Path-based authorization buggy when using SASL-LDAP

From: Markus Karg <karg_at_quipsy.de>
Date: Fri, 23 Nov 2012 16:50:32 +0100

Hello Subversion Community,

do you know any relationship between LDAP and paths in svn?

I am running svnserve 1.6.12 on Debian 6.0.6 "squeeze" and it works
really well, but now I wanted to switch from plain passwd file to
SASL-LDAP (ActiveDirectory) based authentication and trapped into a
really, really weird problem: On *some* paths and files in my repo I
cannot write anymore ("Access Denied"), while I still can read them and
write all others!

This is strange since:

- It happens only with *some* paths and files and I do not see
any common pattern!

- I have *not* set up any special treatment oft that paths or
files in my authzfile!

- All aliases are in one group that has *"rw"* access declared
in the authzfile, and there is *no* separated "r-only" rule declared on
*any* path or file for this group!

- It works *perfectly* with use-sasl=false, i. e. with plain
passwd file - the problem *only* occurs when I do use-sasl=true!

It is totally weird, as I do neither see any relationship between that
paths and my authzfile configuration, nor do I see any relationship
between LDAP and that paths!

For me it simply looks like a bug in svnserve 1.6.12! L

It would be great if anybody could tell me some ideas what I can do, as
I want to switch from plain passwd file to SASL-LDAP ASAP. J

Thanks!

-Markus
Received on 2012-11-23 16:51:15 CET

This message: [ Message body ]
Next message: Jan Keirse: "Re: Path-based authorization buggy when using SASL-LDAP"
Previous message: Oscarsen, Anders: "RE: Read access for a member of two authz groups with different permissions"
Next in thread: Jan Keirse: "Re: Path-based authorization buggy when using SASL-LDAP"
Reply: Jan Keirse: "Re: Path-based authorization buggy when using SASL-LDAP"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]