CentOS 6.4.

We've got a subversion repo on a server. Currently, it's set to use krb5. Trouble is, the krb5.conf is set up to use pcscd authentication (using PIV cards). Whether anything else on the server needs it, it appears that when people issue certain svn commands (I haven't nailed down which), the thing tries to look at the pcscd.pid... and selinux complains that this is naughty. (We're in permissive mode.)

I don't know deeply enough if anything else really needs to do this on the server, but I'd like to fix it so that doing svn stuff does *not* invoke that call. It *appears* if I comment out the pkinit_identities, we don't get the error (for obvious reasons).

Ideally, I'd like to find some way to configure subversion - maybe in the /etc/httpd/conf.d/subversion.conf - so that it doesn't try that, but we *do* want it to do password krb5 authentication.

Does this make sense? If so, is it do-able?

mark, back at googling