svn+ sasl2 on MAC OS X 10.6 not authenitificatime us
Dear Subversion experts, I am tto establish SVN server with Cyrus SASL authentification but failed to properly set this. When using SVN repository with config/passwd authentification then it works perfectlyworks. But I am to do more secure authentification. I am sending you all SASL+SVN related settings I was to find ouit in P.S. part of this e-mail. I would like to ask you for any recomandation what I am doing wrong, please? Thank you for any answer I look forward hearing from you Yours faithfully Peter Fodrek P.S. /Users/mini1/my-bin/bin/svnserve --version svnserve, version 1.6.17 (r1128011) compiled Jun 6 2011, 14:53:15 Copyright (C) 2000-2009 CollabNet. Subversion is open source software, see http://subversion.apache.org/ This product includes software developed by CollabNet (http://www.Collab.Net/). The following repository back-end (FS) modules are available: * fs_fs : Module for working with a plain file (FSFS) repository. Cyrus SASL authentication is available. dhcp28-108:~ mini1$ more /Users/mini1/my-bin/lib/sasl2/subversion.conf pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /Users/mini1/my-bin/druha saslauthd_path: /Users/mini1/my-bin/sbin mech_list: DIGEST-MD5 dhcp28-108:~ mini1$ ls -la /Users/mini1/my-bin/sbin/sasl* -rwxr-xr-x 1 mini1 staff 77176 Jun 6 14:40 /Users/mini1/my- bin/sbin/saslauthd -rwxr-xr-x 1 mini1 staff 251360 Jun 6 14:40 /Users/mini1/my- bin/sbin/sasldblistusers2 -rwxr-xr-x 1 mini1 staff 256120 Jun 6 14:40 /Users/mini1/my- bin/sbin/saslpasswd2 dhcp28-108:~ mini1$ /Users/mini1/my-bin/sbin/sasldblistusers2 /Users/mini1/my-bin/druha agentura@APVV: userPassword moj@Subversion: userPassword peter@APVV: cmusaslsecretOTP pokusny@APVV: userPassword test@APVV: cmusaslsecretOTP testovic@APVV: userPassword uni@Subversion: userPassword agentura@APVV: cmusaslsecretOTP moj@Subversion: cmusaslsecretOTP peter@APVV: userPassword pokusny@APVV: cmusaslsecretOTP test@APVV: userPassword testovic@APVV: cmusaslsecretOTP uni@Subversion: cmusaslsecretOTP dhcp28-108:~ mini1$ sudo killall -9 svnserve dhcp28-108:~ mini1$ sudo /Users/mini1/my-bin/bin/svnserve -d -r /opt/repos/ dhcp28-108:~ mini1$ cat /opt/repos/Plazma/conf/svnserve.conf ### This file controls the configuration of the svnserve daemon, if you ### use it to allow access to this repository. (If you only allow ### access through http: and/or file: URLs, then this file is ### irrelevant.) ### Visit http://subversion.tigris.org/ for more information. [general] ### These options control access to the repository for unauthenticated ### and authenticated users. Valid values are "write", "read", ### and "none". The sample settings below are the defaults. anon-access = none auth-access = write ### The password-db option controls the location of the password ### database file. Unless you specify a path starting with a /, ### the file's location is relative to the directory containing ### this configuration file. ### If SASL is enabled (see below), this file will NOT be used. ### Uncomment the line below to use the default password file. password-db = passwd ### The authz-db option controls the location of the authorization ### rules for path-based access control. Unless you specify a path ### starting with a /, the file's location is relative to the the ### directory containing this file. If you don't specify an ### authz-db, no path-based access control is done. ### Uncomment the line below to use the default authorization file. #authz-db = authz ### This option specifies the authentication realm of the repository. ### If two repositories have the same authentication realm, they should ### have the same password database, and vice versa. The default realm ### is repository's uuid. realm = APVV [sasl] ### This option specifies whether you want to use the Cyrus SASL ### library for authentication. Default is false. ### This section will be ignored if svnserve is not built with Cyrus ### SASL support; to check, run 'svnserve --version' and look for a line ### reading 'Cyrus SASL authentication is available.' use-sasl = true ### These options specify the desired strength of the security layer ### that you want SASL to provide. 