SVN repository files are accessible in Apache for some reason...

Hopefully this is a quick one.

I am setting up a new SVN Repository.  It's a brand new CentOS 6.4 server installed with the "Basic Server" option, and then I installed the subversion and mod_authz and some ldap packages.

My SVN home directory is /var/www/svn/, and my repository is called "mystuff", so the actual repository files are available at /var/www/svn/mystuff

My /etc/httpd/conf.d/subversion.conf is below:

LoadModule dav_svn_module     modules/mod_dav_svn.so
LoadModule authz_svn_module   modules/mod_authz_svn.so

<Location /repos>
   DAV svn
   SVNParentPath /var/www/svn

   AuthType Basic
   AuthName "Please login with your LDAP account details"
   AuthBasicProvider ldap
   AuthLDAPURL "(REDACTED)" NONE
   AuthLDAPBindDN "(REDACTED)"
   AuthLDAPBindPassword "(REDACTED)"
   Require ldap-group (REDACTED)
</Location>

Open in new window


When I go to http://xxx.xxx.xxx.xxx/repos/mystuff I successfully am prompted for authentication, and then I see the SVN repository.

Accessing the repository works as expected
HOWEVER, if I go to http://xxx.xxx.xxx.xxx/mystuff I am presented with the raw repository database files in the /var/www/svn/mystuff ! Without authentication!

Accidental access to the repository files

I'm totally stumped. I never specified anywhere in my config that this should be the case, I don't understand why I can access the repository files directly like that. And I'm sure it's a security issue.

Anybody know what's going on?

-Gordon
LVL 31
Frosty555Asked:
Who is Participating?
 
Frosty555Connect With a Mentor Author Commented:
Okay I was just stupid...

In a previous failed attempt, I accidentally called "svnadmin create" and make an empty SVN repository called "mystuff" in the /var/www/html/ folder.

It's amazing how just writing out the question and posting it here helped me come to the answer. Rubber duck debugging, huh?
0
 
Frosty555Author Commented:
see comments above
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.