Re: Apache httpd 2.4 + Subversion 1.9.5 + LDAP combination does not work on CentOS 7.x

2017-07-17 Thread Ravi Roy 
>
>
> You should remove these lines:
>
> Satisfy any
> Order allow,deny
> Allow from all
> AuthUserFile /dev/null
>
>
> then add
>
> Satisfy all
>
>
> I also suggest you add the HEAD method to the LimitExcept directive.
>
>
>
Thanks Branko for quick response, i've added updated configuration as
mentioned above and restarted the httpd server, but it is not asking for
authentication information, it is still allowing the users which are not in
permfie to access the repo.

Regards
Ravi.

Re: Apache httpd 2.4 + Subversion 1.9.5 + LDAP combination does not work on CentOS 7.x

2017-07-17 Thread Branko Čibej 
On 17.07.2017 14:09, Ravi Roy wrote:
> Hi
>
> I've been using Apache httpd 2.2.23 with Subvesion 1..6.21 with LDAP
> on CentOS 5.11 (old setup) for years now. Recently we planned to
> upgrade to Subversion 1.9.x with Apache httpd 2.4.x, i've prepared the
> setup as per the following with LDAP support :
>
> 1) compiled and installed Apache 2.4.16 from source
> 2) compile and installed Subversion 1.9.5 from source
>
>
> I've the following snippet in my httpd config which works in old setup
> perfectly but in the new setup it does not work at all, It can not
> control the repo access:
>
> 
> DAV svn
> SVNPath /var/repos/svn/MyRepo.
> Satisfy any
> 
> Require valid-user
> 
> Order allow,deny
> Allow from all
> AuthzLDAPAuthoritative on
> AuthType Basic
> AuthName "Please use your Username and Password:"
> AuthLDAPBindDN "CN=Ac,OU=All Users,OU=myOU,DC=mydomain,DC=com"
> AuthLDAPBindPassword mypass
> AuthLDAPURL
> "ldap://mydomain.com:3269/dc=mydomain,dc=com?sAMAccountName?sub?(objectClass=*)
> "
> AuthBasicProvider ldap
> AuthUserFile /dev/null
> AuthzSVNAccessFile /var/repos/permissions/permfile.txt
> 
>
> permfile.txt
> 
>
> [groups]
> write-perm1 = user1, user2
>
> [/]
> @write-perm1 = rw
> * =
>
>
> After removing "AuthzLDAPAuthoritative on" (which is removed in Apache
> httpd 2.4.x), it allows any ldap user to access the repo (which i do
> not want). I want permfile to control the access to repo, but i could
> not see an effective way to enable it.
> Can somebody help here please?

You should remove these lines:

Satisfy any
Order allow,deny
Allow from all
AuthUserFile /dev/null


then add

Satisfy all


I also suggest you add the HEAD method to the LimitExcept directive.

-- Brane

Apache httpd 2.4 + Subversion 1.9.5 + LDAP combination does not work on CentOS 7.x

2017-07-17 Thread Ravi Roy 
Hi

I've been using Apache httpd 2.2.23 with Subvesion 1..6.21 with LDAP on
CentOS 5.11 (old setup) for years now. Recently we planned to upgrade to
Subversion 1.9.x with Apache httpd 2.4.x, i've prepared the setup as per
the following with LDAP support :

1) compiled and installed Apache 2.4.16 from source
2) compile and installed Subversion 1.9.5 from source


I've the following snippet in my httpd config which works in old setup
perfectly but in the new setup it does not work at all, It can not control
the repo access:


DAV svn
SVNPath /var/repos/svn/MyRepo.
Satisfy any

Require valid-user

Order allow,deny
Allow from all
AuthzLDAPAuthoritative on
AuthType Basic
AuthName "Please use your Username and Password:"
AuthLDAPBindDN "CN=Ac,OU=All Users,OU=myOU,DC=mydomain,DC=com"
AuthLDAPBindPassword mypass
AuthLDAPURL "ldap://mydomain.com:3269/dc=m
ydomain,dc=com?sAMAccountName?sub?(objectClass=*)

"
AuthBasicProvider ldap
AuthUserFile /dev/null
AuthzSVNAccessFile /var/repos/permissions/permfile.txt


permfile.txt


[groups]
write-perm1 = user1, user2

[/]
@write-perm1 = rw
* =


After removing "AuthzLDAPAuthoritative on" (which is removed in Apache
httpd 2.4.x), it allows any ldap user to access the repo (which i do not
want). I want permfile to control the access to repo, but i could not see
an effective way to enable it.
Can somebody help here please?

Regards
Ravi.

Re: This needs moderators? Re: Root-relative svn:externals result in error exporting a specific revision

2017-07-17 Thread Pavel Lyalyakin 
Hello,

On Sun, Jul 16, 2017 at 2:04 PM, Daniel Shahaf 
wrote:

> [ bcc'd to dev@, users-owner@; please follow up to users@ ]
>
> Doug Brown wrote on Wed, 12 Jul 2017 17:34 -0700:
> > …
>
> Doug reported earlier today that his message was not moderated to users@
> from Wednesday until just now.
>
> What happened?  Greg, Ed, Lorenz, are you still actively moderating this
> list?
> Do we need more moderators?
>
> Cheers,
>
> Daniel
>

If there is a need for a mailing list moderator, I'd be happy to take up
the duty. :)

-- 
With best regards,
Pavel Lyalyakin
VisualSVN Team