RE: mod_dav_svn: nested Location warning
> -Original Message- > From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] > Sent: 22 October 2013 11:15 > > Dear All, > > I have just upgraded from Apache HTTPD 2.2 --> 2.4. My svn repository > seems to work fine over https but I get these repeated warnings: > > > [:warn] [pid 15721] mod_dav_svn: nested Location > '/repos/thereponame' > > hinders access to '' in SVNPath Location '/repos/thereponame' > > My httpd.conf file contains this: > > > > > > > ## > > ## project related HTML files > > ## > > > > Alias /repos/srv/svn/html > > > > > > Options +Indexes +Multiviews -FollowSymLinks > > IndexOptionsFancyIndexing \ > > ScanHTMLTitles \ > > NameWidth=* \ > > DescriptionWidth=* \ > > SuppressLastModified \ > > SuppressSize > > > > order allow,deny > > allow from all > > > > > > > >DAV svn > >SVNPath /srv/svn/repos/thereponame > >SVNIndexXSLT "/repos-web/view/repos-thereponame.xsl" > > > ># Include per-directory access control policy > >AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz > > > ># Limit write permission to list of valid users. > > # > > # Require SSL connection for password protection. > > SSLRequireSSL > > > > AuthType Basic > > AuthName "Authorization Realm" > > AuthUserFile /srv/svn/user_access/thereponame_passwd > > Require valid-user > > # > > > > > > > > > > What have I done wrong? What are you trying to achieve with your `/repos` alias? Are you trying to server mulitple repos from that root but apply special handling to a specific path? The location directive serves one specific repo without the need for the alias, I would guess you could just remove that (but I might be wrong!) ~ mark c > Thanks, > > Chris. >
Re: mod_dav_svn: nested Location warning
Hi Mark, Thanks for getting back to me. I added this to avoid a 404 error for https://myserver/repos/ The /srv/svn/html folder is completely empty. C. On 22/10/2013 15:00, Cooke, Mark wrote: -Original Message- From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] Sent: 22 October 2013 11:15 Dear All, I have just upgraded from Apache HTTPD 2.2 --> 2.4. My svn repository seems to work fine over https but I get these repeated warnings: [:warn] [pid 15721] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' My httpd.conf file contains this: ## ## project related HTML files ## Alias /repos/srv/svn/html Options +Indexes +Multiviews -FollowSymLinks IndexOptionsFancyIndexing \ ScanHTMLTitles \ NameWidth=* \ DescriptionWidth=* \ SuppressLastModified \ SuppressSize order allow,deny allow from all DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT "/repos-web/view/repos-thereponame.xsl" # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Limit write permission to list of valid users. # # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName "Authorization Realm" AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user # What have I done wrong? What are you trying to achieve with your `/repos` alias? Are you trying to server mulitple repos from that root but apply special handling to a specific path? The location directive serves one specific repo without the need for the alias, I would guess you could just remove that (but I might be wrong!) ~ mark c Thanks, Chris.
RE: mod_dav_svn: nested Location warning
[Polite note: the convention on this list is to post inline or at the bottom...] > On 22/10/2013 15:00, Cooke, Mark wrote: > >> -Original Message- > >> From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] > >> Sent: 22 October 2013 11:15 > >> > >> Dear All, > >> > >> I have just upgraded from Apache HTTPD 2.2 --> 2.4. My svn > repository > >> seems to work fine over https but I get these repeated warnings: > >> > >>> [:warn] [pid 15721] mod_dav_svn: nested Location > >> '/repos/thereponame' > >>> hinders access to '' in SVNPath Location '/repos/thereponame' > >> My httpd.conf file contains this: > >> > >>> > >>> > >>> ## > >>> ## project related HTML files > >>> ## > >>> > >>> Alias /repos/srv/svn/html > >>> > >>> > >>> Options +Indexes +Multiviews -FollowSymLinks > >>> IndexOptionsFancyIndexing \ > >>> ScanHTMLTitles \ > >>> NameWidth=* \ > >>> DescriptionWidth=* \ > >>> SuppressLastModified \ > >>> SuppressSize > >>> > >>> order allow,deny > >>> allow from all > >>> > >>> > >>> > >>> DAV svn > >>> SVNPath /srv/svn/repos/thereponame > >>> SVNIndexXSLT "/repos-web/view/repos-thereponame.xsl" > >>> > >>> # Include per-directory access control policy > >>> AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz > >>> > >>> # Limit write permission to list of valid users. > >>> # > >>># Require SSL connection for password protection. > >>>SSLRequireSSL > >>> > >>>AuthType Basic > >>>AuthName "Authorization Realm" > >>>AuthUserFile /srv/svn/user_access/thereponame_passwd > >>>Require valid-user > >>> # > >>> > >>> > >>> > >>> > >> What have I done wrong? > > > > What are you trying to achieve with your `/repos` alias? > > Are you trying to server mulitple repos from that root but > > apply special handling to a specific path? The location > > directive serves one specific repo without the need for the > > alias, I would guess you could just remove that (but I might > > be wrong!) > > > > ~ mark c > > > >> Thanks, > >> > >> Chris. > > -Original Message- > From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] > Sent: 22 October 2013 16:08 > To: Cooke, Mark; users@subversion.apache.org > Subject: Re: mod_dav_svn: nested Location warning > > Hi Mark, > > Thanks for getting back to me. > > I added this to avoid a 404 error for https://myserver/repos/ > > The /srv/svn/html folder is completely empty. > > C. > ...but what should be there? If you want a list of repositories then I would suggest investigating the `SVNParentPath` directive. 1/ If you comment out the alias directive, does you svn work ok? 2/ what are you trying to serve via the `/repos` URL? ~ Mark C
