I have working svnserve solution on Ubuntu 10.04 for authorizing svn users over SASL to Active directory (LDAP, not LDAPDB). Config files are at the bottom.
After upgrading server to 12.04 release, this does not work anymore.
I can authorize user over SASL to LDAP with
testsaslauthd -u ldap_username -p his_password
=> 0: OK "Success."
But when i try to "svn update" on folder at the same server, it ask me three times for credentials and end with
svn: Authentication error from server: SASL(-4): no mechanism available:
I do not know how to track communication between svn and sasl.
Circumstances:
- Ubuntu 10.04 + subversion 1.6.6 (with Cirrus SASL support) => working
- Ubuntu 12.04 + subversion 1.6.17 (with Cirrus SASL support) => not working (with same configuration)
file /usr/lib/sasl2/svn.conf
pwcheck_method: saslauthd
auxprop_plugin: ldap
mech_list: PLAIN
file /usr/lib/sasl2/subversion.conf -> symlink to /usr/lib/sasl2/svn.conf
file /opt/svn/repos/conf/svnserve.conf
[general]
anon-access = none
auth-access = write
#password-db = passwd
authz-db = authz
realm = smartsvn
[sasl]
use-sasl = true
min-encryption = 0
max-encryption = 256
Any idea, how to fixit or trace the problem?
Best Answer
Had the same problems like above only on debian squeeze after a dist-upgrade. After hours of config, restart and reinstalling madness I gave following "svn.conf" a try:
IMO, "mech_list: plain" should be enough. the other mechs are overlefts from previous tryouts.
Here is my /etc/saslauthd.conf
And here my /etc/default/saslauthd
Update Dez 14:
Today I had the same issue again after an svnserve upgrade (r1615264):
I had to add the following to the svn.conf:
DonĀ“t ask me why, I just tried it, because three or four years ago the param was already (with other ldap params) in the svn.conf...