Issue with mod_dav_svn while using KrbLocalUserMapping
Hello, I have an SVN server that I want to migrate from LDAP to Kerberos. Below is the relevant version of the packages the system is using: mod_auth_kerb-5.4-14.el6.x86_64 mod_dav_svn-1.9.4-3.x86_64 subversion-1.9.4-3.x86_64 After making the necessary changes to work with kerberos, users were able to authenticate well but I noticed the users ID now had kerberos REALM. So instead of william, the username changed to will...@eng.example.com. This was a problem because users started having locking issue, but also meant authorisation was broken. To fix this, I added "KrbLocalUserMapping On" on apache configuration. However, some user started having problem authenticating.I am certain the problem involve LocalUserMapping as I had the same experience yesterday and the problem cleared after commenting out. I have been unable to find the root cause and had to reverse the change. Have anyone seem such a problem before? Would be grateful for any pointer. Regards, William
phantom locking issues - 403 Forbidden
Hello, I have a locking issue that show up as follows: On the SVN client: Error: Unlock for FileABC.OLB failed (403 Forbidden) Error: If you want to break the lock, use the "Check For Modification" dialog or the repository browser On the SVN server: [Tue Mar 07 16:32:35 2017] [error] [client 192.168.11.1] Access denied: 'waqar' LOCK projects:/applications/trunk/work/Library/Allegro/FileABC.OLB When I used the command below, it failed with the message file now locked. svn unlock --force https://carbon.eng.example.com/svn/projects/applications/trunk/work/Library/Allegro/FileABC.OLB I then ssh to the SVN server and attempted to search for the lock. svnadmin lslocks /var/svn/projects | grep -B 6 FileABC.OLB This came back with no match. At this point, I got lost. What would I be missing? A bit of background, the issue started because for a day, I had started to use kerberos for authentication that introduced a different user for every uid. Rolling back the change hasn't helped Any pointer on how to investigate further? Regards, William
