Geek Answers Handbook

Strange behavior of mod_authz_svn

I configured my svn server on apache2 as follows:

<Location /svn_test> DAV svn SVNParentPath /path/to/SvnTest AuthType Basic AuthName "Subversion repository" AuthUserFile "/path/to/passwd" AuthzSVNAccessFile "/path/to/authz" Require valid-user SVNAdvertiseV2Protocol Off AuthzSVNAnonymous Off </Location>

And the authz file is configured as follows:

 [groups] g=hy [test:/] hy=r *= [test:/subdir] hy=r *= [test:/subdir1] hy=rw *=

The problem is that I want to control the resolution of the subdir separately from other directories, but if I change the resolution of subdir1 to "rw", I can write to subdir, and if I change the resolution of subdir1 to "r", the resolution of subdir will become "r", as was expected.

In fact, if I change any permission to the directory to "rw", these directories I want it to be read-only, write-accessible.

I have inserted some apache logs below in case this is useful.

Every time I restart apache2, it complains about the python version mismatching, but despite this, everything is fine, I'm sure this is important:

 [Fri Mar 27 15:55:44.381138 2015] [mpm_worker:notice] [pid 10693:tid 140245999884160] AH00295: caught SIGTERM, shutting down [Fri Mar 27 15:55:45.111049 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python version mismatch, expected '2.7.5+', found '2.7.4'. [Fri Mar 27 15:55:45.111523 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python executable found '/usr/bin/python'. [Fri Mar 27 15:55:45.111556 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python path being used '/usr/lib/python2.7/:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'. [Fri Mar 27 15:55:45.111585 2015] [:notice] [pid 13438:tid 139851301021568] mod_python: Creating 8 session mutexes based on 6 max processes and 25 max threads. [Fri Mar 27 15:55:45.111600 2015] [:notice] [pid 13438:tid 139851301021568] mod_python: using mutex_directory /tmp [Fri Mar 27 15:55:45.122215 2015] [mpm_worker:notice] [pid 13438:tid 139851301021568] AH00292: Apache/2.4.6 (Ubuntu) SVN/1.7.9 mod_python/3.3.1 Python/2.7.4 configured -- resuming normal operations [Fri Mar 27 15:55:45.122280 2015] [core:notice] [pid 13438:tid 139851301021568] AH00094: Command line: '/usr/sbin/apache2'
+8
svn apache mod-dav-svn authz
source share
1 answer

http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html :

By default, no one has access to the repository at all.

Therefore, you do not need to explicitly deny access to your paths.

I would rewrite your configuration as follows:

 [groups] g = hy [test:/] hy = r # Permissions are inherited from parent to child directory # and hy already has read access to the root of the repo and its subdirectories, # so this can be skipped: #[test:/subdir] #hy = r [test:/subdir1] hy = rw
+3
source share

More articles:


All Articles