0 means no encryption, 1 means ### integrity-checking only, values larger than 1 are correlated ### to the effective key length for encryption (e.g. 128 means 128-bit ### encryption). The values below are the defaults. #min-encryption = 0 #max-encryption = 256 pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /Users/mini1/my-bin/druha mech_list: DIGEST-MD5 dhcp28-108:~ mini1$ls -la /Users/mini1/my-bin/lib/sasl2/ total 1952 drwxr-xr-x 22 mini1 staff 748 Jun 6 15:52 . drwxr-xr-x 78 mini1 staff2652 Jun 6 14:59 .. -rw-r--r-- 1 mini1 staff 73640 Jun 6 14:39 libanonymous.a -rwxr-xr-x 1 mini1 staff 645 Jun 6 14:39 libanonymous.la -rw-r--r-- 1 mini
LDAP , svnserve on MAC
Dear Subversion experts, I am looking to authentificate my subversion 1.6.17(r1128011) repositories against LDAP server. Svnserve running on MAC OS 10.6(Snow Leopard) machine LDAP authentification on the another Mac minis works well. I am not to allow login via LDAP acounts to PC where svnserve runs. I was able to setup another svnserve sunig sasl but that runs on Slackware. On the AMC minis ldapsearch command works well. Is there anybody to recomend me what to do to configure svnserve to authentificte aginst LDAP on MAC,please? Thank you for any help. I look forward hearing form you Yours faitfully Peter Fodrek
Subversion 1.6.16 SASL, LDAP problem to determine problem source(fodrek)
Dear SVN experts, I would like to ask, how to setup subversion to work with sasl and LDAP (LDAP server I am not able to reconfigure and runs on another machine) I was tested this configuration on the MAC OS X machine where svn repositories with conf/paswd file plain password authentication that works. It does not work on the slackware machine where sasldb authentification via password database works as well. I am not able to find out, where the problem is. because A) LDAP works well on MAC and slack as well ldapsearch -x -h ldap.stuba.sk -b "ou=People,dc=stuba, dc=sk" -W -D "uid=fodrek,ou=People,dc=stuba,dc=sk" uid=*fodrek*|egrep employ Enter LDAP Password: employeeType: staff employeeType: ext employeeType: ext employeeType: student employeeType: staff B) but svn does not work svn co svn://147.175.108.28/ldapova Authentication realm: ldap Password for 'mini1': Authentication realm: ldap Username: fodrek Password for 'fodrek': Authentication realm: ldap Username: fodrek Password for 'fodrek': svn: Authentication error from server: SASL(-13): user not found: no secret in database C) svnlog on the server shows 16535 2012-04-04T15:14:46.636745Z 147.175.108.28 - - ERR subversion/libsvn_ra_svn/streams.c 149 210002 Network connection closed unexpectedly D) my svnserve.conf of the ldapova repository is anon-access = none auth-access = write realm = ldap use-sasl = true [ldap] Server=ldap://ldap.stuba.sk/ Base=employeeType= staff,ou=People,dc=stuba,dc=sk log_level: 7 pwcheck_method: auxprop auxprop_plugin: ldap mech_list: CRAM-MD5 OTP SRP PLAIN LOGIN E) and my /private/etc/sasluathd.conf ldap_servers: ldap://ldap.stuba.sk ldap_default_domain: stuba.sk ldap_search_base: OU=People,DC=stuba,DC=sk #ldap_bind_dn: techu...@mydomain.com #ldap_bind_pw: password ldap_deref: never ldap_restart: no #ldap_scope: sub ldap_use_sasl: no ldap_start_tls: no #ldap_version: 3 ldap_auth_method: bind ldap_filter: uid=%u ldap_password_attr: userPassword ldap_timeout: 10 ldap_cache_ttl: 30 ldap_cache_mem: 32768 I would like to be informed how to determine, what I was done not correct Thank you for any help I look forward hearing from you Yours faithfully Peter Fodrek
Re: Libraries and projects into SVN
