How to add a new LDAP'ed user to subversion - linux

Our SVN administrator is on holidays, and I need to add a new user to subversion.
We're using Collabnet Subversion on a RedHat box.
I've found the CollabNet_Subversion/conf/ directory with all the configuration files, including an auth file that I can see contains all our users and the groups that they belong to.
All our users need to log in with their LDAP credentials, so I don't need to change any of that.
It looks something like this:
company_auth_production
`[groups]
it-leads = jsmith, hsimpson, pgriffin
it-all = ajolie, rwitherspoon, #it-leads
[/]
* =
[prod:/]
#it-all = rw
`
So I added the new user and restarted subversion. But that doesn't seem to have done the trick. Am I missing something else ? Thanks

a. You have mention that there is "company_auth_production" file. Please check if there is some other authorization file, probably "authz". Can you please provide more information on this.
As per the structure in your file
[prod:/]
#it-all = rw
should have given the read write access to all the users of "it-all" till the path "prod".
b. If this is not working then please try using "VisualSVN Server". It has a very nice gui to add users and give them priviledges also.
Hope this helps.

In your apache Configuration is usually a require directive (eg "require group" or "require user"). Often there is a specific group which user has to belong to access svn (eg svnusers, etc...)

Related

how do I fix HTTP Error 401.3 - Unauthorized?

So I've come across a problem, what I am trying to do is "Check if the python file is ready to execute" as verbatim by my CS professor. So here I what I have done so far:
-Enabled Directory Browsing
-Added a new Script Map
-Linked the executable to the python executable of my python project
-Changed its directory to a new folder (as instructed)
-Created a New Python File with this code in it:
print("Content-Tytpe: text/html\n");
number1 = 1
while number < 10:
print("Hello Python World! <br>");
number = number+1
-and finally clicked on "Browse .80"
I clicked on "test.py" (the python file) and this showed up:
I researched a couple of fixes in this site and among others and this is what I have tried:
-Checked the permissions in the folder and made added a new permission for Everyone with Full Control Access
-Checked Authentication and Anonymous Authentication and set it to Application Pool Identity, both on the Desktop and the Default Website
-I even went to go as far as resetting my PC to check if some other third party application is affecting it
I am really at the end of my rope here so any help would be greatly appreciated.
Try to refer to the steps below.
In IIS, select your site -> Double click on Authentication -> Select Anonymous authentication-> Right-click on it and select Edit option.
Select a Specific user option. Set IUSR, click OK.
Go to the site folder-> open its properties-> go to Security tab-> Make sure IIS_USRS has Read & execute, List folder contents, Read permissions.
After that try to visit the page again.
If the issue persists, try to check whether you are able to visit any HTML file in that folder or not.

How can you update gitlab users after changing LDAP OU

I'm currently playing around with gitlab-ce (omnibus, on an Ubuntu VM) in an environment with LDAP authentication.
The LDAP administrator recently reconfigured the OUs from something like
ou=temp, ou=users, ou=baseinfrastructure to
ou=users, ou=baseinfrastructure.
Now when I do something as simple as git pull with a regular user account, that user account will be set to ldap_blocked since gitlab queries for the user with the temp part in the cn string and obviously doesn't find it.
Is there a way to update the users or something else so gitlab no longer queries with the ou=temp, part?
After some search, I've found out the information is stored in the identities table.
In gitlab omnibus, you can start a database console using gitlab-psql.
In my case, the required query for verifying I'm doing the right thing was:
SELECT external_uid, replace(external_uid, 'ou=temp,', '') FROM identities;
and then actually replacing them by executing:
UPDATE identities SET external_uid = replace(external_uid, 'ou=temp,', '');
For a single user you can use gitlab-rails console.
Find your user:
user = User.find_by_email("user#email")
Get user extern_uid:
user.ldap_identity.extern_uid
the above should print result similar to: => "uid=username,ou=people,dc=example,dc=com"
Update values as neccesary:
user.ldap_identity.extern_uid = "uid=newusername,ou=newpeople,dc=example,dc=com"
Verify:
user.ldap_identity.extern_uid
=> "uid=newusername,ou=newpeople,dc=example,dc=com"
And finally save
user.save
I believe this script Gitlab rake task to mass update ldap dn may be useful for updating multiple users at once.

Does NodeJs needs public file permissons to access file?

I tried accessing data with FileZilla and additionally downloading it. This worked. However, now I tried accessing the same file with the same user with nodeJS with "GET". Here I get the Error "Access Denied".
I looked into the permissions, and the owner and group of the file are able to read and write the file, but no public permissions. My user is part of the "Group". However, I am now wondering, if the file needs to have public permissions to read and write in order to access the file via nodeJs?
Quick Info: I access the file both with FileZilla and NodeJS via SFTP. All configs / user etc. are the same.
Code:
let Client = require('ssh2-sftp-client');
let sftp = new Client();
sftp.connect({
host: config.development.host,
port: config.development.port,
username: config.development.username,
password: config.development.password
}).then(() => {
return sftp.get(`${config.development.pathToFile}/${filename}`);
}).then(async (data) => {
console.log('data', data);
csv({
noheader: true,
output: "csv"
})
Thanks!
Does NodeJs needs public file permissons to access file?
As long as the user that spawned the Node.js process has read permissions for the specific file, you shouldn't encounter any problems.
I would suggest learning how multi-user environments & permissions management works.
Recommended reading :
Learning the shell - Lesson 9: Permissions
Linux Tutorial - 8. Understand Permissions
Recommended further reading :
The default Linux security model is a bit inflexible. To give special
access (such as modification privileges) to a group of people, you
have to get your system administrator to create a group with those
people in it. Furthermore, if you would like to give a different set
of access privileges (such as read access) to another group of people,
you can’t do it because you can only assign one group owner per file
or directory. To solve this problem, you can use ACLs (Access Control
Lists). You can learn more about them from this link: ACLs
(Quote extracted from here)
After all, it will come in handy and it wont take you much effort to understand.

svn user defined config update

I have the following setup on a linux box in user home directory:
./svn.simple/hash#1
./svn.simple/hash#2
==
hash#1 points to an old server: oldserver.com
hash#2 points to current server. currserver.com
I need to alter the default server location for specific user to a new server. Apologies if terminology is off. How do I go about this? I investigate --relocate, but that seems for a specific working copy. All commands are run at the command line.
A simple checkout from the new repository prompts if config is desired to be saved. If the response is 'yes' a new entry is added to ./svn.simple, saving all required config parameters.

Database configuration for Drupal

I am try to installing Drupal-6.2.4 on XAMP. I created db named drupal_6_2_4 and when installation process reaches at Database configuration step it does not create tables into supplied db and just reload the page.
The solution was to edit the settings.php file, putting in my database information manually. Just look for this line:
$db_url = mysql://username:password#localhost/databasename;
And change the username, password and databasename parts.
Then return to the Database Configuration screen, enter the information again and continue. The correct database information will be read from the settings file and the configuration will continue to the next step.
And one think more before try this first try to add the user permissions to the folder, /sites/default may be it solve the problem.
Happy hunting!
You can find the file in below path
sites/all/default/setting.php
There you can edit the below things manually
Host
Database name
Username
Password

Resources