apachesvncentossvn-server

SVN Server on CentOS 5.8


I am tring to setup a subversion server on CentOS 5.8 (CentOS release 5.8 (Final)). I have only a little experience with CentOS. I only have worked with SuSE and Ubuntu so far.

The problem I have is, when I try to access my SVN repository via http://domain.tld/svn I get "Forbidden, You don't have permission to access /svn/ on this server.".

These are the steps for my setup:

yum install mod_dav_svn subversion

Content of /etc/httpd/conf.d/subversion.conf

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<Location /svn>
   DAV svn
   SVNParentPath /var/www/svn
</Location>

Create related paths

mkdir -p /var/www/svn && cd /var/www/svn
svnadmin create repos
chown -R apache:apache repos
service httpd restart

I cant figure out, whats wrong...

Other sources on CentOS 5.7 suggested this as an additional step:

chcon -R -t httpd_sys_content_t /var/www/svn/repos
chcon -R -t httpd_sys_rw_content_t /var/www/svn/repos

When I execute this, I get chcon: can't apply partial context to unlabeled file /var/www/svn/repos

So I looked around and found a User that said, I should use

chcon -h system_u:object_r:httpd_sys_content_t /var/www/svn/repos
chcon -R -h apache:object_r:httpd_sys_content_t /var/www/svn/repos/*

instead of

chcon -R -t httpd_sys_content_t /var/www/svn/repos

so I added also 2 lines for httpd_sys_rw_content_t:

chcon -h system_u:object_r:httpd_sys_content_t /var/www/svn/repos
chcon -R -h apache:object_r:httpd_sys_content_t /var/www/svn/repos/*
chcon -h system_u:object_r:httpd_sys_rw_content_t /var/www/svn/repos
chcon -R -h apache:object_r:httpd_sys_rw_content_t /var/www/svn/repos/*

Problem still remains...

service httpd restart

Problem still remains...

EDIT

I also have added authentication rules to the subversion.conf:

<LimitExcept GET PROPFIND OPTIONS REPORT>
    AuthzSVNAccessFile /etc/subversion/svn-access
    # Require SSL connection for password protection.
    # SSLRequireSSL

    AuthType Basic
    AuthName "Authorization Realm"
    AuthUserFile /etc/subversion/svn-passwd
    Require valid-user
</LimitExcept>

These configuration rules are copied from a previous running installation under SuSE. The files have valid content. Problem still remains...

EDIT

I have removed the <LimitExcept GET PROPFIND OPTIONS REPORT> and </LimitExcept> lines, so that the authentication always applies. When I now access svn from the browser, I get an HTTP-Basic-Auth windows. After I have entered existing and correct credentials, the "Forbidden" message comes up again. Problem still remains...

EDIT

I finally got it running. I have set the repository path via SVNPath /var/www/svn/repos instead of SVNParentPath /var/www/svn. Now everything is fine...


Solution

  • You have to instruct Apache to perform authentication (so that Subversion will have a user to use with the rules

    In you location add something like this to you <Location> directive:

    SSLRequireSSL
    
    AuthType Basic
    AuthPAM_Enabled on 
    AuthName "Subversion"
    AuthUserFile /etc/shadow
    Require valid-user
    

    This example uses PAM but there are many other possibilities: refer to the Apache httpd manual