Chinaunix首页 | 论坛 | 博客
  • 博客访问: 381420
  • 博文数量: 136
  • 博客积分: 4010
  • 博客等级: 上校
  • 技术积分: 1410
  • 用 户 组: 普通用户
  • 注册时间: 2006-03-14 14:11
文章分类

全部博文(136)

文章存档

2008年(16)

2007年(27)

2006年(93)

我的朋友

分类: LINUX

2008-08-29 15:31:36

OSCentos5.2

需要安装几个必须的软件

1 install berkeley-db

 

To do a standard UNIX build of Berkeley DB, change to the build_unix directory and then enter the following two commands:

 

../dist/configure  --prefix=/usr/local/db

make

This will build the Berkeley DB library.

 

To install the Berkeley DB library, enter the following command:

 

make install

 

 

To uninstall Berkeley DB, enter:

 

make uninstall

 

 

 

 

 

2 安装apr-util-1.3.2 apr-util-1.3.2

 

downlaod apr and apr-util

 

 

1)install apr

 

#./configure --prefix=/usr/local/apr/

make && make install

 

 

 

2)install apr-util

 

 #./configure --prefix=/usr/local/apr-util --with-apr=/usr/local/apr/  --with-berkeley-db=/usr/local/db

make && make install

 

3) install apache

 

 #./configure --prefix=/usr/local/apache --enable-so  --enable-dav --enable-dav-fs  --enable-maintainer-mode --with-apr=/usr/local/apr1.3.3/bin/apr-1-config  --with-apr-util=/usr/local/apr-util1.3.4/bin/apu-1-config --enable-ssl

 

#make && make install

 

 

 

apache modules模块目录位于/usr/local/apache/modules 

 

配置文件位于/usr/local/apache/conf/httpd.conf文件中

一般情况下以下语句已经加入进去了

 

LoadModule dav_svn_module     modules/mod_dav_svn.so

LoadModule authz_svn_module   modules/mod_authz_svn.so

LoadModule mysql_auth_module modules/mod_auth_mysql.so

 

 

 

2 install mysql

 

#cd mysql-5.0.22

#./configure --prefix=/usr/local/mysql

#make && make install

#cp ./support-files/my-medium.cnf /etc/my.cnf

#groupadd mysql

#useradd -g mysql –s /sbin/noshell mysql

#./scripts/mysql_install_db --user=mysql

#chown –R mysql.mysql   /usr/local/mysql

 

 

启动mysql

#/usr/local/mysql/bin/mysqld_safe  --user=mysql

 

更改root密码

mysqladmin password ‘新密码’

 

 

 

 

3 instal subversion

 

./configure --prefix=/usr/local/subversion --enable-maintainer-mode --with-apxs=/usr/local/apache/bin/apxs --with-apr=/usr/local/apr1.3.3/ --with-apr-util=/usr/local/apr-util1.3.4  --with-berkeley-db=/usr/local/db/lib

 

 

 

4 #mkdir /home/svnroot

#svnadmin create --fs-type fsfs /home/svnroot/repos1

#chown  -R daemon.daemon /home/svnroot

更改httpd.conf配置,增加如下:

#add for svn

Order allow,deny

Allow from all

DAV svn

SVNParentPath /home/svnroot/

AuthType Basic

AuthName "Subversion Repository"

AuthUserFile /etc/svn/passwd

AuthzSVNAccessFile /etc/svn/accesspolicy

Require valid-user

# SSLRequireSSL   如果必须通过https连接请注释掉此行,并安装下面的方法生成ssl证书

 

创建passwd文件和accesspolicy文件

#htpasswd  –c  –m   /etc/svn/passwd  tom

系统会提示输入密码两次

-c  创建文件passwd,第一次请加此参数

-m 增加用户

Accesspolicy文件内容

[groups]

developers = tom,mike,jack

[/]

@developers = rw

* = r

 

 

 

5 启动svn

  #svnserve -d

 

