[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Apache is exposing my Subversion repository internals (e.g. conf, db, hooks, etc.)

From: Joshua Davies <joshua.davies_at_2xoffice.com>
Date: Fri, 24 Jun 2011 11:05:32 -0500

I'm new to Subversion repository administration - after reading the O'Reilly
book "Version Control with Subversion", and following the instructions there
and on the web site, I've got a repository installed under "/var/svn/repos":

[jdavies_at_hostname repos]$ pwd
/var/svn/repos
[jdavies_at_hostname repos]$ ls
README.txt conf dav db format hooks locks

I want to expose this over HTTP, so I've added the following to my Apache
config:

<Location /repos>
  DAV svn
  SVNPath /var/svn/repos
  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /path/to/auth-file
  Require valid-user
  Order deny,allow
  Deny from all
  Allow from ...
  Allow from ...
  Allow from ...
</Location>

(slightly edited, of course).

Everything seems to be working, but when I load my repository from a web
server - e.g.

https://hostname/repos

I see my projects listed, along with the Subversion repository internals:

repos - Revision 64: /

   - Project1
   - README.txt <https://dev01.2xoffice.com/repos/README.txt>
   - conf/ <https://dev01.2xoffice.com/repos/conf/>
   - db/ <https://dev01.2xoffice.com/repos/db/>
   - format <https://dev01.2xoffice.com/repos/format>
   - hooks/ <https://dev01.2xoffice.com/repos/hooks/>
   - P <https://dev01.2xoffice.com/repos/integration/>roject2
   - locks/ <https://dev01.2xoffice.com/repos/locks/>
   - Project3

What have I gotten wrong here? I'm sure there's a way to have only the
projects, and not the repository internals, exposed.
Received on 2011-06-24 18:21:44 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.