Tuesday, January 25, 2011

Problems with apache svn server (403 Forbidden)

Iv recently setup a SVN server on my papache webserver. I installed USVN http://www.usvn.fr/ to help manage the repositories from a web interface.

When I create a repository and try to import code into it from netbeans i get the following error: org.tigris.subversion.javahl.ClientException: RA layer request failed Server sent unexpected return value (403 Forbidden) in response to PROPFIND request for '/svn/python1'

I know i have the username and password correct (and I have tried different users) I have done some research and it seems that it is most likely an Apache svn error. Below is the config file for this virtualhost.

<VirtualHost *:80>
ServerName svn.domain.com
ServerAlias www.svn.domain.com
ServerAlias admin.svn.domain.com
DocumentRoot /home/mrlanrat/domains/svn.domain.com/usvn/public
ErrorLog /var/log/virtualmin/svn.domain.com_error_log
CustomLog /var/log/virtualmin/svn.domain.com_access_log combined

DirectoryIndex index.html index.htm index.php index.php4 index.php5

<Directory "/home/mrlanrat/domains/svn.domain.com/usvn">
    Options +SymLinksIfOwnerMatch
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>

<Location /svn/>
 ErrorDocument 404 default
 DAV svn
 Require valid-user
 SVNParentPath /home/mrlanrat/domains/svn.domain.com/usvn/files/svn
 SVNListParentPath on
 AuthType Basic
 AuthName "USVN"
 AuthUserFile /home/mrlanrat/domains/svn.domain.com/usvn/files/htpasswd
 AuthzSVNAccessFile /home/mrlanrat/domains/svn.domain.com/usvn/files/authz
</Location>

</VirtualHost>

Can anyone point out what I may have done wrong and how to fix it? I have tested with changing file permissions and changing the configuration with no luck.

Thanks in advance!

UPDATE: Here is the contents of /home/mrlanrat/domains/svn.domain.com/usvn/files/authz

# This is an auto generated file! Edit at your own risk!
# You can edit this "/" section. Settings will be kept.
#
[/]
* = 

#
# Don't edit anything below! All manual changes will be overwritten. 
#

[groups]
python1 = mrlanrat, user


# Project python1
[python1:/]
@python1 = r

[python1:/branches]
@python1 = rw

[python1:/trunk]
@python1 = rw

And here is /home/mrlanrat/domains/svn.domain.com/usvn/files/htpasswd

mrlanrat:*****
user:*****

Here is the access log: http://pastebin.com/RRYL1kCx and here is the error log: http://pastebin.com/vR2MJj0v

The part of interest is here:

[Wed Apr 21 12:13:25 2010] [error] [client 209.129.37.170] user  not found: /svn/test/trunk
[Wed Apr 21 12:13:25 2010] [error] [client 209.129.37.170] client denied by server configuration: /home/mrlanrat/domains/svn.domain.com/usvn/public/svn

Loging in via a web browser seems to work, however netbeans and a other svn clients all get 403 errors.

From serverfault mrlanrat

  • What does your /home/mrlanrat/domains/svn.domain.com/usvn/files/authz file look like?

    Mine looks like this:

    [groups]
everyone = user1, user2, user3
repo1users = user1

[/]
@everyone = r

[repo1:/]
@repo1users = rw

    we have had problems before like this and it is mostly mis-configuring the authz file.

    mrlanrat : My authz file looks like it is setup the same way. I added it and some other information to my post.
    Andrew Cox : I see `user mrlanrat: authentication failure for "/svn/python1": Password Mismatch` in the logs. Is there some special character in your password that isn't being sent correctly?
    mrlanrat : I was testing using an incorrect password to see if it would give a different response.
    From Andrew Cox

  • After a full day of googling and finding all sorts of problems which could cause this 403 error, none of which where mine. I finally found my problem!

    I had mod_evasive enabled in Apache. Apparently SVN/WED-DAV sends commands so fast that it gets blocked.

    So back to the solution! Disable mod_evasive! :)

    If anyone knows a way to just disable it for only one virtual-host please let me know. I would still like it enabled for my other virtual-hosts.

    Thanks!

    From mrlanrat

  • I had the same problem and I've red that there is no possibility to disable mod_evasive for a defined virtual host.

    The following "workaround" configuration works for me with svn.:

    change: /etc/apache2/mods-available/mod-evasive.load

    The whole file:

    LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
    < If Module mod_evasive20.c>
    DOSHashTableSize 3097
    DOSPageCount 5
    DOSSiteCount 15
    DOSPageInterval 1
    DOSSiteInterval 1
    DOSBlockingPeriod 600
    < /IfModule>

    After the change you have to restart Apache:
    /etc/init.d/apache2 restart

    Have Fun

    From chris hehne

  • YOU ARE G-R-E-A-T you two!

    mrlanrat: congratulations. I was hopeless about finding the solution. Yes, I have the problem and dos_evasive too. I wonder how did you find it.

    chris: thank you for making my evasive up and running.

    From kurtulus Oksuztepe
Posted by Ku XI at 12:09 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)