svn集成ldap
2017-06-13 11:47
176 查看
推荐 http://lansgg.blog.51cto.com/5675165/1844836
使用CollabNetSubversionEdge 界面很好,很赞
以下用原始方法,svn+apache+ldap手动搭建
基本安装
使用web方式访问svn
svn集成ldap,先参照git集成ldap(这个之前做过)
svn集成ldap
我的svn是单独一台机器的,ldap一台机器
先参考以前git做的
cd /opt/git/gitlab/config
最后权限的问题,不知道是否需要chown -R apache.apache /application/*
参考文章 http://solin.blog.51cto.com/11319413/1918718 基本搭建 http://www.361way.com/subversion-apache-ldap/2863.html svn集成ldap http://jiyude.blog.51cto.com/7582964/1730447 SVN服务器集群(基于LDAP) http://zengestudy.blog.51cto.com/1702365/1911179 http://ly36843.blog.51cto.com/3120113/1673892 这篇ldap讲的最详细
使用CollabNetSubversionEdge 界面很好,很赞
https://downloads-guests.open.collab.net/files/documents/61/17071/CollabNetSubversionEdge-5.2.0_linux-x86_64.tar.gz useradd -d /opt/svnuser svnuser echo "xx" |passwd --stdin svnuser groupadd svn usermod -G svn svnuser mkdir /svn chown svnuser.svnuser /svn -R visudo ## Allow root to run any commands anywhere root ALL=(ALL) ALL svnuser ALL=(ALL) ALL su - svnuser cd /svn/ tar xf CollabNetSubversionEdge-5.1.3_linux-x86_64.tar.gz cd csvn/ bin/csvn start http://192.168.85.130:3343/csvn/login/auth 用户名、密码都是admin svn是Subversion Edge执行用户svnuser所在的组 [root@vm2 svn]# chown root:svn /svn/csvn/lib/httpd_bind/httpd_bind [root@vm2 svn]# chmod u+s /svn/csvn/lib/httpd_bind/httpd_bind sudo -E bin/csvn install 如果本机没有X桌面,就需要通过网络访问。需要将localhost更改为Subversion Edge服务器的IP地址,同时设置防火墙来保证能够访问到。
以下用原始方法,svn+apache+ldap手动搭建
基本安装
使用web方式访问svn
svn集成ldap,先参照git集成ldap(这个之前做过)
基本安装 svn版本1.6 yum -y install subversion mkdir -p /application/svndata mkdir -p /application/svnpasswd svnserve -d -r /application/svndata/ 启动 lsof -i tcp:3690 svnadmin create /application/svndata/sadoc ll /application/svndata/sadoc/ 配置允许用户solin读写访问 cd /application/svndata/sadoc/conf/ /bin/cp svnserve.conf svnserve.conf.solin$(date +%F) egrep "\-access|\-db =" svnserve.conf # anon-access = read # auth-access = write # password-db = passwd # authz-db = authz [root@node-005 conf]# egrep "\-access|\-db =" svnserve.conf # anon-access = none #不允许匿名访问 # auth-access = write #允许可写 # password-db = /application/svnpasswd/passwd #密码数据库,存放SVN吗 # authz-db = /application/svnpasswd/authz #控制权限的数据库 [root@node-005 conf]# egrep "\-access|\-db =" svnserve.conf # anon-access = read anon-access = none # auth-access = write auth-access = write # password-db = passwd password-db = /application/svnpasswd/passwd # authz-db = authz authz-db = /application/svnpasswd/authz [root@node-005 conf]# diff svnserve.conf.solin2017-04-20 svnserve.conf 12a13 > anon-access = none 13a15 > auth-access = write 20a23 > password-db = /application/svnpasswd/passwd 27a31 > authz-db = /application/svnpasswd/authz 配置authz、passwd证书文件 [root@node-005 conf]# cp authz passwd /application/svnpasswd/ [root@node-005 conf]# ll /application/svnpasswd/ 总用量 8 -rw-r--r-- 1 root root 1080 4月 20 17:22 authz -rw-r--r-- 1 root root 309 4月 20 17:22 passwd [root@node-005 conf]# chmod 700 /application/svnpasswd/* [root@node-005 conf]# ll /application/svnpasswd/ 总用量 8 -rwx------ 1 root root 1080 4月 20 17:22 authz -rwx------ 1 root root 309 4月 20 17:22 passwd vi /application/svnpasswd/authz 添加如下: [groups] bd_sa = solin,test # [/foo/bar] [sadoc:/] # [repository:/baz/fuz] @bd_sa = rw test1 = r vi /application/svnpasswd/passwd 添加如下: [users] solin = bdyun test = bdyun pkill svnserve svnserve -d -r /application/svndata/
使用web方式访问svn yum -y install httpd httpd-devel yum -y install mod_dav_svn mod_auth_mysql vim /etc/httpd/conf/httpd.conf LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /home> DAV svn SVNPath /var/www/html/svna/home </Location> 权限控制 htpasswd -c /etc/svnpwd/svnpwdfile svnpwduser01 mkdir /etc/svnpwd htpasswd -c /etc/svnpwd/svnpwdfile svnpwduser01 AuthType Basic AuthName "svn repos" AuthUserFile /etc/svnpwd/svnpwdfile Require valid-user
