CentOS Subversion, Basic Auth Password file not working

Prof picture Prof · Nov 15, 2012 · Viewed 10.7k times · Source

So i have SVN installed and using HTTPD for a remote repository. All works well, until i use the password file. This is not working at all. Apache's error_log says

(13) Permission Denied: Could not open password file

I have set the passwd file's chmod to 777 and chown to apache, I also set the parent folder of the repo and passwd file to chown apache and chmod 777...

I have no clue how this is a permissions problem anymore... any help please!!

UPDATE

I took SVN out of it, and just implemented a standard basic auth on one of my domains

<VirtualHost *:80>
    ServerName domain.com
    ServerAlias www.domain.com
    DocumentRoot "/var/www/www.domain.com/public_www"
    <Directory "/var/www/www.domain.com/public_www">
        Options -Indexes
        Order allow,deny
        Allow from all
        AllowOverride All
        AuthType Basic
        AuthName "Basic Authentication"
        AuthUserFile /path/to/authfile.htpasswd
        Require valid-user
    </Directory>
</VirtualHost>

I created the password file like this

htpasswd -cm /path/to/authfile.htpasswd username
password (and retype)

And finally

service httpd restart

Lo and behold, the auth prompt works as before, but the username and password DOES NOT! This is rather frustrating, i have double checked all the permissions, owners etc of the password file and parent folder, but i still get

(13) Permission Denied: Could not open password file

In the error_log for Apache

Answer

Tanner picture Tanner · May 9, 2013

If you're on a Red Hat Enterprise Linux/Centos/Fedora system and you create your htpasswd file outside of /var/www/html directory, owned by apache, you'll also have problems with SELinux context/lables of the htpasswd file. You can check the current context/label of htpasswd with the -Z option passed into the ls command.

ls -Z 

The htpasswd file should have a type of httpd_sys_content_t. you can change this with this command:

chcon -t httpd_sys_content_t htpasswd

More info on Relabeling Files for SELinux:

https://wiki.centos.org/HowTos/SELinux#head-0f6390ddacfab39ee973ed8018a32212c2a02199