I had this already set up in another server \u00a0but we had to set up a new svn server even though we already switch most of our stuff to git…<\/p>\n
So, after setting the the We are using debian servers so I needed to install After that, we need to set the daemon to start automatically, editing the file: to<\/p>\n Then the The daemon will look for an entry with the You can test if it is working using the We can then start the daemon running Now, we need to change the And we need to register the svn app into the sasl. Apps are registered by creating a file in We are now all set up. We only need to restart the I had this already set up in another server \u00a0but we had to set up a new svn server even though we already switch most of our stuff to git… So, after setting the the svnserve daemon, we need to set up LDAP authentication. We are using debian servers so I needed to install sasl2-bin … <\/p>\nsvnserve<\/code> daemon, we need to set up LDAP authentication.<\/p>\nsasl2-bin<\/code> in order to have the saslauthd<\/code> daemon.<\/p>\napt-get install sasl2-bin<\/pre>\n
\/etc\/defaults\/saslauthd<\/code> and changing two lines:<\/p>\n#...\r\nSTART=no\r\n#...\r\n#...\r\nMECHANISMS=\"pam\"\r\n#...\r\n<\/pre>\n
#...\r\nSTART=yes\r\n#...\r\n#...\r\nMECHANISMS=\"ldap\"\r\n#...\r\n<\/pre>\n
saslauthd<\/code> daemon needs to know how to reach the LDAP server, we configure this in the file \/etc\/saslauthd.conf<\/code>, it is simple as:<\/p>\nldap_servers: ldap:\/\/server.address.example.com\r\nldap_port: 389\r\nldap_version: 3\r\nldap_password_attr: userPassword\r\nldap_auth_method: bind\r\nldap_filter: (uid=%u)\r\nldap_search_base: ou=Users,dc=example,dc=com\r\n<\/pre>\n
uid=USERNAME<\/code> in the base ou=Users,dc=example,dc=com<\/code> and will check the password against the attribute userPassword<\/code>.<\/p>\ntestsaslauthd<\/code> app, like this:<\/p>\nuser@svn:\/svn# testsaslauthd -u username -p secret\r\n0: OK \"Success.\"\r\n\r\nuser@svn:\/svn# testsaslauthd -u username -p wrongSecret\r\n0: NO \"authentication failed\"\r\n<\/pre>\n
service saslauthd start<\/code>.<\/p>\nsvnserve.conf<\/code> so it will actually request the authentication to sasl. So, make sure that the [sasl]<\/code> section of the file looks like this:<\/p>\n[sasl]\r\nuse-sasl = true\r\n#...\r\n<\/pre>\n
\/usr\/lib\/sasl2\/appname.conf. svnserve uses the name svn<\/code> internally, we need to create the file as: \/usr\/lib\/sasl2\/svn.conf, with the following contents:<\/code><\/code><\/code><\/code><\/code><\/code><\/p>\npwcheck_method: saslauthd\r\nmech_list: PLAIN LOGIN\r\n<\/pre>\n
svnserve<\/code> daemon and voil\u00e0<\/em>, it’s done!<\/p>\n","protected":false},"excerpt":{"rendered":"