-   Linux - Server (
-   -   svn+ldap+sasl2 problem under CentOS52 (

myhnet 02-12-2009 09:58 PM

svn+ldap+sasl2 problem under CentOS52
OS: centos52 with SElinux disabled


pwcheck_method: saslauthd
auxprop_plugin: ldap
mech_list:PLAIN LOGIN
ldapdb_uri: ldap://
ldapdb_mech: PLAIN LOGIN


ldap_servers: ldap://
ldap_timeout: 10
ldap_timelimit: 10
ldap_restart: yes
ldap_scope: sub
ldap_search_base: ou=people,dc=test,dc=com
ldap_auth_method: bind
ldap_bind_dn: cn=Manager,dc=test,dc=com
ldap_password: 111111
ldap_debug: 128
ldap_verbose: 1

/usr/lib/sasl2/svn.conf is a soft link to /etc/sasl2/svn.conf

I can't login svn server, and find this error in /var/log/message in the server side:

svnserve: unable to open Berkeley db /etc/sasldb2: No such file or directory
but nothing in ldap log

ldap + sasl2 should be correct, cause I get this:

testsaslauthd -u user -p password
0: OK "Success."

if I create /etc/sasldb2 with saslpasswd* svn will work.

anyone can help me?

Hko 06-30-2009 03:53 PM

For svnserve to support authentication through saslauthd, it must allow plaintext passwords to be used (also in other than saslauthd configurations). The authors of svnserve deliberately chose to disable plain text password authentication. This also inhibits the use of saslauthd.

There is probably a way to do ldap+svnserve (without apache) using SASL's ldapdb auxprop plugin or maybe using PAM. I've yet to try and find out more about this myself. SASL's ldapdb auxprop does offer much less options though.

All times are GMT -5. The time now is 08:43 AM.