1

I am tring to setup a subversion server on CentOS 5.8 (CentOS release 5.8 (Final)). I have only a little experience with CentOS. I only have worked with SuSE and Ubuntu so far.

The problem I have is, when I try to access my SVN repository via http://domain.tld/svn I get "Forbidden, You don't have permission to access /svn/ on this server.".

These are the steps for my setup:

yum install mod_dav_svn subversion

Content of /etc/httpd/conf.d/subversion.conf

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<Location /svn>
   DAV svn
   SVNParentPath /var/www/svn
</Location>

Create related paths

mkdir -p /var/www/svn && cd /var/www/svn
svnadmin create repos
chown -R apache:apache repos
service httpd restart

I cant figure out, whats wrong...

Other sources on CentOS 5.7 suggested this as an additional step:

chcon -R -t httpd_sys_content_t /var/www/svn/repos
chcon -R -t httpd_sys_rw_content_t /var/www/svn/repos

When I execute this, I get chcon: can't apply partial context to unlabeled file /var/www/svn/repos

So I looked around and found a User that said, I should use 

chcon -h system_u:object_r:httpd_sys_content_t /var/www/svn/repos
chcon -R -h apache:object_r:httpd_sys_content_t /var/www/svn/repos/*

instead of

chcon -R -t httpd_sys_content_t /var/www/svn/repos

so I added also 2 lines for httpd_sys_rw_content_t:

chcon -h system_u:object_r:httpd_sys_content_t /var/www/svn/repos
chcon -R -h apache:object_r:httpd_sys_content_t /var/www/svn/repos/*
chcon -h system_u:object_r:httpd_sys_rw_content_t /var/www/svn/repos
chcon -R -h apache:object_r:httpd_sys_rw_content_t /var/www/svn/repos/*

Problem still remains...

service httpd restart

Problem still remains...

EDIT

I also have added authentication rules to the subversion.conf:

<LimitExcept GET PROPFIND OPTIONS REPORT>
    AuthzSVNAccessFile /etc/subversion/svn-access
    # Require SSL connection for password protection.
    # SSLRequireSSL

    AuthType Basic
    AuthName "Authorization Realm"
    AuthUserFile /etc/subversion/svn-passwd
    Require valid-user
</LimitExcept>

These configuration rules are copied from a previous running installation under SuSE. The files have valid content. Problem still remains...

EDIT

I have removed the <LimitExcept GET PROPFIND OPTIONS REPORT> and </LimitExcept> lines, so that the authentication always applies. When I now access svn from the browser, I get an HTTP-Basic-Auth windows. After I have entered existing and correct credentials, the "Forbidden" message comes up again. Problem still remains...

EDIT

I finally got it running. I have set the repository path via SVNPath /var/www/svn/repos instead of SVNParentPath /var/www/svn. Now everything is fine...

Ron
  • 1,336
  • 12
  • 20

2 Answers2

1

You have to instruct Apache to perform authentication (so that Subversion will have a user to use with the rules

In you location add something like this to you <Location> directive:

SSLRequireSSL

AuthType Basic
AuthPAM_Enabled on 
AuthName "Subversion"
AuthUserFile /etc/shadow
Require valid-user

This example uses PAM but there are many other possibilities: refer to the Apache httpd manual

Matteo
  • 14,696
  • 9
  • 68
  • 106
  • Thank you for you answer. Problem still remains. I have made an edit to my question above... – Ron Jul 22 '12 at 15:57
  • It is not right, that authentication is needed in order to get SVN running. Without authentication SVN is open to the public, but should run at least. Because you were the only one answered, I mark your answer as correct. – Ron Jul 22 '12 at 18:16
0

Try this:

<Location /svn>
    DAV svn
    SVNPath /var/www/svn
</Location>
mgukov
  • 493
  • 5
  • 18
  • Yeah, look at the last line of my post - had to add `.../repos` to the end of `SVNPath` – Ron Aug 02 '12 at 20:44