You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@subversion.apache.org by Nick Williams <ni...@nicholaswilliams.net> on 2011/02/05 18:34:57 UTC

Problem with SVN + Sasl2 + Auxprop + Sasldb

I'm new to administrating SVN, but I have read about half (the most relevant sections) of "Version Control with Subversion" from svnbook.red-bean.com. I spent about 3-4 hours Googling this problem, but I found nothing that was able to help me move forward with my new SVN server.

Here's my setup:

OpenSUSE Linux 10.3
SVN 1.6.15 (r1038135)
Sasl version 2.1.22 by "Cyrus SASL"

Here's my configuration (I'm logged in as root for all of this):

$ ls -l /svn/repos/conf/
total 12
-rw-r--r-- 1 root root 1080 2011-02-03 11:08 authz
-rw-r--r-- 1 root root  309 2011-02-03 11:08 passwd
-rw-r--r-- 1 root root 2259 2011-02-03 22:36 svnserve.conf

$ more /svn/repos/conf/svnserve.conf
[general]
anon-access = none
auth-access = write
authz-db = authz
realm = NWTechServe

[sasl]
use-sasl = true
min-encryption = 256
max-encryption = 512

$ ls -l /etc/sasl2/
total 16
-rw-r----- 1 root root 12288 2011-02-05 11:04 nwts-db
-rw-r--r-- 1 root root    47 2011-02-05 11:03 slapd.conf
-rw-r--r-- 1 root root   102 2011-02-05 11:03 svn.conf

$ more /etc/sasl2/slapd.conf (already set up by Sasl)
mech_list: gssapi digest-md5 cram-md5 external

$ more /etc/sasl2/svn.conf 
pwcheck_method: auxprop
auxprop_plugin: sasldb
sasldb_path: /etc/sasl2/nwts-db
mech_list: DIGEST-MD5

$ saslpasswd2 -c -f /etc/sasl2/nwts-db -u NWTechServe nicholas
[entered password]

$ sasldblistusers2 -f /etc/sasl2/nwts-db 
nicholas@NWTechServe: userPassword

$ /etc/init.d/saslauthd start
[started]

$ testsaslauthd -u nicholas -p [password]
0: NO "authentication failed"

$ testsaslauthd -u nicholas -p [password] -r NWTechServe
0: NO "authentication failed"

$ testsaslauthd -u nicholas -p [password]  -s svn
0: NO "authentication failed"

$ testsaslauthd -u nicholas -p [password] -r NWTechServe  -s svn
0: NO "authentication failed"

$ testsaslauthd -u nicholas -p [password]  -f /etc/sasl2/nwts-db
connect() : Connection refused
0: 

$ testsaslauthd -u nicholas -p [password] -r NWTechServe  -f /etc/sasl2/nwts-db
connect() : Connection refused
0: 

$testsaslauthd -u nicholas -p [password] -s svn  -f /etc/sasl2/nwts-db
connect() : Connection refused
0: 

$testsaslauthd -u nicholas -p [password] -r NWTechServe -s svn  -f /etc/sasl2/nwts-db
connect() : Connection refused
0: 

I've also tried running svnserve (as root) and trying to connect but "svn: Could not obtain the list of SASL mechanisms". However, I don't think that result is even valid yet, as I can't even successfully test my Sasl configuration.

I'm hoping I'm making an obvious error that someone on this list will see.

Any ideas?

Thanks!

Nick

Re: Problem with SVN + Sasl2 + Auxprop + Sasldb

Posted by Nick Williams <ni...@nicholaswilliams.net>.

I sent this email Saturday in hopes of getting some help from someone with more knowledge and experience than I have. However, I never heard anything back from anyone. Because I'm new to the list, can somebody confirm that my messages are, indeed, getting to the list? And does anyone have any ideas?

Thanks!

Nick

On Feb 5, 2011, at 11:34 AM, Nick Williams wrote:

> I'm new to administrating SVN, but I have read about half (the most relevant sections) of "Version Control with Subversion" from svnbook.red-bean.com. I spent about 3-4 hours Googling this problem, but I found nothing that was able to help me move forward with my new SVN server.
> 
> Here's my setup:
> 
> OpenSUSE Linux 10.3
> SVN 1.6.15 (r1038135)
> Sasl version 2.1.22 by "Cyrus SASL"
> 
> Here's my configuration (I'm logged in as root for all of this):
> 
> $ ls -l /svn/repos/conf/
> total 12
> -rw-r--r-- 1 root root 1080 2011-02-03 11:08 authz
> -rw-r--r-- 1 root root  309 2011-02-03 11:08 passwd
> -rw-r--r-- 1 root root 2259 2011-02-03 22:36 svnserve.conf
> 
> $ more /svn/repos/conf/svnserve.conf
> [general]
> anon-access = none
> auth-access = write
> authz-db = authz
> realm = NWTechServe
> 
> [sasl]
> use-sasl = true
> min-encryption = 256
> max-encryption = 512
> 
> $ ls -l /etc/sasl2/
> total 16
> -rw-r----- 1 root root 12288 2011-02-05 11:04 nwts-db
> -rw-r--r-- 1 root root    47 2011-02-05 11:03 slapd.conf
> -rw-r--r-- 1 root root   102 2011-02-05 11:03 svn.conf
> 
> $ more /etc/sasl2/slapd.conf (already set up by Sasl)
> mech_list: gssapi digest-md5 cram-md5 external
> 
> $ more /etc/sasl2/svn.conf 
> pwcheck_method: auxprop
> auxprop_plugin: sasldb
> sasldb_path: /etc/sasl2/nwts-db
> mech_list: DIGEST-MD5
> 
> $ saslpasswd2 -c -f /etc/sasl2/nwts-db -u NWTechServe nicholas
> [entered password]
> 
> $ sasldblistusers2 -f /etc/sasl2/nwts-db 
> nicholas@NWTechServe: userPassword
> 
> $ /etc/init.d/saslauthd start
> [started]
> 
> $ testsaslauthd -u nicholas -p [password]
> 0: NO "authentication failed"
> 
> $ testsaslauthd -u nicholas -p [password] -r NWTechServe
> 0: NO "authentication failed"
> 
> $ testsaslauthd -u nicholas -p [password]  -s svn
> 0: NO "authentication failed"
> 
> $ testsaslauthd -u nicholas -p [password] -r NWTechServe  -s svn
> 0: NO "authentication failed"
> 
> $ testsaslauthd -u nicholas -p [password]  -f /etc/sasl2/nwts-db
> connect() : Connection refused
> 0: 
> 
> $ testsaslauthd -u nicholas -p [password] -r NWTechServe  -f /etc/sasl2/nwts-db
> connect() : Connection refused
> 0: 
> 
> $testsaslauthd -u nicholas -p [password] -s svn  -f /etc/sasl2/nwts-db
> connect() : Connection refused
> 0: 
> 
> $testsaslauthd -u nicholas -p [password] -r NWTechServe -s svn  -f /etc/sasl2/nwts-db
> connect() : Connection refused
> 0: 
> 
> I've also tried running svnserve (as root) and trying to connect but "svn: Could not obtain the list of SASL mechanisms". However, I don't think that result is even valid yet, as I can't even successfully test my Sasl configuration.
> 
> I'm hoping I'm making an obvious error that someone on this list will see.
> 
> Any ideas?
> 
> Thanks!
> 
> Nick