Posts Tagged ‘Ubuntu’

Building Chromium OS – update

Posted by on November 25th, 2009 | 2 Comments

Today (or yesterday late) I started download and building the source of Chromium OS again. As a described inside my blog and at http://groups.google.com/group/chromium-os-discuss/browse_thread/thread/ba8ddf13edece9a6/647d2632e8c2d615?lnk=raot I got a blue gradient screen after login.

One of the reponse of this post said something about the different version of the gtk library which are used http://code.google.com/p/chromium-os/issues/detail?id=676 Ubuntu 9.10 makes use of libgtk2.0 2.18.3 while Chrome OS is packaged with 2.17.2. So building the code went fine but when running you get errors inside the log file var/log/slim.log

/opt/google/chrome/chrome symbol lookup error: /opt/google/chrome/ chrome undefined symbol: gdk_x11_window_get_drawable_impl

You don’t get this issue when using the pre built browser binary (because this one is compiled with the right package). But my idea was that I wanted to build the Chromium OS completly from source. Because I did not want to make another chroot environment for building the browser code, I created a new virtual machine (within VMWare) and this time I use Ubuntu 9.04

About Chromium

About Chromium

I updated my previous blog post and this time I get a browser after login. Still the system is far away from stable (but this is probally because it is a very early version) and performs not that smooth (probally lack of drivers). But it is working.

So check out the previous (updated) blog post (http://www.johandekoning.nl/index.php/2009/11/23/building-chromium-os/) and I hope it helps you when building the system by your own. Of course it is possible to ask question or give feedback by posting comments.

Building Android 1.5 – Flashing the phone

Posted by on July 3rd, 2009 | 31 Comments

Note 30 july 2009: updated the post. It now reflects the changes made to the repository (dream is now called dream-open)

In the previous blog posts I described how to setup your build environment, get the Android source and how to build it for the Android Dev Phone. When you followed these steps you should now have an own version of the Android OS image available which can be flashed on your Android Dev Phone. But first, as usual, some preperations to make the flashing succesful.

Note: flashing your Android phone will remove your data from the phone (not the SD card). For example the SMS messages will be destroyed. It is possible to keep this “userdata” by NOT flashing the userdata partition. I found out that this can sometimes result in strange behaviors of the OS. Another option is to backup the data first (with applications from the Android Market)

Note: in my opinion flashing your Android will not brick your phone easily (brick means that you can only use your phone as a building block). You should be able to access the bootloader of the device even when your build does not work. But there is a possibility that things can go wrong. So I am not responsable for any damage to your phone. Know what you are doing. Besides the step by step walkthrough, I try to give you as much information so that you know why you are doing those steps. If you are not sure that what you are doing is right, just post a question to this blog or ask it on the Android Platform Forum  (http://groups.google.com/group/android-platform)

Radio image

The radio part of the Android OS for the Android Dev Phone is, just like the proprietary files, closed source. The radio part makes communication with the GSM network possible. This part is not build with the Android source code but can be downloaded at the HTC support site as separate download (http://www.htc.com/www/support/android/adp.html).

Because your build can be seen as an Android 1.5 version, it is important that you use the 1.5 version of the Radio image. Previous versions are not compatible.

The steps which I took to make sure that I have the right radio version on my phone and that it is working properly, is to flash the phone first to the official HTC 1.5 version of Android. If you already did that you can skip those steps. If you are not sure which radio version is running on your phone, follow these steps on your dev phone

Press menu (from the home screen)
Choose settings
Scroll down to the last option About Phone
At the bottom you will find information about which version is installed

The baseband version shows the radio image version which is in use. It should end with 2.22.19.16I (just like the download name ota-radio-2_22_19_26I). If this is not the case, you should first flash the phone with the HTC image for Android 1.5

The steps for flashing the phone with the HTC image are clearly described at http://www.htc.com/www/support/android/adp.html If you follow these steps (and use the Android 1.5 version) you should end with your dev phone running the HTC Android 1.5 version. I will give you some extra information which can be usefull during the flashing procedure.

About phone screen

About phone screen

Fastboot

For the update process described by HTC you will need the tool fastboot. You can download this tool from the same website as where you find the HTC images. Another option is to use your own version of fastboot which is created during the build process. You will find this application (which is in our case the Linux version) in ~/mydroid/out/host/linux-x86/bin. If you are a Windows user, you should use the fastboot executable provided by HTC. I don’t know if building the source on Mac OS X is as clear as on Ubuntu (it should be possible to compile the source) and that the fastboot version can be used.