6 instal svn manager

  1)instal php

./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql --with-zlib

  2)install php pear

   /usr/local/php/bin/pear install VersionControl_SVN1.0.3.tgz

3)初始话config.php

4)

SVNManager创建访问用户及数据库:

#mysql –u root –p

Mysql>create database svnuser;

Mysql>grant all  on svn.* to  svnadmin@’localhost’ identified by ‘svnadmin’;

Mysql>flush prifileges;

Mysql>quit;

 

4)打开IE,输入地址

admin:admin登陆

新建admin权限的用户,最后的password输入admin

 

 

 

7安装https

 

使用https方式验证

vi /usr/local/apache/conf/http.conf

# Secure (SSL/TLS) connections

Include conf/extra/httpd-ssl.conf //把此处的#去掉

 

 

 

对证书不熟悉的人,有一个工具可以使用:

# cd /usr/local/apache2/conf

# tar zxvf ssl.ca-0.1.tar.gz

# cd ssl.ca-0.1

# ./new-root-ca.sh (生成根证书)

No Root CA key round. Generating one

Generating RSA private key, 1024 bit long modulus

...........................++++++

....++++++

e is 65537 (0x10001)

Enter pass phrase for ca.key: (输入一个密码)

Verifying - Enter pass phrase for ca.key: (再输入一次密码)

......

Self-sign the root CA... (签署根证书)

Enter pass phrase for ca.key: (输入刚刚设置的密码)

........

........ (下面开始签署)

Country Name (2 letter code) [MY]: CN

State or Province Name (full name) [Perak]: liaoning

Locality Name (eg, city) [Sitiawan]: dalian

Organization Name (eg, company) [My Directory Sdn Bhd]: jishikeyan

Organizational Unit Name (eg, section) [Certification Services Division]: ACSTAR

Common Name (eg, MD Root CA) []: yong

Email Address []: yong@yong.com.cn

这样就生成了ca.keyca.crt两个文件,下面还要为我们的服务器生成一个证书:

# ./new-server-cert.sh server (这个证书的名字是server)

......

......

Country Name (2 letter code) [MY]: CN

State or Province Name (full name) [Perak]: liaoning

Locality Name (eg, city) [Sitiawan]: dalian

Organization Name (eg, company) [My Directory Sdn Bhd]: jishikeyan

Organizational Unit Name (eg, section) [Secure Web Server]: ACSTAR

Common Name (eg, ) []: localhost

Email Address []: yong@yong.com.cn

这样就生成了server.csrserver.key这两个文件。

还需要签署一下才能使用的:

# ./sign-server-cert.sh server

CA signing: server.csr -> server.crt:

Using configuration from ca.config

Enter pass phrase for ./ca.key: (输入上面设置的根证书密码)

Check that the request matches the signature

Signature ok

The Subject's Distinguished Name is as follows

countryName :PRINTABLE:'CN'

stateOrProvinceName :PRINTABLE:'liaoning'

localityName :PRINTABLE:'liaoning'

organizationName :PRINTABLE:'jishikeyan'

organizationalUnitName:PRINTABLE:'ACSTAR'

commonName :PRINTABLE:'localhost'

emailAddress :IA5STRING:'yongl@yong.com.cn'

Certificate is to be certified until Jul 16 12:55:34 2005 GMT (365 days)

Sign the certificate? [y/n]: y

1 out of 1 certificate requests certified, commit? [y/n] y

Write out database with 1 new entries

Data Base Updated

CA verifying: server.crt <-> CA cert

server.crt: OK

下面要按照ssl.conf里面的设置,将证书放在适当的位置(/usr/local/apache/conf)。

# chmod 400 server.key

# cd ..

# mv ssl.ca-0.1/server.key server.key

# mv ssl.ca-0.1/server.crt server.crt

然后就可以启动啦!

# cd /usr/local/apache2

# ./bin/apachectl start

在浏览器中test就可以进行https用户验证啦!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

阅读(992) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~