[SATLUG] Subversion, WebDAV and Apache

Tom Weeks tweeksjunk2 at theweeks.org
Sat Apr 22 22:45:52 CDT 2006 

On Saturday 22 April 2006 19:52, Mike Wallace wrote:
> Hey guys,
>
> The other day I was asked to install Subversion and set up the
> associated WebDAV stuff through Apache.  I went off to Subversion's
> site and they linked to an external site that had all the rpms for
> svn, apr, neon and apache.  I installed everything and I had no
> problem with setting things up for local use.  I then went to set up
> the WebDAV stuff and followed the Subversion documentation, but when I
> go to the subversion address in my browser I get an HTTP 403
> (Forbidden) error.  I have tried every magic security/permission
> setting that I could find, but the error doesn't go away.  In
> researching this, I have learned that Fedora has had problems, but
> this is a Redhat 8 box.

After getting the error, type:
	# tail /var/log/httpd/error_log

and see what the error is.


> the documentation, but no luck.  Anyone setup this kind of
> configuration before?

We cover using webdav in Linux Trouble Shooting Bible... A basic webdav config 
looks something like this:

<VirtualHost 10.1.1.1>
    DocumentRoot /home/bob/web/html/dav		# the symlink fake "trigger dir" 
    ServerName example.com			# (assuming main content in the html dir)
    DavLockDB /tmp/mydomainDavLock		# the webdav lock file...
    <Directory /home/bob/web/html/dav>		# This sets up WebDav for this dir
	AllowOverride All			# This looks for an.htaccss file
	Allow from 192.168.1.			# The IP/network you want to edit from
	DAV on					# turns on webdav
    </Directory>
</VirtualHost>

I like to do it like that.. and then before restarting apache, make a symlink 
from /home/bob/web/html/dav to /home/bob/web/html like this:

# cd /home/bob/web/html
# ln -s . /home/bob/web/html/dav

Then... restart appache:
	# /etc/init.d/httpd restart
	Stopping httpd:                                            [  OK  ]
	Starting httpd:                                            [  OK  ]


Then whenever you hit the URL:
	webdav://example.com/dav

It will look for an .htaccess file (see docs for this at 
http://example.com/manual/howto/htaccess.html on the server).  After you're 
allowed allowed in, you will be connected via webdav.  An even better config 
is to run this set up over https (SSL encrypted and using webdavs:// in the 
URL).  If want to see how to create certs and enable SSL, either get with me 
off list or check out the book (as this requires a bit more detail than I was 
wanting to type and get questions about here.. ;).

BTW.. On Linux, webdav client compatability is built into the KDE browser 
Konqueror.  Very cool... Plus Konqueror also does scp:// and sftp:// 
protocols.  Personally, if you don't care about webdav's version locking, 
then just forget about webdav and just use SCP:// or SFTP:// (since it's 
already in place and "Just Works".  PLUS it's encrypted, AND does not 
require .htaccess/.htpasswd user/password files (although for security 
purposes.. I would still lock this type of access down to IPs/Networks since 
this uses real system account level access).

Tweeks

More information about the SATLUG mailing list