Re: mod_dav_svn: nested Location warning
Dear Mark and Ryan, Thank you for your comments. I am trying to serve a number of repositories from one server via https with different IP range restrictions applied to each. I do not want to show the names of the repositories to clients requesting https://server/repos/ . I am getting warnings like this in my logs and wanted to know if they matter. [Thu Oct 24 09:52:58.087560 2013] [:warn] [pid 23502] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' In light of your helpful suggestions, I have removed all mentions of /repos from the httpd config. I now have a set of blocks like this, one per repository: IfModule mod_dav_svn.c Location /repos/thereponame DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT /repos-web/view/repos-thereponame.xsl # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName Authorization Realm AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user /Location /IfModule And I still get the warnings! Is there something wrong with my config or should I simply ignore the warnings...? Best wishes, Chris
RE: mod_dav_svn: nested Location warning
-Original Message- From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] Sent: 24 October 2013 09:59 Dear Mark and Ryan, Thank you for your comments. I am trying to serve a number of repositories from one server via https with different IP range restrictions applied to each. I do not want to show the names of the repositories to clients requesting https://server/repos/ . I am getting warnings like this in my logs and wanted to know if they matter. [Thu Oct 24 09:52:58.087560 2013] [:warn] [pid 23502] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' In light of your helpful suggestions, I have removed all mentions of /repos from the httpd config. I now have a set of blocks like this, one per repository: IfModule mod_dav_svn.c Location /repos/thereponame DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT /repos-web/view/repos-thereponame.xsl # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName Authorization Realm AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user /Location /IfModule And I still get the warnings! Is there something wrong with my config or should I simply ignore the warnings...? Sorry but first thigs first: have you restarted your server after making your changes? ~ mark c Best wishes, Chris
RE: mod_dav_svn: nested Location warning
Good question.. Yes I have! And I can see the change because https://server/repos/ now gives a 404 which it didn't originally. C -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Re: mod_dav_svn: nested Location warning
On Oct 24, 2013, at 03:59, Chris Rodgers christopher.rodg...@cardiov.ox.ac.uk wrote: I am trying to serve a number of repositories from one server via https with different IP range restrictions applied to each. I do not want to show the names of the repositories to clients requesting https://server/repos/ . I am getting warnings like this in my logs and wanted to know if they matter. [Thu Oct 24 09:52:58.087560 2013] [:warn] [pid 23502] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' In light of your helpful suggestions, I have removed all mentions of /repos from the httpd config. I now have a set of blocks like this, one per repository: IfModule mod_dav_svn.c Location /repos/thereponame DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT /repos-web/view/repos-thereponame.xsl # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName Authorization Realm AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user /Location /IfModule And I still get the warnings! Is there something wrong with my config or should I simply ignore the warnings…? There’s either something wrong with your config, or with the Subversion code that checks for this nested condition. I haven’t run into the error before. The portion of config you showed looks fine. Are there other SVNPath or SVNParentPath directives elsewhere in your config that overlap the one you showed? What’s the DocumentRoot for the virtual host these directives occur in—is it any portion of /srv/svn/repos?
mod_dav_svn: nested Location warning
Dear All, I have just upgraded from Apache HTTPD 2.2 -- 2.4. My svn repository seems to work fine over https but I get these repeated warnings: [:warn] [pid 15721] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' My httpd.conf file contains this: IfModule mod_dav_svn.c ## ## project related HTML files ## IfModule mod_alias.c Alias /repos/srv/svn/html /IfModule Directory /srv/svn/html Options +Indexes +Multiviews -FollowSymLinks IndexOptionsFancyIndexing \ ScanHTMLTitles \ NameWidth=* \ DescriptionWidth=* \ SuppressLastModified \ SuppressSize order allow,deny allow from all /Directory Location /repos/thereponame DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT /repos-web/view/repos-thereponame.xsl # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Limit write permission to list of valid users. # LimitExcept GET PROPFIND OPTIONS REPORT # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName Authorization Realm AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user # /LimitExcept /Location /IfModule What have I done wrong? Thanks, Chris.
