I've implemented proposed behavior in r1653032. On 16 January 2015 at 22:52, C. Michael Pilato <cmpil...@collab.net> wrote: [...] > > As for log levels, is there any reason to log the implicit read attempts > at a level higher than "debug"? I have no opinion about the log level > for the explicit ones. > Some audit tools may parse logs to collect information of all path accessed by user. So I've decided to use INFO level for such implicit attempts.
On 17 January 2015 at 00:45, Branko Čibej <br...@wandisco.com> wrote: >> I have no opinion about the log level for the explicit ones. > > I believe a request for /private will return a 404 error, same as a > request for a non-existent path. And IIRC these are normally logged at > error level. Agree, that what I implemented in r1653032. On 18 January 2015 at 06:48, Daniel Shahaf <d...@daniel.shahaf.name> wrote: > It would be nice if the the logged message should be different in that > case, too. That is: there should be some indication, besides the > different log level, that the subrequest-generated log event is > "normal". > > That is, we don't want this: > > [debug] Access denied: /private > [error] Access denied: /private > > But this: > > [debug] Hiding directory '/private' (Access denied) > [error] Access denied: /private > > (Or some other log level instead of "debug" — I haven't thought about > what log level would be appropriate.) I agree that different log message would be nice to have, but there is an issue: in mod_authz_svn we're not 100% sure that path will be hidden. mod_authz_svn just answer the question whether access allowed or not, but it doesn't know how this information will be used latter at mod_dav_svn layer. May be different wording may fix this issue though. -- Ivan Zhakov