CentOS Subversion, Basic Auth Password file not working

StackOverflow https://stackoverflow.com/questions/13394558

Question

So i have SVN installed and using HTTPD for a remote repository. All works well, until i use the password file. This is not working at all. Apache's error_log says

(13) Permission Denied: Could not open password file

I have set the passwd file's chmod to 777 and chown to apache, I also set the parent folder of the repo and passwd file to chown apache and chmod 777...

I have no clue how this is a permissions problem anymore... any help please!!

UPDATE

I took SVN out of it, and just implemented a standard basic auth on one of my domains

<VirtualHost *:80>
    ServerName domain.com
    ServerAlias www.domain.com
    DocumentRoot "/var/www/www.domain.com/public_www"
    <Directory "/var/www/www.domain.com/public_www">
        Options -Indexes
        Order allow,deny
        Allow from all
        AllowOverride All
        AuthType Basic
        AuthName "Basic Authentication"
        AuthUserFile /path/to/authfile.htpasswd
        Require valid-user
    </Directory>
</VirtualHost>

I created the password file like this

htpasswd -cm /path/to/authfile.htpasswd username
password (and retype)

And finally

service httpd restart

Lo and behold, the auth prompt works as before, but the username and password DOES NOT! This is rather frustrating, i have double checked all the permissions, owners etc of the password file and parent folder, but i still get

(13) Permission Denied: Could not open password file

In the error_log for Apache

Était-ce utile?

La solution 2

Maybe a bit of an obvious slap in my face:

I had previously been putting /path/to/authfile.htpasswd out side of apaches home folder /var/www, when I put the password file in /var/www/svn-auth/*.htpasswd than it worked.

Regardless of chown (apache owning /svn-auth and .htpasswd files within) it was probably being denied because it's likely that apache's (as a user) home folder is /var/www/* and was being denied access outside of it...

Lesson learned

Autres conseils

If you're on a Red Hat Enterprise Linux/Centos/Fedora system and you create your htpasswd file outside of /var/www/html directory, owned by apache, you'll also have problems with SELinux context/lables of the htpasswd file. You can check the current context/label of htpasswd with the -Z option passed into the ls command.

ls -Z

The htpasswd file should have a type of httpd_sys_content_t. you can change this with this command:

chcon -t httpd_sys_content_t htpasswd

More info on Relabeling Files for SELinux:

https://wiki.centos.org/HowTos/SELinux#head-0f6390ddacfab39ee973ed8018a32212c2a02199

Licencié sous: CC-BY-SA avec attribution
Non affilié à StackOverflow
scroll top