After a power failure my debian server rebooted all systems nominal with the exception of an SVN server using HTTP via apache2. I am hosting a few other services on this machine, the only other service interacting with apache is a trac project. All webpages hosted out of /var/www work just fine, and my trac project (not in /var/www) works too. However, I am unable to get at my SVN server restored. My partial sites-enabled/000-default for reference ( < password_file > masked):
<Location /svn/project1>
DAV svn
SVNPath /home/svn/project1
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile <password_file>
Require valid-user
</Location>
The module dav_svn file is being loaded, and the svnserver daemon is running. I can do an svn update and commit locally (which seems to properly verify my password and poll from username@servername where servername is my full proper host/domain and not just localhost). However, from any other computer or when I try to browse the repository via HTTP I receive a "403 Forbidden" error. This matches the only error I can find, in my apache log which says:
(13)Permission denied: access to
svn/project1
So this usually points to a file system permissions issue, I have no firewall or anything iptables related happening on this machine. My original configuration had the 'svn' group be a member of www-data (my apache user/group), and I have triple-checked read/write permissions on the svn project directory, and the svn root (in this case, /home/svn). I have tried converting permissions and ownership to www-data, back and forth, to no avail. I have verified apache user/group has +x permissions all the way up the path.
I have tried migrating my whole repository to a /var/www/svn folder, and changing my apache configuration respectively, to no avail. I've tried putting test index.html pages into my repository folder and seeing if plain apache (without DAV) can get inside and display them, and it works – using both svn and www-data ownership/group settings.
Are there further debugging steps for DAV svn that I might be able to try? Or any other recommendations as to why I cannot remotely access my SVN server from HTTP? Thanks for your time.
Best Answer
You should be using HTTPS for SVN. Don't want to be sending proprietary source code over plaintext.
The problem likely relates to a statement similar to this:
Which restricts access to most files on the web server at the top level of the httpd.conf.
You should add this to the Location node to override this:
Hope that helps... Best, -Henry