Step1
Add AD Domain joining process of Centos Machine
Install following rpms using yum command
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients
policycoreutils-python mod_ldap -y
Check your DNS AD server ip entry
[root@centos7 ~]# cat /etc/resolv.conf
search example.com
nameserver 192.168.1.2
Join Domain
[root@centos7 ~]# realm join --user=administrator example.com
Password for administrator:
check domain details
root@centos7 ~]# realm list
Reboot the Centos Machine
2. Here we will install Apache server as webserver for the SVN repository
yum -y install subversion subversion-tools mod_dav_svn
mkdir /var/svn
svnadmin create /var/svn/devrepo
chown -R apache:apache /var/svn/devrepo/
chcon -R -t httpd_sys_content_t /var/svn/devrepo/
chcon -R -t httpd_sys_rw_content_t /var/svn/devrepo/
Edit file
vi /etc/httpd/conf.modules.d/10-subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule dontdothat_module modules/mod_dontdothat.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so
###For LOCAl user authontiation
Alias /svn /var/svn/
<Location /svn>
DAV svn
SVNParentPath /var/svn/
AuthType Basic
AuthName "Authentication Realm"
AuthUserFile /var/svn/svn.user
AuthzSVNAccessFile /var/svn/devrepo/conf/authz
Require valid-user
</Location>
###savefile &exit
systemctl start httpd.service
htpasswd -cm /var/svn/svn.user svnadmin
systemctl reload httpd.service
mkdir -p /tmp/repository/project1/{trunk,branches,tags}
svn import -m 'Initial Import' /tmp/repository/project1/ http://SVN-Server/svn/devrepo
####Now access in browser service server working withe svnadmin login ##########
#####################################################
3. If Now configure Active directory Auth with svn
#####################################################
#######add the following entries in 10-subversion .comf##########
vi /etc/httpd/conf.modules.d/10-subversion.conf
Alias /svn /var/svn/
<location /svn>
DAV svn
SVNParentPath /var/svn/
SVNListParentPath on
order allow,deny
allow from all
#Options Indexes
AuthType Basic
#AthzLDAPAuthoritative On
AuthBasicProvider ldap
AuthLDAPBindDN svnadmin@example.com
AuthLDAPBindPassword s!^n1$n*l
Require valid-user svnadmin@example.com
AuthLDAPURL "ldap://192.168.2.200:3268/dc=example,dc=com?sAMAccountName?sub?(objectCategory=person)"
Require ldap-group CN=svnadmin,OU=users,DC=example,DC=com
AuthzSVNAccessFile /var/svn/devrepo/conf/authz
##save& exit###
####edit file add following######
Vi /var/svn/devrepo/conf/svnserve.conf
anon-access = none
authz-db = authz
auth-access = write
### save& exit###
systemctl restart httpd.service #### Now check you will be able login in svn via domain user#########
############################################
4. iMPLEMENT PERMISSION ON SVN DIRECTORY
############################################
####Edit file authz to restricted directory####
vi /var/svn/devrepo/conf/authz
[groups]
admin = svnadmin,
devaccess = USER1,user2
qaaccess = user3,user4
[/]
* = r
[devrepo:/trunk]
@admin = rw
@qaaccess = rw
@qaaccess = r
[devrepo:/branches]
@qaaccess = r
@devaccess = rw
* = r
[devrepo:/tags]
* = r
@qaaccess = rw
@devaccess = rw
##save & exit#####
Restart apache serverice
systemctl restart httpd.service
chkconfig httpd on
### Now svn server has been created Enjoy#####
Add AD Domain joining process of Centos Machine
Install following rpms using yum command
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-common samba-common-tools krb5-workstation openldap-clients
policycoreutils-python mod_ldap -y
Check your DNS AD server ip entry
[root@centos7 ~]# cat /etc/resolv.conf
search example.com
nameserver 192.168.1.2
Join Domain
[root@centos7 ~]# realm join --user=administrator example.com
Password for administrator:
check domain details
root@centos7 ~]# realm list
Reboot the Centos Machine
2. Here we will install Apache server as webserver for the SVN repository
yum -y install subversion subversion-tools mod_dav_svn
mkdir /var/svn
svnadmin create /var/svn/devrepo
chown -R apache:apache /var/svn/devrepo/
chcon -R -t httpd_sys_content_t /var/svn/devrepo/
chcon -R -t httpd_sys_rw_content_t /var/svn/devrepo/
Edit file
vi /etc/httpd/conf.modules.d/10-subversion.conf
LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so
LoadModule dontdothat_module modules/mod_dontdothat.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so
###For LOCAl user authontiation
Alias /svn /var/svn/
<Location /svn>
DAV svn
SVNParentPath /var/svn/
AuthType Basic
AuthName "Authentication Realm"
AuthUserFile /var/svn/svn.user
AuthzSVNAccessFile /var/svn/devrepo/conf/authz
Require valid-user
</Location>
###savefile &exit
systemctl start httpd.service
htpasswd -cm /var/svn/svn.user svnadmin
systemctl reload httpd.service
mkdir -p /tmp/repository/project1/{trunk,branches,tags}
svn import -m 'Initial Import' /tmp/repository/project1/ http://SVN-Server/svn/devrepo
####Now access in browser service server working withe svnadmin login ##########
#####################################################
3. If Now configure Active directory Auth with svn
#####################################################
#######add the following entries in 10-subversion .comf##########
vi /etc/httpd/conf.modules.d/10-subversion.conf
Alias /svn /var/svn/
<location /svn>
DAV svn
SVNParentPath /var/svn/
SVNListParentPath on
order allow,deny
allow from all
#Options Indexes
AuthType Basic
#AthzLDAPAuthoritative On
AuthBasicProvider ldap
AuthLDAPBindDN svnadmin@example.com
AuthLDAPBindPassword s!^n1$n*l
Require valid-user svnadmin@example.com
AuthLDAPURL "ldap://192.168.2.200:3268/dc=example,dc=com?sAMAccountName?sub?(objectCategory=person)"
Require ldap-group CN=svnadmin,OU=users,DC=example,DC=com
AuthzSVNAccessFile /var/svn/devrepo/conf/authz
##save& exit###
####edit file add following######
Vi /var/svn/devrepo/conf/svnserve.conf
anon-access = none
authz-db = authz
auth-access = write
### save& exit###
systemctl restart httpd.service #### Now check you will be able login in svn via domain user#########
############################################
4. iMPLEMENT PERMISSION ON SVN DIRECTORY
############################################
####Edit file authz to restricted directory####
vi /var/svn/devrepo/conf/authz
[groups]
admin = svnadmin,
devaccess = USER1,user2
qaaccess = user3,user4
[/]
* = r
[devrepo:/trunk]
@admin = rw
@qaaccess = rw
@qaaccess = r
[devrepo:/branches]
@qaaccess = r
@devaccess = rw
* = r
[devrepo:/tags]
* = r
@qaaccess = rw
@devaccess = rw
##save & exit#####
Restart apache serverice
systemctl restart httpd.service
chkconfig httpd on
### Now svn server has been created Enjoy#####
No comments:
Post a Comment