Make sure that the fastboot utility location is inside the PATH variable. So that it can be found on the whole system independent on the location of which the terminal is currently active.

Connect ADP with Ubuntu

In a previous blog post I explained how to connect your device with Ubuntu which runs within VMWare as Virtual Machine. Those steps (http://www.johandekoning.nl/index.php/2009/02/07/android-dev-phone-ubuntu-and-vmware-server/) are also relevant when running Ubuntu natively (except for the VMWare steps).  Or follow the steps (when for example you want to use fastboot with Windows) which are written for the Android SDK http://developer.android.com/guide/developing/device.html

Flashing the device

So the HTC Android 1.5 version is running well? You made sure that the right radio version is installed? Fastboot is working properly? And made (optionally) a backup of your important data?

If that’s the case it is time for flashing the phone. The flashing part is quit easy and will take only a couple of minutes. First the device should be started in fastboot mode. The Android Dev Phone contains a bootloader which makes it possible to flash the phone. I think, but I am not sure, that this bootloader is always accessible (or you should execute some kind of operation which will destroy the bootloader part but I don’t know how to do that) making it possible to flash your Android over and over again with for example your own build (if your build is not working or you make changes) or the official HTC one.

To use fastboot execute the following steps on your device

If your device is running, shut is down
Power up the device while holding the BACK key
Hold the BACK key until you see a screen with the message Fastboot

The device is now in fastboot mode. The bootloader exists in different version. You can have a version with a rainbow background or one with skating Androids. It doesn’t matter, the flashing will work for both. Of course only when using a Dev Phone, the G1 does not support the flashing part.

The images which will be flashed to your device are inside the ~/mydroid/out/target/product/dream-open directory. So move to that directory and check if the following four images exists

  • boot.img (for booting the device, contains the kernel)
  • system.img (contains the Android framework, drivers, default applications and utilities)
  • userdata.img (used for the userdata storage. You don’t have to flash the userdata partition, so that your data will not be removed. But I got sometimes strange effects when there is still userdata available from a different Android image. )
  • recovery.img (used to restore and update the Android device. Don’t know when this will be used).

You don’t have to flash all partitions on your Android device every time. If you don’t change the kernel than you can skip the boot image. But off course you should flash the boot partition for the first time because it is different than the HTC one.

From the ~/mydroid/out/target/product/dream-open directory, use the following commands to flash the phone

fastboot flash boot boot.img
fastboot flash system system.img
fastboot flash recovery recovery.img
fastboot flash userdata userdata.img

Every fastboot command will send the image first to the device and (after succesfully received) will be written to the specific device partition. After all partitions are flashed succesfully you can reboot the device. This can be done by executing

fastboot reboot

It is also possible to exit fastboot by pressing Menu+CALL+END CALL button on your device.

It’s alive!

The first boot can take some time. You will get an Android splash screen, followed by another (grey logo) Android splash screen. Finally the home screen will be available. The Android system will be different comparing to the HTC version. A summary of what you can do and can’t with your own build.

Can

  • Wifi and bluetooth should work properly (because we added the right driver versions)
  • The Home button will work and you will have the Silent and Airplane option when holding the END CALL button (this is done by the SdkSetup package)
  • The led light should work when you get an SMS or connect the device
  • You should be able to make and receive calls
  • Camera, GPS and all the other sensors should be working fine
  • Start applications like Browser, Calculator, etc
  • Make use of 3G connection
  • Use android in a different language. The HTC version of Android has only the English language pack. Your own version has multiple language support.

Can’t

  • Use the Calendar application. Because this application depends on some Google libraries which are not on the system. I was looking how to seperate the Calendar application so that it is not Google dependent (and submit the source back to the source tree)
  • No Market application.
  • No Google applications (like GMail, GTalk, Maps).
  • No nice ringtones. The media directory which contains all the ringtones which are normally there is not part of the built.
  • No synchronization with Google (like contacts and calendar)

What’s next?

I will write another post about how to add the Google Apps, Market and ringtones to your own build. For now the flashing part is completed (so turn on the lights again :D ). Questions and other feedback can be given to this post.

