[lug] setting subversion permissions with apache/mod_dav

Hugh Brown hugh at math.byu.edu
Sun Jan 14 19:34:24 MST 2007


D. Stimits wrote:
> I'm working on a subversion repository on CentOS 4.4, and finally got 
> past some of the SElinux problems. Now it is able to be read from over a 
> web browser on https, and it properly asks for a user name and pass via 
> basic auth (non-SSL can't reach that URL).
> 
> Here's the oddball problem: Using a command line client, it allows total 
> access without caring about user name/pass. It requires user name and 
> pass only from a web browser, but not from the svn client. Here's the 
> config:
> 
> <Location /svn>
>   Options Indexes MultiViews
>   AllowOverride None
>   Order deny,allow
>   DAV svn
>   SVNParentPath /var/www/svn
>   SSLRequireSSL
>   AuthType Basic
>   AuthName "Subversion Repository"
>   AuthUserFile /etc/passwd-httpd
>   AuthGroupFile /etc/group-httpd
>   Require group devel
> </Location>
> 
> 
> Has anyone here ever set up an svn repository under apache mod_dav, to 
> require a password? How did you get the svn client to prompt for user 
> name and password? I even deleted all the temp files from 
> ~/.subversion/auth/svn.ssl.server, and all working copies, so there is 
> no chance of it having memorized a name and pass (and in fact the user 
> name I'm using on the remote machine is different than the name on the 
> server). If I can block access to anyone not having a proper login 
> name/pass, it'll be ready for use (at the moment IP tables blocks all IP 
> addresses except for mine).
> 
> D. Stimits, stimits AT comcast DOT net


Tired of me yet?  The solution seems to be, add "Deny from all" below 
your "Order deny, allow"

Alternatively, you can remove the "Order deny,allow"

Hugh



More information about the LUG mailing list