From owner-freebsd-ports@FreeBSD.ORG Tue Aug 14 12:19:53 2007 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5EA1F16A417 for ; Tue, 14 Aug 2007 12:19:53 +0000 (UTC) (envelope-from david@vizion2000.net) Received: from dns1.vizion2000.net (77-99-36-42.cable.ubr04.chap.blueyonder.co.uk [77.99.36.42]) by mx1.freebsd.org (Postfix) with ESMTP id 1BC8413C480 for ; Tue, 14 Aug 2007 12:19:53 +0000 (UTC) (envelope-from david@vizion2000.net) Received: by dns1.vizion2000.net (Postfix, from userid 1007) id D4D611CC38; Tue, 14 Aug 2007 05:35:20 -0700 (PDT) From: David Southwell Organization: Voice and Vision To: freebsd-ports@freebsd.org Date: Tue, 14 Aug 2007 05:35:20 -0700 User-Agent: KMail/1.9.7 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200708140535.20575.david@vizion2000.net> Subject: subversion -authorization setup problem X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Aug 2007 12:19:53 -0000 Hi=20 I have never before run a subversion server and despite reading "the book" = and=20 man pages have hit a problem - if anyone feels like helping=20 it would be much appreciated. I have set up subversion to run with apache. Versions: apache-2.2.4_2=20 subversion-1.4.4_1 I can connect remotely from a client to the server, using name|password=20 combination so authentication appears to work fine but authorization is=20 failing.=20 This is a new repository as can be seen from the output of the=20 svnlook. An initial import attempt from the client fails with the client=20 reporting" RA Layer request failed"and "403 forbidden" error from the serve= r. Clearly I have something wrong in my authorization set up. Can anyone point= me=20 in the right direction? I have chosen to use an SVNParentPath configuration for multiple repositori= es=20 under the same "root" with all repositories sharing the same=20 AuthzSVNAccessFile.=20 I have made all repository paths the same as apache.. owner:group www:www =A0 1. Here are my entries in =A0httpd.conf ##### Modules include LoadModule dav_module libexec/apache22/mod_dav.so LoadModule dav_svn_module =A0 =A0 libexec/apache22/mod_dav_svn.so LoadModule authz_svn_module =A0 libexec/apache22/mod_authz_svn.so ##### Location entry: I have only made the one entry -- using the parent do= I=20 need additional entries for each repository? My reading of the book seemed = to=20 suggest that was not required. =A0 =A0 =A0 =A0 DAV svn =A0 =A0 =A0 =A0 SVNParentPath /usr2/svnhome =A0 =A0 =A0 =A0 SVNListParentPath on # Access control Policy =A0 =A0 =A0 =A0 AuthzSVNAccessFile /usr/local/etc/apache22/Authz_svnhome # try anonymous access first, resort to authentication # if necessary =A0 =A0 =A0 =A0=20 =A0 =A0 =A0 =A0 Require valid-user =A0 =A0 =A0 =A0 AuthType Basic =A0 =A0 =A0 =A0 AuthName "Svn Repository" =A0 =A0 =A0 =A0 AuthUserFile /usr/local/etc/apache22/svn-auth-methusela_02 =A0 =A0 =A0 =A0=20 CustomLog =A0 =A0 =A0 /usr/local/etc/apache22/svn_logfile "%t %u %{SVN-ACTI= ON}e"=20 env=3DSVN-ACTION =A0 =A0 =A0=20 ##### 2. My AuthzSVNAccessFile ##### AuthzSVNAccessFile /usr/local/etc/apache22/Authz_svnhome [/] * =3D r [/usr2/svnhome] * =3Dr [project_meth: /usr2/svnhome/project_meth] david =3D rw test =3D r ##### 3. Output from svnlook ##### svnlook info /usr2/svnhome/project_meth 2007-08-13 03:09:11 -0700 (Mon, 13 Aug 2007) 0 ##### 4. http-error.log ##### httpd-error.log [Mon Aug 13 09:30:04 2007] [error] [client 192.168.15.1] Access=20 denied: 'david' MKACTIVITY project_meth: ##### 5. svn_logfile ##### [13/Aug/2007:08:49:56 -0700] david list-dir '/' [13/Aug/2007:08:51:47 -0700] david list-dir '/' ##### 6.I have made no changes to the files created by the svnadmin create comman= d=20 apart from svnserve.conf which reads: ######## anon-access =3D read auth-access =3D write password-db =3D /usr/local/etc/apache22/svn-auth-methusela_02 authz-db =3D /usr/local/etc/apache22/Authz_svnhome. ####### All help appreciated Thanks in advance david