Blogpost in the Building Android 1.5 serie

Building Android 1.5 – Build environment

Posted by on June 7th, 2009 | 9 Comments

Last year I bought an Android Dev Phone. I wanted to be one of the first to use this great device and operating system. The Android Dev Phone makes it possible to flash it with your own build version of Android. So why not building the Android OS from source?

This first part of Building Android 1.5 is about setting up the build environment. There is a description available at http://source.android.com/download. I will write down the steps I have taken to give you a step by step manual

Installation of Ubuntu

I installed Ubuntu as a Virtual Machine (because I am running Windows Vista). I used Ubuntu 8.04 because this is also the environment which Google is using (as I should believe). There are some issues with Ubuntu 8.10 for example when building the source.

I will not explain the installation of Ubuntu. This is really straight forward (perhaps even easier than installing Windows) when putting in the Ubuntu CD and boot from it.

When Ubuntu is installed I did sudo apt-get update and sudo apt-get upgrade to have the latest versions of all the packages which are installed by default

Required packaged

In order to retrieve the source code from git and to build the Android OS, the installation of some packages is required. Install the following packages by executing sudo apt-get install <pakagename>

  • git-core
  • gnupg (this package was already installed)
  • sun-java5-sdk (don’t use java 6 because this will result in errors during build)
  • flex
  • bison
  • gperf
  • libsdl-dev
  • libesd0-dev (the last 0 is a zero)
  • libwxgtk2.6-dev
  • build-essential
  • zip (already installed)
  • curl
  • libncurses5-dev
  • zlib1g-dev
  • valgrind (this packge is optional)

Instead of installing the packages seperately, you can also comine the apt-get install command

sudo apt-get install git-core gnupg sun-java5-jdk flex bison gperf libsdl-dev libesd0-dev libwxgtk2.6-dev build-essential zip curl libncurses5-dev zlib1g-dev valgrind

At http://source.android.com/download is written that Ubuntu 8.10 users should install a newer version of libreadline. I found out that I also needed this package because otherwise repo gives errors.

sudo apt-get install libreadline5-dev

Note: the Get source page on the android website uses a different package name (lib32readline5-dev) but that one does not exists

Java Environment

It could be possible that java 6 is installed on your own Ubuntu installation. To check which Java version is used, run the command

update-java-alternatives -l

In my Ubuntu enviroment only one java version is given back in the result

java-1.5.0-sun 53 /usr/lib/jvm/java-1.5.0-sun

If multiple versions are installed, use update-java-alternatives -s to change the default Java Environment. For example

update-java-alternatives -s java-1.5.0-sun

The location of the Java installation should also be set exported as $JAVA_HOME. Edit the .bashrc file inside your users home directory. Add the following line to the end of the file

export JAVA_HOME=/usr/lib/jvm/java-1.5.0-sun-1.5.0.16

The location of the Java installation can be different (depending on the version number which is in my case 1.5.0.16). Check the location first to see if it contains the Java installation.

Start a new terminal and check if $JAVA_HOME is working and pointing to the right location

echo $JAVA_HOME

When the result given back is correct (for example /usr/lib/jvm/java-1.5.0-sun.1.5.0.16) the $JAVA_HOME is correctly set.

You can also check if the correct Java version is used by running the command java -version 

java -version

Result

java version "1.5.0_16"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_16-b02)
Java HotSpot(TM) Client VM (build 1.5.0_16-b02, mixed mode, sharing)

What’s next?

By installing Ubuntu, de required packages and setting up Java everyting is ready for downloading the source from Git and building your own version of the Android source. I will explain the steps of retrieving the source code from Git in a next blog item.  Feel free to give feedback on this post.

Blogpost in the Building Android 1.5 serie

Android Dev Phone, Ubuntu and VMWare Server

Posted by on February 7th, 2009 | 9 Comments

Compiling the source code for creating your own Android build is not supported within a Windows operating system (I don’t know if it is possible by the use of Cygwin). Because my notebook is running Windows XP, I use VMWare Server 2.0 which runs a Ubuntu 8.10 (Desktop) as virtual machine.

VMWare makes it possible to connect USB devices inside your virtual machine. Because I want to connect my Android Dev Phone to Ubuntu, I performed the following steps to make that possible.

VMWare hardware configuration

When creating a virtual machine (or before starting the virtual machine) make sure that the USB controller is added to the hardware list.

