MOD_DAV_SVN + SVNSERVE_WRAPPER + file system rights
Date: Thu, 21 Nov 2013 18:37:21 +0000
I know this topic has been discussed many times but...
I am very happy with the SSH + 'svnserve' access to my repositories, however due to firewall issues I need access through HTTP as well. What I do not want is to set up a 2nd authentication / authorization database.
Here is my current config HTTP config:
1. Any user accessing Subversion has to be authenticated against the Unix password database. Works.
I have repositories laid out on the file system under '/usr/local/svn/' like this:
drwxrwx--- 6 root backup 512 Feb 9 2012 backup
Each repository's group is the collection of users who should be able to read and write it, plus the Apache's 'www' user. This works fine with 'svnserve', enforced by Unix.
How could I convince Apache to check the directory access rights before it hits MOD_DAV_SVN? There are 2 flaws at the moment:
1. 'Require file-group' checks against '/usr/local/www/apache22/data/subversion/common' and not '/usr/local/svn/common'.
Any idea how to fix this? Any other approach to the problem?
This is an archived mail posted to the Subversion Users mailing list.