[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn: Authorization failed

From: Erick Calder <e_at_arix.com>
Date: Sun, 23 Aug 2009 22:25:51 -0700

On Aug 23, 2009, at 9:41 PM, Erick Calder wrote:

> On Aug 14, 2009, at 11:47 PM, Ryan Schmidt wrote:
>> On Aug 15, 2009, at 00:47, Erick Calder wrote:
>>
>>>> Stop right there. Proceed *DIRECTLY* to the use of svn+ssh to get a
>>>> much better security model. Subversion's tendency to store
>>>> passwords
>>>> in clear text is very nasty, and this is the most reliable fix
>>>> for it,
>>>> one used by Slashdot and other security conscious systems
>>>
>>> the svn+ssh model is problematic because I really don't want to give
>>> system accounts to those that will use svn...
>>
>> Fortunately, you don't need to. :) Everyone can share a single
>> account to access Subversion on the server via svn+ssh. See this FAQ:
>>
>> http://subversion.tigris.org/faq.html#ssh-authorized-keys-trick
>
> thanks for the link, I read through the docs and got it to work. it
> would have helped to indicate that I now have to access the repo
> like svn+ssh://myserver/repo-path/project, instead of svn://myserver/
> project... but I figured it out. I checked out a project, made a
> change to a file and tried to commit it but I get the following error:
>
> ekkis_at_aprilis:~/Development/janus/DB/Ent/trunk # svn commit
> Sending trunk/Ent.pm
> Transmitting file data .svn: Commit failed (details follow):
> svn: Can't open file '/var/svn/db/txn-current-lock': Permission denied
>
> my repo is located at /var/svn and I've set its ownership to svn:svn
> so I'm guessing my account doesn't have write permissions... my
> question is: since my account "ekkis" does not exist on the server
> (I used the --tunnel-user option in the "command" portion of the
> authorized_keys2 file), how do I add it to the svn group?
>
> or else... how is this supposed to work?
>
> TIA - ekkis

ok, I figured it out. the answer is users need to come into the box
as user "svn" i.e.

        export SVN_SSH="ssh -l svn -i $HOME/.ssh/id_rsa"

I'd like to write a little mini-HOWTO because with current
documentation I still had to struggle too much... if I do, where's a
good place to put it that others will find it?

- e

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2386631

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-08-24 07:23:54 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.