Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.6.x
-
None
-
Linux
Description
Problem: There appears to be a bug in the way that the AuthzSVNAccessFile is parsed. When a second group which starts with "groups" is defined (e.g. [groups:/] or [groupstest:/]), it appears to break the parser and results in Forbidden errors to clients. Replication: Step 1) grab your friendly AuthzSVNAccessFile Step 2) Add a [groups:/] section with perhaps a token entry. Step 3) Test Detailed Description: I recently upgraded an old Subversion 1.2.1 site with some projects to first 1.4.2 and then 1.6.6 and discovered that the file balked at loading and spat out the following error: Failed to load the AuthzSVNAccessFile: An authz rule refers to group '@groups-committers', which is undefined This resulted in all repositories being thrown a forbidden error as the access file fails to be parsed appropriately. I went hunting figuring a script somewhere had died but couldn't work out what was going wrong because as far as I could see the group did exist. I then looked to the section that was causing the issue: [groups:/] @groups-committers = rw @groups-readers = r * = r I removed the committers line and tested again, it then complained about groups-readers, so I removed that line. That then yielded an even strange error message: Failed to load the AuthzSVNAccessFile: An authz rule refers to group '*', which is undefined At this point I deleted the last two lines of the section and everything came good. Then I put the section back and it broke it. I renamed it from 'groups' to 'tgroups' and it started working again. I then changed it to 'groupstest' and it still triggered an error. Subversion 1.2 (CentOS 4) was working happily with this, both 1.4.2 (CentOS 4 packages) and 1.6.6 (RPMForge) exhibited the incorrect behaviour.
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2418072
Original issue reported by pasamio