Re: mod_dav_svn: nested Location warning
...but what should be there? If you want a list of repositories then I would suggest investigating the `SVNParentPath` directive. 1/ If you comment out the alias directive, does you svn work ok? 2/ what are you trying to serve via the `/repos` URL? ~ Mark C Hi Mark, 1) Yes, SVN does then work OK. But I then get a 404 error from https://server/repos/ 2) I am using the http://www.reposstyle.com/ style sheet, so each repository root has an "Up" button in the HTML page that is served... I wanted a blank directory listing with a quick ".." link for getting back to the server root. The intention was not to reveal the repos names whilst avoiding the dead link from the repo root folder. I still don't really understand the need for this warning: There is no folder "thereponame" in /srv/svn/html so nothing actually conflicts. If I removed the Alias, wouldn't there still be a potential-but-not-in-fact conflict between a path on disk /htdocs/repos/thereponame (which doesn't exist) and the repository URL https://server/repos/thereponame/ ?? C.
Re: mod_dav_svn: nested Location warning
...but what should be there? If you want a list of repositories then I would suggest investigating the `SVNParentPath` directive. 1/ If you comment out the alias directive, does you svn work ok? 2/ what are you trying to serve via the `/repos` URL? ~ Mark C I have also just noticed that the warning is still being generated even without the Alias directive. Do you have any further ideas for what I can try / if this matters? Chris.
RE: mod_dav_svn: nested Location warning
> -Original Message- > From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] > Sent: 22 October 2013 16:51 > > > ...but what should be there? If you want a list of > > repositories then I would suggest investigating the > > `SVNParentPath` directive. > > 1/ If you comment out the alias directive, does you svn work ok? > > 2/ what are you trying to serve via the `/repos` URL? > > > > ~ Mark C > > > > Hi Mark, > > 1) Yes, SVN does then work OK. > > But I then get a 404 error from https://server/repos/ What is in /srv/svn/repos/thereponame? SVNPath should point to a single repository root folder (the one with the conf, dav, db etc folders. > 2) I am using the http://www.reposstyle.com/ style sheet, so each > repository root has an "Up" button in the HTML page that is > served... I > wanted a blank directory listing with a quick ".." link for > getting back > to the server root. The intention was not to reveal the repos names > whilst avoiding the dead link from the repo root folder. I am not sure I understand. Do you want to use `SVNParentPath` to serve a group of repositories without actually revealing the list of repo names? You should be able to do that be editing the style sheet to not list the actual names but then how are your users going to find their repos? > I still don't really understand the need for this warning: > > There is no folder "thereponame" in /srv/svn/html so nothing actually > conflicts. It does because the alias is matched first and affects your loaction directive (I could well be wrong but I cannot see how to use the two together without potential issues). Can I suggest: instead of asking for a solution to your specific problem, ask how to achieve what you actually want (i.e. describe if my guess above is wrong)... ~ Mark C > If I removed the Alias, wouldn't there still be a > potential-but-not-in-fact conflict between a path on disk > /htdocs/repos/thereponame (which doesn't exist) and the > repository URL > https://server/repos/thereponame/ ?? > > C. >
Re: mod_dav_svn: nested Location warning
On Oct 22, 2013, at 11:04, "Cooke, Mark" wrote: > I am not sure I understand. Do you want to use `SVNParentPath` to serve a > group of repositories without actually revealing the list of repo names? You > should be able to do that be editing the style sheet to not list the actual > names but then how are your users going to find their repos? I don't think so, because the XML data and the XSLT stylesheet are both sent to the browser which puts them together to display them; a user could easily circumvent a stylesheet by viewing the XML source directly. If you're using SVNParentPath but don't want to show the list of repositories, you simply don't set "SVNListParentPath on". The directive "Alias /repos /srv/svn/html" matches all locations that *begin* with "/repos"; sounds like what you really want is to match only the locations "/repos" and "/repos/" exactly. For that you should be able to use something like: AliasMatch ^/repos/?$ /srv/svn/html Or: RedirectMatch permanent ^/repos$ /repos/ AliasMatch ^/repos/$ /srv/svn/html If the index.html page in that directory references any assets (stylesheets, images) in the same folder they won't work because the AliasMatch doesn't know about them. You could either list those assets in the AliasMatch too, or just reference assets from elsewhere on your server.
