与空格去掉,一定要去掉空格,否则到时客户端登录会出现"Section header must start in the first column的”的告警!亲身体会啊!!最后此文件内容至少包含以下内容:
[general]
anon-access = none
auth-access = write
password-db = passwd
authz-db = authz
其中,anon-access = none禁止匿名登录,auth-access = write为署名登录获得写权限,password-db = passwd指定用户配置文件,authz-db = authz指定权限配置文件
————————————————
passwd是用户配置文件,用于设置用户名以及密码
格式为:
[users]
<用户1> = <密码1>
<用户2> = <密码2>
其中用户名,密码不能为中文,至少我设中文登录时提示没有该用户
[users]是必须的。下面列出要访问svn的用户,每个用户一行。
示例:
[users]
alan = password
king = hello
这个里面的user表示当前test版本库的成员
——————————————————
authz是详细的用户授权文件
格式如下(以下内容转载,感谢原创):
用户组格式:
[groups]
<用户组名> = <用户1>,<用户2>
其中,1个用户组可以包含1个或多个用户,用户间以逗号分隔。用户必须要在passwd文件里能找到,它是给那个里面的user赋权限.
版本库目录格式:
[/目录]
@<用户组名> = <权限>
<用户名> = <权限>
示例:
[groups]
admin = alan
[/]
@admin = rw
[/svn/p1/WebProject]
king = rw(表示king能够读写/svn/p1/WebProject目录下的所有信息)
[/svn/p1/web]
zp=r(表示zp能够读/svn/p1/web目录下的所有信息)
————————————
以下是自己的体会:
注意:@admin代表整个组,king 在这里只是一个用户
关于访问路径[/目录],其完整格式[repos-name:path]或者[path],repos-name是版本库的名字
注意:在authz中如果要设定中文文件夹的路径,例如[/测试],请在linux在双击文件用默认记事本打开,然后另存为,注意将编码格式改为UNICODE UTF-8,否则在windows下用TortoiseSVN进行操作时,该中文路径的权限设置会有问题!此乃我的实际测试
当你用的中文svn客户端,并且又出现[璁よ瘉澶辫触]的错误不能够签入和签出,那么请检查authz的[path]权限等是否正确
authz文件
### This file is an example authorization file for svnserve.
### Its format is identical to that of mod_authz_svn authorization
### files.
### As shown below each section defines authorizations for the path and
### (optional) repository specified by the section name.
### The authorizations follow. An authorization line can refer to a
### single user, to a group of users defined in a special [groups]
### section, or to anyone using the '*' wildcard. Each definition can
### grant read ('r') access, read-write ('rw') access, or no access
### ('').
[groups]
admin=lxj,zxt,lp,zc,csl
[SGXT-S:/]
@admin=rw
*=
passwd文件
### This file is an example password file for svnserve.
### Its format is similar to that of svnserve.conf. As shown in the
### example below it contains one section labelled [users].
### The name and password for each user follow, one account per line.
[users]
# harry = harryssecret
# sally = sallyssecret
lxj=lxj
zxt=zxt
lp=lp
zc=zc
csl=csl
svnserve.conf
### This file controls the configuration of the svnserve daemon, if you
### use it to allow access to this repository. (If you only allow
### access through http: and/or file: URLs, then this file is
### irrelevant.)
### Visit [url]http://subversion.tigris.org/[/url] for more information.
[general]
### These options control access to the repository for unauthenticated
### and authenticated users. Valid values are "write", "read",
### and "none". The sample settings below are the defaults.
anon-access = none
auth-access = write
### The password-db option controls the location of the password
### database file. Unless you specify a path starting with a /,
### the file's location is relative to the conf directory.
### Uncomment the line below to use the default password file.
password-db = passwd
### The authz-db option controls the location of the authorization
### rules for path-based access control. Unless you specify a path
### starting with a /, the file's location is relative to the conf
### directory. If you don't specify an authz-db, no path-based access
### control is done.
### Uncomment the line below to use the default authorization file.
authz-db = authz
### This option specifies the authentication realm of the repository.
### If two repositories have the same authentication realm, they should
### have the same password database, and vice versa. The default realm
### is repository's uuid.
# realm = My First Repository
页:
[1]