[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: 403 Forbidden in response to COPY request

From: Bob Archer <Bob.Archer_at_amsi.com>
Date: Wed, 17 Mar 2010 10:32:15 -0400

> Several users are configured to use our Subversion system via HTTPS and
> Basic authentication.
>
> Repos URL:
> https://www.example.com/repos/repos1/trunk
>
>
> Apache config "vhost_ssl.conf":
>
> <Location /repos>
>     DAV svn
>     SVNParentPath /var/www/svn
>
>     AuthzSVNAccessFile /var/www/vhosts/example.com/conf/reposAccessFile
>
>     AuthType Basic
>     AuthName "Traffic Subversion Repository"
>     AuthUserFile /var/www/vhosts/example.com/conf/svnuserpw
>     require valid-user
> </Location>
>
>
> reposAccessFile:
>
> [specialrepos:/]
> * = rw
>
> [specialrepos:/trunk]
> user2 =
>
> [specialrepos:/branches]
> user2 =
>
> [specialrepos:/tags]
> user2 =
>
> [/trunk/specialfile]
> user2 =
>
> [/]
> * = rw
>
>
> svnuserpw file:
> user1:<hash>
> user2:<hash>
>
>
> When I authenticate as user1 I can execute all commands without problem.
> However, when I authenticate as user2 I receive the following error when
> trying to create a branch from the trunk of "repos1":
>
> Using TortoiseSVN from my local machine:
> > Copy C:\www\repos1 to
> https://www.example.com/repos/repos1/branches/test, Revision 999
> Server sent unexpected return value (403 Forbidden) in response to COPY
> request
> for '/repos/repos1/!svn/bc/999/trunk'
>
> Using the command line from my local machine:
> > svn copy --username user2 https://www.example.com/repos/repos1/trunk
> https://www.example.com/repos/repos1/branches/test -r 999 -m ""
> > svn: COPY of branches/test4: 403 Forbidden (https://www.online-
> toolbox.com)
>
> It works if I do it on the command line of the same server where the repos
> is actually stored, and I'm logged in as root:
> > svn copy --username user2 file:///var/www/svn/repos1/trunk
> file:///var/www/svn/repos1/branches/test -r 999 -m "" --no-auth-cache
> > Committed revision 2000.
>
> ....but fails if I'm logged in on that same server as another user:
> > svn copy --username user2 file:///var/www/svn/repos1/trunk
> file:///var/www/svn/repos1/branches/test -r 999 -m "" --no-auth-cache
> > svn: Can't create directory '/var/www/svn/repos1/db/transactions/1999-
> 1.txn': Permission denied
> but this is presumably because only the "apache" operating system user has
> write access to the /var/www/svn folder:
>
> drwxr-xr-x  123 apache apache    4096 Jan 1 2010 .
> drwxr-xr-x  1 root   root      4096 Jan 1 2010 ..
> drwxr-xr-x  12 apache apache    4096 Jan 1 2010 repos1
> drwxr-xr-x  12 apache apache    4096 Jan 1 2010 specialrepos
>
>
> I can't see what makes user2 different from user1 other than the
> configuration in reposAccessFile which only concerns an unrelated
> repository ("specialrepos") and a single file which exists in all
> repositories ("/trunk/specialfile").

I think this is a known issue. You have to give user2 read access to the root path in order for him to be able to create branches. that is the difference between user1 and user2. User1 has rw access to /.

BOb
Received on 2010-03-17 15:31:42 CET

This is an archived mail posted to the Subversion Users mailing list.