[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Re: ldap authentication in subversion

From: Irfan Sayed <irfu.sayed_at_gmail.com>
Date: Fri, 24 Apr 2009 20:46:56 +0530

Hi All,
Thanks for helping me.
Here is the update

first of all i dont have any directory as /usr/local/apache2. everything is
present in /etc/httpd

after doing some search for any latest patches for apache , yum utility
installed apr-util-ldap module.

after installation when i tried again to see whether it is working or not
then it throws me an error like "internal server error"

now in the error log i am getting some error like "unable to connect LDAP
server"

is it neccessary that port 389 should be opened ??

I have attached error log . please have a look
please please advice

Regards
Irf

On Fri, Apr 24, 2009 at 6:38 PM, Johan Corveleyn <
johan.corveleyn_at_uz.kuleuven.ac.be> wrote:

> We had exactly the same problem (on Solaris 10 though): segfaults from the
> child processes of apache when it tries to authenticate via LDAP.
>
> The reason was that we had our Apache installed in a different location
> than the standard one (which is /usr/local/apache2). Could that be the case
> with your installation? Where does your Apache reside?
>
> After some truss'ing we found that it failed when trying to access
> /usr/local/apache2/lib/apr-util-1/apr_ldap.so, which obviously didn't exist
> in our case. So, although the Solaris package we used to install Apache
> supported specifying a custom installation directory, the installation was
> not exactly correct (some paths were hardcoded/compiled/linked/... to be in
> /usr/local/apache2).
>
> As a workaround we made a symlink from /usr/local/apache2/lib/apr-util-1 to
> <location of apach2 lib>/apr-util-1. That solved the problem.
>
> Regards,
> Johan
>
> -----Oorspronkelijk bericht-----
> Van: Carlos Beppler [mailto:beppler_at_gmail.com]
> Verzonden: vrijdag 24 april 2009 14:55
> Aan: Irfan Sayed
> CC: webpost_at_tigris.org; users_at_subversion.tigris.org
> Onderwerp: Re: Re: ldap authentication in subversion
>
> It appears that your LDAP module is causing segmentation faults on the
> child process.
>
> I do not have experience with Fedora (we use Debian here).
>
> You are loading the mod_authnz_ldap. Are you loading the mod_ldap too?
> Look for this entries on your configuration files.
>
> LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so
>
> LoadModule authnz_ldap_module /usr/lib/apache2/modules/mod_authnz_ldap.so
>
>
> [Fri Apr 24 11:00:12 2009] [debug] mod_authnz_ldap.c(377): [client
> 10.192.2.195] [12733] auth_ldap authenticate: using URL
> ldap://exfo.com:389/DC=exfo,DC=com?sAMAccountName?sub?(objectClass=*)<http://exfo.com:389/DC=exfo,DC=com?sAMAccountName?sub?%28objectClass=*%29>
> [Fri Apr 24 11:00:13 2009] [notice] child pid 12733 exit signal
> Segmentation fault (11)
>
>
> On Fri, Apr 24, 2009 at 09:41, Irfan Sayed <irfu.sayed_at_gmail.com> wrote:
> > Hi,
> >
> > Apache is running on Fedora 10 (Linux).
> > I have attached error.log for your reference.
> >
> > Please please advice/help
> >
> > Regards
> > Irf
> >
> >
> > On 4/24/09, Carlos Alberto Costa Beppler <beppler_at_gmail.com> wrote:
> >> If you are using Windows 2000 or later the port 389 is probably already
> >> open.
> >>
> >> Is this apache on Windows or Linux? Can you send the contents of the
> >> error log file from Apache?
> >>
> >> On Fri, Apr 24, 2009 at 09:10, Irfan Sayed <irfu.sayed_at_gmail.com>
> wrote:
> >>> Sorry.
> >>> Here is the updated one.
> >>>
> >>> <Location "/svn">
> >>> DAV svn
> >>> SVNParentPath /usr/local/svn
> >>> SVNListParentPath On
> >>> SVNAutoversioning On
> >>> AuthBasicProvider ldap
> >>> AuthType Basic
> >>> AuthzLDAPAuthoritative off
> >>> AuthName "My "
> >>> AuthLDAPURL
> >>> "ldap://
> sppufls01.exfo.com:389/DC=exfo.com?sAMAccountName?sub?(objectClass=*)<http://sppufls01.exfo.com:389/DC=exfo.com?sAMAccountName?sub?%28objectClass=*%29>
> "
> >>> AuthLDAPBindDN "CN=irfsay1,CN=Users,DC=exfo.com"
> >>> AuthLDAPBindPassword jaba_1234
> >>> AuthzSVNAccessFile /etc/subversion/acl
> >>> # require ldap-group CN=irfsay1,CN=Users,DC=exfo.com
> >>> require valid-user
> >>> </Location>
> >>>
> >>> Still it is not working. i think the problem is that 389 port might
> >>> not be opened on the windows domain controller. Is it neccessary that
> >>> it should be opened??
> >>>
> >>> Please advice
> >>> Regards
> >>> Irf
> >>>
> >>>
> >>>
> >>> On 4/24/09, webpost_at_tigris.org <webpost_at_tigris.org> wrote:
> >>>> Apparently from what you write here, you have two AuthLDAPBindDN
> >>>> directives
> >>>> in your httpd.conf.
> >>>>
> >>>> ------------------------------------------------------
> >>>>
> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1890469
> >>>>
> >>>> To unsubscribe from this discussion, e-mail:
> >>>> [users-unsubscribe_at_subversion.tigris.org].
> >>>>
> >>>
> >>> ------------------------------------------------------
> >>>
> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1891212
> >>>
> >>> To unsubscribe from this discussion, e-mail:
> >>> [users-unsubscribe_at_subversion.tigris.org].
> >>>
> >>
> >
>
> ------------------------------------------------------
>
> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1891762
>
> To unsubscribe from this discussion, e-mail: [
> users-unsubscribe_at_subversion.tigris.org].
>

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1893703

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].

  • application/octet-stream attachment: error_log
Received on 2009-04-24 17:17:59 CEST

This is an archived mail posted to the Subversion Users mailing list.