SVN配置权限

Subversion精细化权限配置

版本历史

版本/状态作者变更理由/内容生效日期备注

1.1 孙炬2010-4-22

引言

目录

1. 准备工作 (1)

1.1. 新建代码库 (1)

1.2. 配置代码库 (1)

2. 配置详解 (3)

2.1. Passwd.conf (3)

2.2. authz.conf (4)

3. 补充重要说明 (6)

3.1. 对中文目录的支持 (6)

1.准备工作

1.1. 新建代码库

svnadmin create F:\server\svn\root

1.2. 配置代码库

进入conf目录

删除掉authz和passwd这两个文件（是默认的配置，没什么用）

打开svnserve.conf找到[general]，把[general]到# realm = My First Repository这一行之前的内容全部删除掉，在这两行之间加入

password-db = ../../passwd.conf

anon-access = none

auth-access = write

authz-db = ../../authz.conf

整个文件的配置如下:

### This file controls the configuration of the svnserve daemon, if you

### use it to allow access to this repository. (If you only allow

### access through http: and/or file: URLs, then this file is

### irrelevant.)

### Visit / for more information.

[general]

password-db = ../../passwd.conf

anon-access = none

auth-access = write

authz-db = ../../authz.conf

# realm = My First Repository

[sasl]

### This option specifies whether you want to use the Cyrus SASL

### library for authentication. Default is false.

### This section will be ignored if svnserve is not built with Cyrus

### SASL support; to check, run 'svnserve --version' and look for a line

### reading 'Cyrus SASL authentication is available.'

# use-sasl = true

### These options specify the desired strength of the security layer

### that you want SASL to provide. 0 means no encryption, 1 means

### integrity-checking only, values larger than 1 are correlated

### to the effective key length for encryption (e.g. 128 means 128-bit

### encryption). The values below are the defaults.

# min-encryption = 0

# max-encryption = 256

其中注意：

#这一行是指定svn用户的配置文件，是放在代码仓库的更目录的

password-db = ../../passwd.conf

#这一行是指定匿名登录的用户是无任何操作权限的

anon-access = none

#这一行是指定登录用户是有操作权限的

auth-access = write

#这一行是指定权限配置文件的路径，是放在代码仓库的更目录的

authz-db = ../../authz.conf

两个配置文件时放在和代码仓库同级目录的，是为了方便多个代码仓库使用同一个权限管理配置

2.配置详解

2.1. P asswd.conf

全部配置如下

### This file is an example password file for svnserve.

### Its format is similar to that of svnserve.conf. As shown in the

### example below it contains one section labelled [users].

### The name and password for each user follow, one account per line.

[users]

# harry = harryssecret

# sally = sallyssecret

#设置超管用户

admin = 123

#项目管理员

projectAdmin = 123

#工作日志管理员

workingDiaryAdmin = 123

#软件库管理员

softwareAdmin = 123

#dress项目开发人员

dressDeveloper1 = 123

dressDeveloper2 = 123

dressDeveloper3 = 123

#soi项目开发人员

soiDeveloper1 = 123

soiDeveloper2 = 123

soiDeveloper3 = 123

2.2. a uthz.conf

全部配置如下

### This file is an example authorization file for svnserve.

### Its format is identical to that of mod_authz_svn authorization

### files.

### As shown below each section defines authorizations for the path and ### (optional) repository specified by the section name.

### The authorizations follow. An authorization line can refer to:

### - a single user,

### - a group of users defined in a special [groups] section,

### - an alias defined in a special [aliases] section,

### - all authenticated users, using the '$authenticated' token,

### - only anonymous users, using the '$anonymous' token,

### - anyone, using the '*' wildcard.

###

### A match can be inverted by prefixing the rule with '~'. Rules can ### grant read ('r') access, read-write ('rw') access, or no access

### ('').