On Tuesday, August 14, 2012 09:14:47 Leonardo Laface de Almeida wrote: We have talked about it and we think we have to create an individual repository for the library and the developers should actualize it very often manually. I mean, every time someone wants to change some project, he must to check out the project version and the libraries versions required for it. After developing or correction, the developer must actualize the project and the libraries separated. My questions are: 1) Is that right? I mean, Is there any better other way to control versions of libraries used for several projects? I think use of svn:extrenals is the best soluition for this. Svn: extrenals connects repostiory or its part as an directory inside project. When someone changes file inside this directory and commit, canges in taht directory are commited into that shared repository or directory Peter
Creating working copy without checkouting- to use svn add and svn ci form cron for /home
Dear Subversion experts, I would like to monitor /home directory for X-host that is used by 20 X-terminals for eductional classroom. I want to monitor students work flor evalution a to find out who is cheating by copying others programs. I was done svn import for /home succesfully. I do not want to checkout repository to the /home as it is risky svn commit does not work as /home is not working copy o the repository svn import does not work as well becuase of duplicity Is there any way to setup /home as working copy without checkout,please? I was mentioned that I do chcekout in another directory and simply copy .svn directory into /home as a workarround. Does anybody know if it will work,please ? Is it correct or it is solution with as less as possible incorrectness, please? I look forward hearing from you Yours faithfully Peter Fodrek
Commit not working with multiple .svn directories in single working copy
Dear SVN experts, I need to have multiple .svn directories inside woking copy. I need to have svn working copy for /home directory for students and at least each user needs to have own repository on same machine It blocks me to commit changes form working copy at home by different repository id Is it possible for svn to force not to look for inner .svn directories for data, or I need find out each .svn rename it make commit and return inner .svn directories back,please? Use of externals is not suitable for me I look forward hearing from you Yours faithfully Peter Fodrelk
Re: Commit not working with multiple .svn directories in single working copy
Dear Mr. Hett, > Dňa 28. 12. 2015 o 13:29, Stefan Hett napísal: > >> Dear SVN experts, >> >> I need to have multiple .svn directories inside woking copy. >> I need to have svn working copy for /home directory for students >> and at least each user needs to have own repository on same machine >> It blocks me to commit changes form working copy at home by different >> repository id >> >> Is it possible for svn to force not to look for inner .svn directories for >> data, or I need find out each >> .svn rename it make commit and return inner .svn directories back,please? >> Use of externals is not suitable for me >> >> I look forward hearing from you >> >> Yours faithfully >> >> Peter Fodrelk > > I assume your requirement is rather about the intended folder/check-out > structure on your local machine rather than the requirement to have multiple > .svn-directories in your working copy. > If I'm not mistaken here, then you might wanna rethink your folder structure. > Wouldn't something like this work for you? > > /Project >/- myOwnWorkingCopy >/- here's your own checkout >/- student1WorkingCopy >/- here's the checkout for the 1st student >/- student2WorkingCopy >/- another checkout for the 2nd student >/- > > In other words: you have separate checkouts and separate working copies for > yourself and all your students. > my structure is /home /* working copy of svn://localhost/homedirs */ /student1 /* working copy of svn://localhost/student1*/ /student2 /termProject /* working copy of svn://localhost/student2*/ commits in student1 and term project works but commit in /home does not. address is ok but repository id does not match. Maybe change of id of repository student1 may help, but I have been never done ID change of any repository but I read that it is possible and do not know how to force change of repository ID. Thank you for your answer Peter
