On Fri, 1 Dec 2023 00:55:30 -0500, Nathan Hartman <hartman.nat...@gmail.com> wrote:
>On Thu, Nov 30, 2023 at 6:43?PM Bo Berglund <bo.bergl...@gmail.com> wrote: >> >> When I installed subversion on a Raspberry Pi4B and checked the installed >> version afterwards it printed this: >> >> $ svn --version >> svn, version 1.14.2 (r1899510) >> compiled Nov 12 2022, 20:30:30 on arm-unknown-linux-gnueabihf >> >> Copyright (C) 2022 The Apache Software Foundation. >> This software consists of contributions made by many people; >> see the NOTICE file for more information. >> Subversion is open source software, see http://subversion.apache.org/ >> >> < cut > >> >> The following authentication credential caches are available: >> >> * Plaintext cache in /home/bosse/.subversion >> * Gnome Keyring >> * GPG-Agent >> * KWallet (KDE) >> >> I have had a lot of problems with password caching for a number of years >> since I >> am working on these devices mainly on the command line via ssh and when I >> issue >> a svn command against a server on our LAN what happens is that svn pops up a >> password entry dialog on the (invisible) **GUI screen**! >> And the operation started on the command line fails... >> >> It was not always so but some svn update changed the way svn operates.... >> >> Now I see the banner above where it looks like it is again available: >> >> * Plaintext cache in /home/bosse/.subversion >> >> The problem is that in the config file there is no example of the syntax for >> enabling this.... >> >> So my question here is: >> How do I enable the plaintext cache in svn client version 1.14.2 on a >> Raspberry >> Pi4B running Pi-OS? >> >> >> -- >> Bo Berglund >> Developer in Sweden > > >In the user's home directory, there should be a subdirectory called >.subversion which contains a file called config. In that file, there >is a section called [auth] which contains a setting called >"password-stores". It might be commented, or it might say something >like "password-stores = gpg-agent,gnome-keyring,kwallet". This setting >determines the order in which the different password stores >(credential caches) are used. You could set this to "password-stores = >plaintext". Make sure you don't have "store-passwords = no" or >"store-plaintext-passwords = no". I think this will solve the issue -- >though note that if the password has not been saved to the plaintext >cache yet, the SVN client should prompt for it once, and then prompt >whether you accept the risk to save it in the plaintext cache. This >should take place on the command line, so I think you won't have the >issue with the inaccessible GUI dialog box on the remote machine. Once >saved, it shouldn't prompt for it anymore. > >Note: In addition to the user's ~/.subversion/config file I mentioned >above, there is also a systemwide /etc/subversion/config. If changes >in the user-level file don't appear to work, check the systemwide one >as well. > >Hope this helps, >Nathan This is the auth content of the user's config file (which is what I referred to in my post): ### Section for authentication and authorization customizations. [auth] ### Set password stores used by Subversion. They should be ### delimited by spaces or commas. The order of values determines ### the order in which password stores are used. ### Valid password stores: ### gnome-keyring (Unix-like systems) ### kwallet (Unix-like systems) ### gpg-agent (Unix-like systems) ### keychain (Mac OS X) ### windows-cryptoapi (Windows) # password-stores = gpg-agent,gnome-keyring,kwallet ### To disable all password stores, use an empty list: # password-stores = ### ... info stuff about Kwallet,PID, ssl ... ### The rest of the [auth] section in this file has been deprecated. ### Both 'store-passwords' and 'store-auth-creds' can now be ### specified in the 'servers' file in your config directory ### and are documented there. Anything specified in this section ### is overridden by settings specified in the 'servers' file. # store-passwords = no # store-auth-creds = no So this is what I meant by missing plaintext... And the system wide /etc/subversion/config is exactly the same as the user's config file, diff returns nothing. So the question remains if adding a setting like this will work: password-stores =plaintext given the text in the config file... I have also looked in the servers file and am none the wiser... What I really want is NOT to have my svn password stored in *unencrypted plaintext*, just that it is stored on disk in a way that can be used by subversion on the next connection so I don't have to type it in for every single svn command! And it must work on the SSH command line!!! I am fine with svn encrypting the password using whetever mechanism it wants so long as the password handling DOES NOT require some action outside of the command window where the svn command is entered. Popping up a GUI action windows is totally counter-productive since it is invisible. As it has been for some time now when I enter a command window svn command that requires authentication it pops up a dialog on the GUI window which is invisible to me at that point. It took a while before I understood what was going on, at first I thought svn had crashed or similar. It just hung there on the command window. :( So on this new system I want to avoid this from happening and was encouraged by the output shown when I checked the svn version. I have no idea if any of the allowed stores mentioned (gnome-keyring, kwallet, gpg-agent) will work inside an SSH command line section... -- Bo Berglund Developer in Sweden
