thanks for replying
On Aug 12, 2009, at 4:59 AM, Nico Kadel-Garcia wrote:
> On Tue, Aug 11, 2009 at 9:39 PM, Erick Calder<e_at_arix.com> wrote:
>> I'm running Fedora 11 and installed from RPMs. last night I
>> converted
>> my CVS repository, placing it in /var/svn. after editing the conf/
>> svnserve.conf to set use-sasl = false and the passwd to add an
>> account
>> for myself, I'm trying to import something but either authentication
>> or authorization is failing, I don't know which - and I find the
>> server provides NO debugging output whatsoever to help.
>
> Stop right there. Proceed *DIRECTLY* to the use of svn+ssh to get a
> much better security model. Subversion's tendency to store passwords
> in clear text is very nasty, and this is the most reliable fix for it,
> one used by Slashdot and other security conscious systems
the svn+ssh model is problematic because I really don't want to give
system accounts to those that will use svn... I agree that having to
code the passwords in the clear is not nice but since I'll be
assigning them and the file with the passwords is root owned, I think
it's ok.
>> as root, I run the server like this:
>>
>> # svnserve -r /var/svn -d --foreground
>>
>> on my laptop I try:
>>
>> # svn import --username=myacct --password=mypass sys svn://
>> mysvnserver/
>> sys
>>
>> and get:
>>
>> svn: Authorization failed
>> svn: Your commit message was left in a temporary file:
>> svn: 'svn-commit.1.tmp'
>
> What does this command report?
>
> # svn list --username=myacct --password=mypass sys svn://mysvnserver
>
> Always test functions that do not involve write permissions first,
> when encountering subversion configuration issues.
actually, I had done that with positive results which led me to
believe that authentication wasn't the problem. that conclusion was
actually wrong as someone on freenode.net#svn explained that for read-
only command the user is never authenticated.
>> I've been on freenode#svn but find no one there to help and I've
>> already burnt too many hours googling and struggling. please help.
incidentally, I figured out the problem. the config file contains a
line:
# password-db = passwd
which I took to mean (as is common in config files) that the option
did not need to be specified and that its default was that stated. in
fact, I discovered (through experimentation) that this is not the case
but that the option defaults to empty!
grr...
so all I had to do was uncomment it. bad of whoever wrote the config
file.
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2383820
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-15 07:46:51 CEST