Subversion & WHM/Cpanel 11

[Louisvdw]

I also have the same issue with the permissions.

[Louisvdw]

To fix the permissions: the folder and files need to be for useraccount:useraccount if you are using suPHP.

You then also have to add to your config file located at /usr/local/apache/conf/userdata/std/2/cpanl_user/domain.com/file.conf

# added for permissions/access
Order allow,deny
Allow from all

The complete conf file should look like this:

<Location /svn>
# mod dav svn support and location of svn repo files
DAV svn
SVNPath /path/to/svn/repos
# authentication for security, create using htpasswd
AuthType Basic
AuthName "SVN Access"
AuthUserFile /path/to/file/containing/user.pass
Require valid-user
# added for permissions/access
Order allow,deny
Allow from all
</Location>

[contink]

Latest has a significant update due to the way dependencies are now handled.

Apache 2.2.19
Subversion 1.7.1

Code:

cd /home/downloads/svn
wget http://subversion.tigris.org/downloads/subversion-1.7.1.tar.gz
tar xfvz subversion-1.7.1.tar.gz
cd subversion-1.7.1
sh get-deps.sh
cd neon
./configure --prefix=/usr/local/neon
make
make install
cd ..
./configure --with-apxs=/usr/local/apache/bin/apxs --with-apr=/usr/local/apache/bin/apr-1-config --with-apr-util=/home/cpeasyapache/src/httpd-2.2.19/srclib/apr-util --with-neon=/usr/local/neon/ --with-ssl
make
make install

[contink]

That time again...

Apache 2.2.22
Subversion 1.7.5

Code:

cd /home/downloads/svn
wget http://subversion.tigris.org/downloads/subversion-1.7.5.tar.gz
tar xfvz subversion-1.7.5.tar.gz
cd subversion-1.7.5
sh get-deps.sh
cd neon
./configure --prefix=/usr/local/neon
make
make install
cd ..
./configure --with-apxs=/usr/local/apache/bin/apxs --with-apr=/usr/local/apache/bin/apr-1-config --with-apr-util=/home/cpeasyapache/src/httpd-2.2.22/srclib/apr-util --with-neon=/usr/local/neon/ --with-ssl
make
make install

[contink]

Small nugget...

If your Apache version and Subversion version are still the same but you want to update say PHP to in Cpanel.. .

1. Ensure you have disabled the include editor LoadModule lines (as per earlier posts) & restarted Apache.
2. Use EasyApache as normal and ensure you are indeed leaving your apache version alone during the update
3. Run this code:
   Code:

   cd /home/downloads/svn/subversion-1.7.5
   make
   make install

4. Re-enable the LoadModule lines
5. Restart Apache

[contink]

Recently upgraded but came up against a few things regarding mod_security so see below if you get something similar.

Apache 2.2.24
Subversion 1.7.9

Code:

cd /home/downloads/svn
wget http://subversion.tigris.org/downloads/subversion-1.7.9.tar.gz
tar xfvz subversion-1.7.9.tar.gz
cd subversion-1.7.9
sh get-deps.sh
cd neon
./configure --prefix=/usr/local/neon
make
make install
cd ..
./configure --with-apxs=/usr/local/apache/bin/apxs --with-apr=/usr/local/apache/bin/apr-1-config --with-apr-util=/home/cpeasyapache/src/httpd-2.2.24/srclib/apr-util --with-neon=/usr/local/neon/ --with-ssl
make
make install

The Mod_Security quirk was down to the rules I had in a custom.conf for apache...

Code:

<IfModule mod_dav_svn.c>
  <Location /_dev>
    DAV svn
    SVNParentPath /home/foo/svn/dev

    # Our ACL (Access Control Policy)
    AuthzSVNAccessFile /home/foo/svn/svnaccess

    # Try anonymous access first, then usernames if required.
    Satisfy Any
    Require valid-user

    AuthType Basic
    AuthName "My Dev Repos"
    AuthUserFile /home/foo/svn/passwd

    <IfModule mod_security2.c>

        # Blanket approach (disable if possible)
        #SecRuleEngine Off

        # SubVersion Rules to allow through
        #SecRule REQUEST_METHOD "^(PROPFIND|PROPPATCH)$" allow "id:1234123456"
        #SecRule REQUEST_METHOD "^(REPORT|OPTIONS)$" "id:1234123457,allow"
        #SecRule REQUEST_METHOD "^(MKACTIVITY|CHECKOUT)$" "id:1234123458,allow"
        #SecRule REQUEST_METHOD "^(PUT|DELETE|MERGE)$" "id:1234123459,allow"
        #SecRule REQUEST_METHOD "^(MKCOL)$" allow "id:1234123460,allow"

    </IfModule>

  </Location>
</IfModule>

Now the code above is now disabled because it seems Mod_Security has included a subversion exception/rule as standard now but the code above caused me some problems because of two things:

1. Mod_security now requires a unique_id for each rule, which CPanel appears to have helpfully applied to each of my custom rules...
2. The syntax has changed from the pre Mod_Sec 2.7 type:

Code:

SecRule REQUEST_METHOD "^(PROPFIND|PROPPATCH)$" allow

..to this:

Code:

SecRule REQUEST_METHOD "^(PROPFIND|PROPPATCH)$" "id:1234123456,allow"

As you can see in my example above I've disabled the workaround as it doesn't appear to be required anymore but it might catch you out if you've been getting errors like this:

SecRule takes two or three arguments, rule target, operator and optional action list