-   Linux - Server (
-   -   Apache & SVN permissions (

blueAlien 03-30-2010 07:47 PM

Apache & SVN permissions
I recently started using SVN with Apache for my web development, although I find it really annoying that I have to issue two SVN commands (one local, one remote) to update my web site. I have been looking into SVN post-commit hooks to solve this problem. The only problem is that apache does not have permission to modify files in my user directory...

So here is how everything is setup. I am running Slackware 13 full install. There have been no installations overriding any of the default installs.

From httpd.conf

# Enable user directories
UserDir public_html

<Directory "/home/*/public_html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
        Order allow,deny
        Allow from all
    <LimitExcept GET POST OPTIONS>
        Order deny,allow
        Deny from all

# Enable svn support:
LoadModule dav_svn_module lib/httpd/modules/
LoadModule authz_svn_module lib/httpd/modules/

<Location /svn>
    DAV svn 
    SVNParentPath /home/svn/repositories
    AuthName "blueSerf SVN Repository"
    AuthType Basic
    AuthUserFile /home/svn/.svn-auth-file
    Require valid-user

# Disallow browsing of SV working copy admin dirs.
<DirectoryMatch "^/.*/\.svn/">
    Order deny,allow
    Deny from all

I have setup an SVN repository in my home directory (~blueAlien/public_html). Currently I have to issue "svn commit -m 'message'" from my local machine, and then "svn up" from the server to get the web site updated. I want to modify to post-hook script to do something similar to the following.


cd /home/blueAlien/public_html/
/usr/bin/svn up

Although, Apache does not have write permissions in my user directory. I have looked at a few different options for solving this issue. The first one involves writing a C script to handle calling svn, compiling it, giving it special permissions (chmod +s), and then running that from the post-commit hook. I really do not like this solution, as I would either have to compile one for each SVN repository that I create or modify it two handle multiple repositories. I am not a C developer, so this is really all over my head...

The second option is to change the permissions on my home directory and public_html folder to allow Apache to write files, which could also help in other future development projects I have. This is the route that I would like to take. So, my question is... what are your suggestions for accomplishing this in a secure manor? Please note the linked references I have supplied above.


blueAlien 03-31-2010 06:15 AM

I have succeeded in getting my post-commit script to work, although it is still returning an error. Does anyone know how to get rid of this error?

Warning: Error waiting for process '/home/svn/repositories/dev/hooks/post-commit': No child processes
I have updated my permissions to the following.

drwxr-xr-x 4 dev  users  4096 2003-10-30 07:25 ./
drwxr-xr-x 8 root root  4096 2003-10-30 07:23 ../
drwxrwx--x 4 dev  apache 4096 2003-11-06 08:51 public_html/

The working copy in /home/dev/public_html has been checked out by the user apache.
My post-commit script reads:


/usr/bin/svn up /home/dev/public_html --username username --password ******** --non-interactive >> /home/svn/logs/post-commit.log

The log file

I have also tried this... (which returns no errors)

su apache
env - ./post-commit

All times are GMT -5. The time now is 11:53 AM.