If this is not the fact. Add the USB Controller by choosing Add hardware and select the USB Controller from the Hardware type list.

Sharing the USB device

Connect your Android Dev Phone to your computer and start the Ubuntu Virtual Machine by pressing the Play button inside the VMWare Server web interface. When booting the Virtual Machine you will notice that a new icon (with an USB sign) is placed on the toolbar inside the VMWare Web Interface next to the Restart button. When you click on this icon a context menu will be shown with a list of devices that are plugged inside the host OS (in my case connected to Windows XP).

Mark the checkbox in front of the High Android Phone to make it available inside Ubuntu.

Udev configuration

You can perform a check, to see that the Android Dev Phone is shared with Ubuntu, by opening a Terminal (inside Ubuntu. Open a VMWare Remote Console to make use of the Ubuntu) and type the following command

lsusb

A list of USB devices will be shown. For example:

Bus 002 Device 001: ID ld6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 004: ID 0bb4:0c02 High Tech Computer Corp.
Bus 001 Device 001: ID ld6b:0002 Linux Foundation 2.0 root hub

The Android Dev Phone is the device with the name High Tech Computer Corp (HTC). Make a note of the first part of the device ID (in this case 0bb4) because this is needed for the udev rule.

Create a new file (as root)

sudo gedit /etc/udev/rules.d/50-android.rules

with the following content

SUBSYSTEM=="usb", SYSFS{idVendor}=="0bb4", MODE="0666"

Make sure that the text after {idVendor} is the same as the device id found when using the lsusb command. Save and exit the editor

To make execution of the rule possible, perform a chmod

sudo chmod a+rx /etc/udev/rules.d/50-android.rules

To make the rule active, restart udev

sudo /etc/init.d/udev restart

Final check

To check if the device is available use the adb tool (which is part of the Android SDK. Download and installation instructions at http://code.google.com/android)

adb devices

This will return a list of attached devices.

List of devices attached
HT845GZ51782 device

You should now be able to use the different tools of the Android SDK (and application deployment with the use of Eclipse) within Ubuntu running inside VMWare Server.

Ubuntu, Apache, SSL, Subversion and LDAP

Posted by on August 30th, 2008 | 8 Comments

At work we needed a new source control system and we decided to use Subversion. This blog will give details about the installation of how to use Apache (with SSL connection) to control subversion. Access to the subversion repository is done with LDAP connected to an Active Directory

Unbuntu installation

I used the ubuntu 8.0.4 desktop version. Installation with the wizard is straight forward and therefore not discussed. The hostname in this example is: jdk-svn . After installation of Ubuntu I checked for new package update (sudo apt-get update and sudo apt-get upgrade).

Installation of Apache

To install apache2 you need to install the apache2 package

sudo apt-get install apache2

Besides the package apache2 also the packages apache2-mpm-worker, apache2-utils, apache2.2-common, libapr1, libaprutil1 and libpq5 are installed

After installation you can check if the Apache webserver is running by pointing your browser to the http://jdk-svn location (from the server also http://localhost will work). When the server is running a webpage will be served with the simple textmessage It Works

Installation SSL

For authentication we don’t want to send plain text on the network. SSL need to be installed to support secure connections. SSL needs the packages openssl and ssl-cert which are installed by default with the Ubuntu 8.0.4 installation (otherwise use sudo apt-get install openssl and sudo apt-get install ssl-cert to install these packages)

A certificate is needed for SSL. I will use a self signed certificate which can be created with make-ssl-cert

Note: a lot of websites are talking about the script apache2-ssl-certificate to make a certificate. The problem is that for some reason this script is not anymore part of the apache2 package. There are ways to extract the script from other apache2 packages but I found it easier to create a certificate with make-ssl-cert

Note 2: make-ssl-cert generated a certificate which is by default expired after 30 days. After 30 days it can still be used but it will give another warning inside the browser. Does somebody know how to generate a certificate which expires after 365 days (which I though is the maximum days)?

sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/private/localhost.pem

When using make-ssl-cert some question will be asked by the script which need to be answered for the generation of the certicate:

  • Country Name
  • State or Province Name
  • Locality Name
  • Organisation Name
  • Organisation Unit Name
  • Host name: jdk-svn
  • Emailaddress

The apache website configuration should be changed to make use of SSL and the certificate. Apache can have multiple website configuration (stored inside /etc/apache2/sites-available). A site is accessable (enabled) when it is inside the etc/apache2/sites-enabled directory. This, enabling a site, can be done with the a2ensite tool. With a2dissite, a site can be disabled.