RE: mod_dav_svn: nested Location warning
-Original Message- From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] Sent: 22 October 2013 11:15 Dear All, I have just upgraded from Apache HTTPD 2.2 -- 2.4. My svn repository seems to work fine over https but I get these repeated warnings: [:warn] [pid 15721] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' My httpd.conf file contains this: IfModule mod_dav_svn.c ## ## project related HTML files ## IfModule mod_alias.c Alias /repos/srv/svn/html /IfModule Directory /srv/svn/html Options +Indexes +Multiviews -FollowSymLinks IndexOptionsFancyIndexing \ ScanHTMLTitles \ NameWidth=* \ DescriptionWidth=* \ SuppressLastModified \ SuppressSize order allow,deny allow from all /Directory Location /repos/thereponame DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT /repos-web/view/repos-thereponame.xsl # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Limit write permission to list of valid users. # LimitExcept GET PROPFIND OPTIONS REPORT # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName Authorization Realm AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user # /LimitExcept /Location /IfModule What have I done wrong? What are you trying to achieve with your `/repos` alias? Are you trying to server mulitple repos from that root but apply special handling to a specific path? The location directive serves one specific repo without the need for the alias, I would guess you could just remove that (but I might be wrong!) ~ mark c Thanks, Chris.
Re: mod_dav_svn: nested Location warning
Hi Mark, Thanks for getting back to me. I added this to avoid a 404 error for https://myserver/repos/ The /srv/svn/html folder is completely empty. C. On 22/10/2013 15:00, Cooke, Mark wrote: -Original Message- From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] Sent: 22 October 2013 11:15 Dear All, I have just upgraded from Apache HTTPD 2.2 -- 2.4. My svn repository seems to work fine over https but I get these repeated warnings: [:warn] [pid 15721] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' My httpd.conf file contains this: IfModule mod_dav_svn.c ## ## project related HTML files ## IfModule mod_alias.c Alias /repos/srv/svn/html /IfModule Directory /srv/svn/html Options +Indexes +Multiviews -FollowSymLinks IndexOptionsFancyIndexing \ ScanHTMLTitles \ NameWidth=* \ DescriptionWidth=* \ SuppressLastModified \ SuppressSize order allow,deny allow from all /Directory Location /repos/thereponame DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT /repos-web/view/repos-thereponame.xsl # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Limit write permission to list of valid users. # LimitExcept GET PROPFIND OPTIONS REPORT # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName Authorization Realm AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user # /LimitExcept /Location /IfModule What have I done wrong? What are you trying to achieve with your `/repos` alias? Are you trying to server mulitple repos from that root but apply special handling to a specific path? The location directive serves one specific repo without the need for the alias, I would guess you could just remove that (but I might be wrong!) ~ mark c Thanks, Chris.
RE: mod_dav_svn: nested Location warning
[Polite note: the convention on this list is to post inline or at the bottom...] On 22/10/2013 15:00, Cooke, Mark wrote: -Original Message- From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] Sent: 22 October 2013 11:15 Dear All, I have just upgraded from Apache HTTPD 2.2 -- 2.4. My svn repository seems to work fine over https but I get these repeated warnings: [:warn] [pid 15721] mod_dav_svn: nested Location '/repos/thereponame' hinders access to '' in SVNPath Location '/repos/thereponame' My httpd.conf file contains this: IfModule mod_dav_svn.c ## ## project related HTML files ## IfModule mod_alias.c Alias /repos/srv/svn/html /IfModule Directory /srv/svn/html Options +Indexes +Multiviews -FollowSymLinks IndexOptionsFancyIndexing \ ScanHTMLTitles \ NameWidth=* \ DescriptionWidth=* \ SuppressLastModified \ SuppressSize order allow,deny allow from all /Directory Location /repos/thereponame DAV svn SVNPath /srv/svn/repos/thereponame SVNIndexXSLT /repos-web/view/repos-thereponame.xsl # Include per-directory access control policy AuthzSVNAccessFile /srv/svn/user_access/thereponame_authz # Limit write permission to list of valid users. # LimitExcept GET PROPFIND OPTIONS REPORT # Require SSL connection for password protection. SSLRequireSSL AuthType Basic AuthName Authorization Realm AuthUserFile /srv/svn/user_access/thereponame_passwd Require valid-user # /LimitExcept /Location /IfModule What have I done wrong? What are you trying to achieve with your `/repos` alias? Are you trying to server mulitple repos from that root but apply special handling to a specific path? The location directive serves one specific repo without the need for the alias, I would guess you could just remove that (but I might be wrong!) ~ mark c Thanks, Chris. -Original Message- From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] Sent: 22 October 2013 16:08 To: Cooke, Mark; users@subversion.apache.org Subject: Re: mod_dav_svn: nested Location warning Hi Mark, Thanks for getting back to me. I added this to avoid a 404 error for https://myserver/repos/ The /srv/svn/html folder is completely empty. C. ...but what should be there? If you want a list of repositories then I would suggest investigating the `SVNParentPath` directive. 1/ If you comment out the alias directive, does you svn work ok? 2/ what are you trying to serve via the `/repos` URL? ~ Mark C
Re: mod_dav_svn: nested Location warning
...but what should be there? If you want a list of repositories then I would suggest investigating the `SVNParentPath` directive. 1/ If you comment out the alias directive, does you svn work ok? 2/ what are you trying to serve via the `/repos` URL? ~ Mark C Hi Mark, 1) Yes, SVN does then work OK. But I then get a 404 error from https://server/repos/ 2) I am using the http://www.reposstyle.com/ style sheet, so each repository root has an Up button in the HTML page that is served... I wanted a blank directory listing with a quick .. link for getting back to the server root. The intention was not to reveal the repos names whilst avoiding the dead link from the repo root folder. I still don't really understand the need for this warning: There is no folder thereponame in /srv/svn/html so nothing actually conflicts. If I removed the Alias, wouldn't there still be a potential-but-not-in-fact conflict between a path on disk /htdocs/repos/thereponame (which doesn't exist) and the repository URL https://server/repos/thereponame/ ?? C.
