[lug] setting subversion permissions with apache/mod_dav
D. Stimits
stimits at comcast.net
Mon Jan 15 20:13:53 MST 2007
...
>
> Tired of me yet? The solution seems to be, add "Deny from all" below
> your "Order deny, allow"
>
Sadly, this resulted in all access being denied. I'm starting to feel I
need to rebuild apache, openssl, and subversion with debug symbols, and
run it in a debugger. When I try to use the svn co on the command line
after adding the Deny from all, it never even gives me a chance to
attempt adding the pass:
svn: PROPFIND request failed on '/svn/helloworld'
svn: PROPFIND of '/svn/helloworld': 403 Forbidden (https://...
SSL log:
... client denied by server configuration: /var/www/html/svn
> Alternatively, you can remove the "Order deny,allow"
Sadly, this results in totally open access to all svn clients. While
searching for an answer on google, the only success story I found was
from a guy that wiped his system and started over from scratch. I'm
about ready to give up on svn with apache and run svnserve, but it won't
do all I need...and of course there is no guarantee it won't also misbehave.
My variation which lets everyone in:
<Location /svn>
DAV svn
SVNParentPath /var/www/svn
SSLRequireSSL
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /etc/passwd-httpd
AuthGroupFile /etc/group-httpd
Require group devel
</Location>
Anything with Order deny,allow, then Deny from all seems to ignore all
attempts at login.
You said you had looked at authz, which looks extremely useful since I'm
hoping to eventually mix authentication for read only plus read/write
access at some point. What kind of httpd config do you use on that? How
about the authz file itself? And have you used the apache htpasswd
utility to generate your password files? I know I've messed something
up, but for the life of me I can't see it.
D. Stimits, stimits AT comcast DOT net
More information about the LUG
mailing list