The default website configuration (created by default serving the It works website) will be used for the new SSL configuration

cd /etc/apache2/sites-available
sudo cp default ssl

Edit the ssl configuration with your favorite texteditor (for example gedit: sudo gedit ssl). Make the following changes (port 443 is the port number used for https)

NameVirtualHost * -> NameVirtualHost *:443
<VirtualHost *> -> <VirtualHost *:443>

Add (between <VirtualHost> tags. For example directly below ServerAdmin):

SSLEngine On
SSLCertificateFile /etc/ssl/private/localhost.pem

The ssl website should be enabled. Besides enabling the website also the apache ssl module should be enabled (which can be done with the a2enmod script)

sudo a2ensite ssl
sudo a2enmod ssl

Note 3: I only want to use the server for SVN access. Therefore I want to disable the website running on port 80. Use sudo a2dissite default to disable the website at port 80.

After creating the ssl configuration and enabling the website, Apache should be restarted

sudo /etc/init.d/apache2 restart

Note 4: when (re)starting Apache I got an error that the server name could not be determined. I fixed this by adding the ServerName to the httpd.conf. Open the httpd.conf file (sudo gedit /etc/apache2/httpd.conf), this file is empty by default, and add the line ServerName jdk-svn

After restarting Apache the ssl website should be accessable by pointing your webbrowser to https://jdk-svn (or from the machine: https://localhost). The same It works! website will be served (because we did not changed what will be served inside the ssl configuration). When you disabled the default site, you will get a Not found website when requesting http://jdk-svn. By the way, the first time you will access the website which will make use of SSL, your browser will give some security exception about that the certificate cannot be verified. This is true because we created a self signed certificate. Make an exception for this website by allowing access to this website inside your browser configuration.

Installation of Subversion

Apache2 and SSL is running, it is time for Subversion. Install the subversion package:

sudo apt-get install subversion

After subversion is installed a subversion repository should be made. This repository will be accessible by Apache (SSL) with the use of LDAP for authentication and authorization. I created the subversion repository inside the /var directory

sudo mkdir /var/svn
sudo mkdir /var/svn/myrepository

The repository will be called myrepository. Because users will add and modify files inside SVN by the use of Apache, the Apache user (www-data) should be the owner of the myrepository directory. If permissions are not set correctly, you will finish with a read only repository.

First set the ownership of the directory to the www-data user

sudo chown -R www-data /var/svn/myrepository

The www-data group (of which the user www-data is member of) should be set a ownership group of this directory

sudo chgrp -R www-data /var/svn/myrepository

It is important that when users are adding files to the repository, that these files have proper permissions set. Use the following command to do that

sudo chmod -R g+rws /var/svn/myrepository

Use svnadmin to make it a Subversion repository

sudo svnadmin create /var/svn/myrepository

Because svnadmin added directories and files to the myrepository folder which do not have the right group write access, it is important to repeat the chmod command

sudo chmod -R g+rws /var/svn/myrepository

The repository is now created. Let’s integrate it with Apache. We don’t use LDAP yet to see if the integration is working.

For Apache and Subversion integration, the libapache2-svn package is needed. Install this package

sudo apt-get install libapache2-svn

Change the ssl website configuration (sudo gedit /etc/apache2/sites-available) by adding the following part between the <VirtualHost> tags. For example just below the last </Directory> tag

<Location /repos>
   DAV svn
   SVNParentPath /var/svn
   SVNListparentPath on
</Location>

The location /repos means that you can access the repositories by going to https://jdk-svn/repos from within your browser. You cahttp://www.johandekoning.nl/wp-admin/post.php?action=edit&post=84&message=4n change this if you prefer a different location. SVNParentPath /var/svn is the location where the repositories are stored on the local file system. With SVNListParentPath on you will get a website showing the different repositories when opening https://jdk-svn/repos. If you set this to off (or remove the line) you will get a Not Found error. In this situation you can access a repository by going directly to the repository location (http://jdk-svn/repos/myrepository).

