LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   svn+ldap+sasl2 problem under CentOS52 (http://www.linuxquestions.org/questions/linux-server-73/svn-ldap-sasl2-problem-under-centos52-704320/)

myhnet 02-12-2009 09:58 PM

svn+ldap+sasl2 problem under CentOS52
 
OS: centos52 with SElinux disabled

/etc/sasl2/svn.conf
Code:

pwcheck_method: saslauthd
auxprop_plugin: ldap
mech_list:PLAIN LOGIN
#ANONYMOUS CRAM-MD5
ldapdb_uri: ldap://127.0.0.1/
ldapdb_mech: PLAIN LOGIN


/etc/saslauthd.conf
Code:

ldap_servers: ldap://127.0.0.1/
ldap_timeout: 10
ldap_timelimit: 10
ldap_restart: yes
ldap_scope: sub
ldap_search_base: ou=people,dc=test,dc=com
ldap_auth_method: bind
ldap_bind_dn: cn=Manager,dc=test,dc=com
ldap_password: 111111
ldap_filter:uid=%u
ldap_debug: 128
ldap_verbose: 1

/usr/lib/sasl2/svn.conf is a soft link to /etc/sasl2/svn.conf

I can't login svn server, and find this error in /var/log/message in the server side:
Code:

svnserve: unable to open Berkeley db /etc/sasldb2: No such file or directory
but nothing in ldap log


PS:
ldap + sasl2 should be correct, cause I get this:
Code:

testsaslauthd -u user -p password
0: OK "Success."

if I create /etc/sasldb2 with saslpasswd* svn will work.

anyone can help me?

Hko 06-30-2009 03:53 PM

For svnserve to support authentication through saslauthd, it must allow plaintext passwords to be used (also in other than saslauthd configurations). The authors of svnserve deliberately chose to disable plain text password authentication. This also inhibits the use of saslauthd.

There is probably a way to do ldap+svnserve (without apache) using SASL's ldapdb auxprop plugin or maybe using PAM. I've yet to try and find out more about this myself. SASL's ldapdb auxprop does offer much less options though.


All times are GMT -5. The time now is 11:38 AM.