svn集成ldap
我的svn是单独一台机器的,ldap一台机器
先参考以前git做的
cd /opt/git/gitlab/config
cat gitlab.yml|grep -v "#"
production: &base
gitlab:
host: 内部域名
email_from: example@example.com
email_display_name: GitLab
email_reply_to: noreply@example.com
default_projects_features:
issues: true
merge_requests: true
wiki: true
snippets: false
incoming_email:
enabled: false
address: "incoming+%{key}@gitlab.example.com"
gravatar:
gitlab_ci:
ldap:
enabled: true
servers:
label: 'LDAP'
host: 'ldap ip'
port: 389
uid: 'uid'
bind_dn: 'cn=gitlab,ou=People,dc=xx,dc=com'
password: 'gitlab密码'
active_directory: false
allow_username_or_email_login: true
block_auto_created_users: false
base: 'dc=xx,dc=com'
user_filter: ''
attributes:
username: ['uid', 'userid', 'sAMAccountName']
email: ['mail', 'email', 'userPrincipalName']
name: 'cn'
first_name: 'givenName'
last_name: 'sn'
omniauth:
enabled: false
allow_single_sign_on: false
block_auto_created_users: true
auto_link_ldap_user: false
providers:
satellites:
path: /opt/git/gitlab-satellites/
timeout: 30
backup:
gitlab_shell:
path: /opt/git/gitlab-shell/
repos_path: /opt/git/repositories/
hooks_path: /opt/git/gitlab-shell/hooks/
secret_file: /opt/git/gitlab/.gitlab_shell_secret
upload_pack: true
receive_pack: true
git:
bin_path: /opt/soft/git/bin/git
timeout: 100
extra:
rack_attack:
git_basic_auth:
development:
<<: *base
test:
<<: *base
gravatar:
enabled: true
gitlab:
host: 内部域名
port: 80
satellites:
path: tmp/tests/gitlab-satellites/
backup:
path: tmp/tests/backups
gitlab_shell:
path: tmp/tests/gitlab-shell/
repos_path: tmp/tests/repositories/
hooks_path: tmp/tests/gitlab-shell/hooks/
issues_tracker:
redmine:
title: "Redmine"
project_url: "http://redmine/projects/:issues_tracker_id"
issues_url: "http://redmine/:project_id/:issues_tracker_id/:id"
new_issue_url: "http://redmine/projects/:issues_tracker_id/issues/new"
ldap:
enabled: true
servers:
main:
label: ldap
host: ldap ip
port: 389
uid: 'uid'
base: 'dc=xx,dc=com'
user_filter: ''
bind_dn: 'cn=xx,ou=People,dc=xx,dc=com'
password: 'xx密码'
admin_group: ''
sync_ssh_keys: false
staging:
<<: *baseapache配置[root@cm1 conf.d]# cat subversion.conf |grep -v "#" LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn/> DAV svn SVNListParentPath on SVNParentPath /application/svndata AuthBasicAuthoritative on AuthType Basic AuthName "svn" AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthLDAPURL "ldap://ldap ip:389/ou=People,dc=xx,dc=com?uid?sub?(objectClass=*)" AuthLDAPBindDN "cn=xx,ou=People,dc=xx,dc=com" AuthLDAPBindPassword "xx密码" #xx在ldap服务器上有本地用户 AuthzSVNAccessFile /etc/httpd/conf/svnauthz.conf Require valid-user </Location> cat /etc/httpd/conf/svnauthz.conf [groups] admin = one [/] @admin = rw #[test:/] two = r
最后权限的问题,不知道是否需要chown -R apache.apache /application/*
参考文章 http://solin.blog.51cto.com/11319413/1918718 基本搭建 http://www.361way.com/subversion-apache-ldap/2863.html svn集成ldap http://jiyude.blog.51cto.com/7582964/1730447 SVN服务器集群(基于LDAP) http://zengestudy.blog.51cto.com/1702365/1911179 http://ly36843.blog.51cto.com/3120113/1673892 这篇ldap讲的最详细
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- LDAP落地实战(二):SVN集成OpenLDAP认证
- Apache2.2.6 + SVN 1.4.3 与LDAP集成问题
- SVN集成LDAP认证及自助权限申请系统搭建
- apache svn集成ldap认证
- 集成 SVN 插件到 Eclipse 的过程
- apache+svn+openldap 整合实现认证
- Hudson+Maven+Svn搭建持续集成环境
- eclipse集成svn后总是弹出 Password Required问题解决方法
- 自己总结安装svn插件集成myeclipse2014的两种方式
- CentOS下Apache+SVN+LDAP的安装与配置
- Android Studio集成SVN报错:can't use subversion command line client : svn
- 利用jenkins/svn/maven搭建持续集成环境
- 安装svn插件集成myeclipse2014的两种方式
- centos7下利用httpd2.4配置svn并使用Ldap用户认证
- myeclipse8.5中 集成svn
- 使用 svn+maven+jenkins(hudson)+Publish Over SSH plugins 构建持续集成及自动远程发布体系
- 用SVN+cruisecontrol 搭建持续集成开发环境
- 让Editplus和SVN集成
- (原创)LDAP与CAS单点登录集成
- MyEclipse集成SVN(转载)