Subversion (svnserve) troubleshooting:
Hi Fedora Forum
I am trying to setup a svnserve server using the basic svn protocol. This is primarily for learning/relearning and eventually I will probably enable a webinterface for the server.
But for the moment I do not want a running apache server to access the subversion repositories through http/https.
Requirements for my setup.
- Use oldschool svn://ip
ortno/repo access method.
- Basic file based authentication for now.
- Authentication without config-file, so each repo has its own config-, authz-db and passwd-db file.
- My own repository mount-point on my btrfs-mirror: /mnt/svn_root_folder
I have done the following:
- Made a restricted svn user and svn group. No login. Not a real system user, but a locked account because the user gui (system-config-users) didn't support making a clean system user account.
I am using the group id right now and not the user id since fedora starts svnserve as root using systemd.
- The svn_root_folder mount-point is owned by root:svn. I have confirmed that the users who are members of the svn group can read and write to the mount-point aswell as root.
- svnserve is started using this /etc/sysconfig/svnserve setup:
- OPTIONS="--log-file=/mnt/svn_root_folder/svnserve/svnserve.log -r /mnt/svn_root_folder/repositories
- I have put SELinux in permissive mode for svnserve_t labels. This is to avoid that SELinux interfering with svnserve during basic installation and test. I plan on activating SELinux again to learn how to give a simple server process access through the SELinux MAC layer.
- I have confirmed that the port chosen for the service is open in firewalld using netcat (nc) from another pc on my lan.
I added it using:
firewall-cmd --permanent --add-port=4690/tcp
and reloaded using:
- If I start svnserve with --listen-host=My_Specific_Ip it fails to start with the error:
svnserve: E000099: Can't bind server socket: Cannot assign requested address
- If I start svnserve with --listen-host=0.0.0.0 the service is running.
If I try to checkout a repository it fails:
- svn co svn://SERVER-IP-ADDRESS:MY_CUSTOM_PORT/repository
svn: E170013: Unable to connect to a repository at URL 'svn://SERVER-IP-ADDRESS:MY_CUSTOM_PORT/repository'
svn: E170001: No access allowed to this repository
I have tried creating a new repository using svnadmin create repository_name.
- Added svnserve.conf
passwd-db = /mnt/svn_root_folder/repositories/repository1/conf/passwd
authz-db = /mnt/svn_root_folder/repositories/repository1/conf/authz
anon-access = none
#auth-access = write
realm = hostname
admin = admin_user
users = user_name
@admin = rw
@admin = rw
@users = rw
@admin = rw
user_name = rw
user_name = userPassword
I also tried to import an existing reposity and updated the config files also without luck.
Is it a firewall rule that i'm not defining? I prefer having svnserve only listening on my primary nic, since I only plan on accessing my repositories using my lan.