Re: mod_dav_svn: nested Location warning
...but what should be there? If you want a list of repositories then I would suggest investigating the `SVNParentPath` directive. 1/ If you comment out the alias directive, does you svn work ok? 2/ what are you trying to serve via the `/repos` URL? ~ Mark C I have also just noticed that the warning is still being generated even without the Alias directive. Do you have any further ideas for what I can try / if this matters? Chris.
RE: mod_dav_svn: nested Location warning
-Original Message- From: Chris Rodgers [mailto:christopher.rodg...@cardiov.ox.ac.uk] Sent: 22 October 2013 16:51 ...but what should be there? If you want a list of repositories then I would suggest investigating the `SVNParentPath` directive. 1/ If you comment out the alias directive, does you svn work ok? 2/ what are you trying to serve via the `/repos` URL? ~ Mark C Hi Mark, 1) Yes, SVN does then work OK. But I then get a 404 error from https://server/repos/ What is in /srv/svn/repos/thereponame? SVNPath should point to a single repository root folder (the one with the conf, dav, db etc folders. 2) I am using the http://www.reposstyle.com/ style sheet, so each repository root has an Up button in the HTML page that is served... I wanted a blank directory listing with a quick .. link for getting back to the server root. The intention was not to reveal the repos names whilst avoiding the dead link from the repo root folder. I am not sure I understand. Do you want to use `SVNParentPath` to serve a group of repositories without actually revealing the list of repo names? You should be able to do that be editing the style sheet to not list the actual names but then how are your users going to find their repos? I still don't really understand the need for this warning: There is no folder thereponame in /srv/svn/html so nothing actually conflicts. It does because the alias is matched first and affects your loaction directive (I could well be wrong but I cannot see how to use the two together without potential issues). Can I suggest: instead of asking for a solution to your specific problem, ask how to achieve what you actually want (i.e. describe if my guess above is wrong)... ~ Mark C If I removed the Alias, wouldn't there still be a potential-but-not-in-fact conflict between a path on disk /htdocs/repos/thereponame (which doesn't exist) and the repository URL https://server/repos/thereponame/ ?? C.
Re: mod_dav_svn: nested Location warning
On Oct 22, 2013, at 11:04, Cooke, Mark mark.co...@siemens.com wrote: I am not sure I understand. Do you want to use `SVNParentPath` to serve a group of repositories without actually revealing the list of repo names? You should be able to do that be editing the style sheet to not list the actual names but then how are your users going to find their repos? I don't think so, because the XML data and the XSLT stylesheet are both sent to the browser which puts them together to display them; a user could easily circumvent a stylesheet by viewing the XML source directly. If you're using SVNParentPath but don't want to show the list of repositories, you simply don't set SVNListParentPath on. The directive Alias /repos /srv/svn/html matches all locations that *begin* with /repos; sounds like what you really want is to match only the locations /repos and /repos/ exactly. For that you should be able to use something like: AliasMatch ^/repos/?$ /srv/svn/html Or: RedirectMatch permanent ^/repos$ /repos/ AliasMatch ^/repos/$ /srv/svn/html If the index.html page in that directory references any assets (stylesheets, images) in the same folder they won't work because the AliasMatch doesn't know about them. You could either list those assets in the AliasMatch too, or just reference assets from elsewhere on your server.