Restart apache (sudo /etc/init.d/apache2 restart) to make the changes visible. When opening the url http://jdk-svn/repos inside your browser, you will get a list of repositories available (in this case only the myrepository)

LDAP integration

Apache and subversion are working together but everybody has access to it. LDAP will be used to only allow access to members of an Active Directory. By using LDAP we can centralize authorization/authentication and don’t have to configure access inside different configuration files.

For LDAP integration two apache modules should be enabled: ldap and authnz_ldap. Ldap will automatically been enabled when enabling the authnz_ldap module:

sudo a2enmod authnz_ldap

Note 5: I am using Microsoft Active Directory, which does not allow anonymous access for retrieving the members inside a Active Directory. To solve this I created a new Windows Account inside the Active Directory which does not have terminal access (cannot login on Windows Workstations). Problem with not having anonymous access (or a more limited account than disabling terminal access) the username and password should be set as plain text inside the ssl configuration. For know I think that is fine but off course I prefer a saver solution. Post your ideas by adding a comment to this blog item).

Edit the ssl configuration file (sudo gedit /var/apache2/sites-available)

...
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthName "jdk-svn"
AuthUserFile /dev/null
AuthLDAPURL "ldap://activedirectory.johandekoning.nl:3268/DC=johandekoning,DC=nl?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "CN=<ldap_username>,CN=users,DC=johandekoning,DC=nl"
AuthLDAPBindPassword  <ldap_password>
AuthLDAPGroupAttributeIsDN on
AuthLDAPGroupAttribute member

SSLRequireSSL
Require valid-user

Make changes to this configuration file confirming your active directory installation (the AuthLDAPURL, AuthLDAPBindDN and the AUTHLDAPBindPassword)

Restart apache (sudo /etc/init.d/apache2 restart) and go to https://svn-jdk/repos with a webbrowser. A login dialog will be shown asking a username and password. Use a windows username and password of a user which is part of the active directory. When login is successfully you will see the repository list again.

Clean up apache ssl configuration

The ssl configuration created still contains configuration which is not needed when you only want to use apache for subversion integration. For example the It works website is still served when opening https://jdk-svn. Clean up the ssl configuration (sudo gedit /etc/apache2/sites-available/ssl) by removing the following parts:

DocumentRoot /var/www/
<Directory />
   Options FollowSymLinks
   AllowOverride None
</Directory>
<Directory /var/www>
   ...
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
   ...
</Directory>

And remove the part

Alias /doc "/usr/share/doc/"
<Directory "/usr/share/doc/">
   ...
</Directory>

Restart apache (sudo /etc/init.d/apache2 restart) and check that the It works site is not served anymore (https://jdk-svn will give back a Not found message)

What’s next?

You finished the installation and configuration of Apache, SSL, Subversion and LDAP integration. You can now use your favorite Subversion applications to modify the content of the repository.

The LDAP integration gives users access to Subversion which are inside the Active Directory. I am still searching for solutions to make more use of the Active Directory and LDAP mechanism. For example defining inside Active Directory the access to repositories for each user (and not inside Apache configuration files because I want to keep these settings centralized). If you have any idea how to define this within Active Directory, please post it as a comment. Besides accessing repositories you can also think about read-only access.

The SSL configuration

To summarize the changes made to the ssl configuration, the final ssl configuration file is added:

NameVirtualHost *:443
<VirtualHost *:443>
        ServerAdmin webmaster@localhost.com
        SSLEngine On
        SSLCertificateFile /etc/ssl/private/localhost.pem

        ErrorLog /var/log/apache2/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /var/log/apache2/access.log combined
        ServerSignature On

        <Location /repos>
                DAV svn
                SVNParentPath /var/svn
                SVNListparentPath on

                AuthType Basic
                AuthBasicProvider ldap
                AuthzLDAPAuthoritative on
                AuthName "jdk-svn"
                AuthUserFile /dev/null
                AuthLDAPURL "ldap://activedirectory.johandekoning.nl:3268/DC=johandekoning,DC=nl?sAMAccountName?sub?(objectClass=*)"
                AuthLDAPBindDN "CN=<ldap_username>,CN=users,DC=johandekoning,DC=nl"
                AuthLDAPBindPassword <ldap_password>
                AuthLDAPGroupAttributeIsDN on
                AuthLDAPGroupAttribute member

                SSLRequireSSL
                Require valid-user
        </Location>
</VirtualHost>