Category Archives: authz

apache2 SVN (authz) setup. Want second website to only allow those with rw permissions

I have an apache2.4 setup hosting subversion (SVN) repositories wonderfully. I use an authz file to control access to my repositories, and give different users different permissions to different repositories.

I am now making a companion site, (It's in python cgi) and would like to use the same user file to restrict or allow access, but only allow access to the second site when the user has r/w (not just r) permissions for the primary svn site.

Is this possible in apache2 & authz, or do I need to set up this semi-advanced authentication in my python module(s)?

Strange behaviour of mod_authz_svn

I've configured my svn server on apache2 like this:

<Location /svn_test>
    DAV svn
    SVNParentPath /path/to/SvnTest
    AuthType Basic
    AuthName "Subversion repository"
    AuthUserFile "/path/to/passwd"
    AuthzSVNAccessFile "/path/to/authz"
    Require valid-user
    SVNAdvertiseV2Protocol Off
    AuthzSVNAnonymous Off
</Location>

And authz file configured like this:

[groups]
g=hy

[test:/]
hy=r
*=

[test:/subdir]
hy=r
*=

[test:/subdir1]
hy=rw
*=

The problem is, I want to control the subdir's permission separate from other directories, but if i change the permission of subdir1 to "rw", i can write to subdir, and if i change the permission of subdir1 to "r", subdir's permission become "r" as expected.

In fact, if i change any directory's permission to "rw", those directories i want it to be read-only, become writable.

I pasted some apache logs below, in case it's helpful.

Everytime i restart apache2, it complains about mismatch python version, but in spite of that, everything is normal, I'm sure if it's relevant:

[Fri Mar 27 15:55:44.381138 2015] [mpm_worker:notice] [pid 10693:tid 140245999884160] AH00295: caught SIGTERM, shutting down
[Fri Mar 27 15:55:45.111049 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python version mismatch, expected '2.7.5+', found '2.7.4'.
[Fri Mar 27 15:55:45.111523 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python executable found '/usr/bin/python'.
[Fri Mar 27 15:55:45.111556 2015] [:error] [pid 13438:tid 139851301021568] python_init: Python path being used '/usr/lib/python2.7/:/usr/lib/python2.7/plat-x86_64-linux-gnu:/usr/lib/python2.7/lib-tk:/usr/lib/python2.7/lib-old:/usr/lib/python2.7/lib-dynload'.
[Fri Mar 27 15:55:45.111585 2015] [:notice] [pid 13438:tid 139851301021568] mod_python: Creating 8 session mutexes based on 6 max processes and 25 max threads.
[Fri Mar 27 15:55:45.111600 2015] [:notice] [pid 13438:tid 139851301021568] mod_python: using mutex_directory /tmp 
[Fri Mar 27 15:55:45.122215 2015] [mpm_worker:notice] [pid 13438:tid 139851301021568] AH00292: Apache/2.4.6 (Ubuntu) SVN/1.7.9 mod_python/3.3.1 Python/2.7.4 configured -- resuming normal operations
[Fri Mar 27 15:55:45.122280 2015] [core:notice] [pid 13438:tid 139851301021568] AH00094: Command line: '/usr/sbin/apache2'