Re: mod_dav_svn: nested Location warning
Dear Mark and Ryan, Thank you for your comments. I am trying to serve a number of repositories from one server via https with different IP range restrictions applied to each. I do not want to show the names of the repositories to clients requesting https://server/repos/ . I am getting warnings like this in my logs and wanted to know if they matter. [Thu Oct 24 09:52:58.087560 2013] [:warn] [pid 23502] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' In light of your helpful suggestions, I have removed all mentions of "/repos" from the httpd config. I now have a set of blocks like this, one per repository: DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT "/repos-web/view/repos-thereponame.xsl" # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName "Authorization Realm" AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user And I still get the warnings! Is there something wrong with my config or should I simply ignore the warnings...? Best wishes, Chris
RE: mod_dav_svn: nested Location warning
> -Original Message- > From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] > Sent: 24 October 2013 09:59 > > Dear Mark and Ryan, > > Thank you for your comments. > > I am trying to serve a number of repositories from one server > via https > with different IP range restrictions applied to each. I do > not want to > show the names of the repositories to clients requesting > https://server/repos/ . > > I am getting warnings like this in my logs and wanted to know if they > matter. > > > [Thu Oct 24 09:52:58.087560 2013] [:warn] [pid 23502] mod_dav_svn: > > nested Location '/repos/thereponame' hinders access to '' > in SVNPath > > Location '/repos/thereponame' > > > > In light of your helpful suggestions, I have removed all mentions of > "/repos" from the httpd config. I now have a set of blocks like this, > one per repository: > > > > > > > > >DAV svn > >SVNPath /srv/svn/repos/thereponame > >SVNIndexXSLT "/repos-web/view/repos-thereponame.xsl" > > > ># Include per-directory access control policy > >AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz > > > > # Require SSL connection for password protection. > > SSLRequireSSL > > > > AuthType Basic > > AuthName "Authorization Realm" > > AuthUserFile /srv/svn/user_access/thereponame_passwd > > Require valid-user > > > > > > > > And I still get the warnings! > > Is there something wrong with my config or should I simply ignore the > warnings...? Sorry but first thigs first: have you restarted your server after making your changes? ~ mark c > Best wishes, > > Chris >
RE: mod_dav_svn: nested Location warning
Good question.. Yes I have! And I can see the change because https://server/repos/ now gives a 404 which it didn't originally. C -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Re: mod_dav_svn: nested Location warning
On Oct 24, 2013, at 03:59, Chris Rodgers wrote: > I am trying to serve a number of repositories from one server via https with > different IP range restrictions applied to each. I do not want to show the > names of the repositories to clients requesting https://server/repos/ . > > I am getting warnings like this in my logs and wanted to know if they matter. > >> [Thu Oct 24 09:52:58.087560 2013] [:warn] [pid 23502] mod_dav_svn: nested >> Location '/repos/thereponame' hinders access to '' in SVNPath Location >> '/repos/thereponame' > > In light of your helpful suggestions, I have removed all mentions of "/repos" > from the httpd config. I now have a set of blocks like this, one per > repository: > >> >> >> >> DAV svn >> SVNPath /srv/svn/repos/thereponame >> SVNIndexXSLT "/repos-web/view/repos-thereponame.xsl" >> >> # Include per-directory access control policy >> AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz >> >> # Require SSL connection for password protection. >> SSLRequireSSL >> >> AuthType Basic >> AuthName "Authorization Realm" >> AuthUserFile /srv/svn/user_access/thereponame_passwd >> Require valid-user >> >> >> > > And I still get the warnings! > > Is there something wrong with my config or should I simply ignore the > warnings…? There’s either something wrong with your config, or with the Subversion code that checks for this nested condition. I haven’t run into the error before. The portion of config you showed looks fine. Are there other SVNPath or SVNParentPath directives elsewhere in your config that overlap the one you showed? What’s the DocumentRoot for the virtual host these directives occur in—is it any portion of /srv/svn/repos?