LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (http://www.linuxquestions.org/questions/linux-server-73/)
-   -   Apache & SVN permissions (http://www.linuxquestions.org/questions/linux-server-73/apache-and-svn-permissions-798995/)

blueAlien 03-30-2010 06:47 PM

Apache & SVN permissions
 
I recently started using SVN with Apache for my web development, although I find it really annoying that I have to issue two SVN commands (one local, one remote) to update my web site. I have been looking into SVN post-commit hooks to solve this problem. The only problem is that apache does not have permission to modify files in my user directory...

So here is how everything is setup. I am running Slackware 13 full install. There have been no installations overriding any of the default installs.

From httpd.conf
Code:

# Enable user directories
#
UserDir public_html

<Directory "/home/*/public_html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    <Limit GET POST OPTIONS>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>

# Enable svn support:
#
LoadModule dav_svn_module lib/httpd/modules/mod_dav_svn.so
LoadModule authz_svn_module lib/httpd/modules/mod_authz_svn.so

<Location /svn>
    DAV svn 
    SVNParentPath /home/svn/repositories
    AuthName "blueSerf SVN Repository"
    AuthType Basic
    AuthUserFile /home/svn/.svn-auth-file
    Require valid-user
 </Location>

# Disallow browsing of SV working copy admin dirs.
<DirectoryMatch "^/.*/\.svn/">
    Order deny,allow
    Deny from all
</DirectoryMatch>

I have setup an SVN repository in my home directory (~blueAlien/public_html). Currently I have to issue "svn commit -m 'message'" from my local machine, and then "svn up" from the server to get the web site updated. I want to modify to post-hook script to do something similar to the following.

Code:

cd /home/blueAlien/public_html/
/usr/bin/svn up

Although, Apache does not have write permissions in my user directory. I have looked at a few different options for solving this issue. The first one involves writing a C script to handle calling svn, compiling it, giving it special permissions (chmod +s), and then running that from the post-commit hook. I really do not like this solution, as I would either have to compile one for each SVN repository that I create or modify it two handle multiple repositories. I am not a C developer, so this is really all over my head...

The second option is to change the permissions on my home directory and public_html folder to allow Apache to write files, which could also help in other future development projects I have. This is the route that I would like to take. So, my question is... what are your suggestions for accomplishing this in a secure manor? Please note the linked references I have supplied above.

Thanks.
Peace!

blueAlien 03-31-2010 05:15 AM

Update...
 
I have succeeded in getting my post-commit script to work, although it is still returning an error. Does anyone know how to get rid of this error?
Code:

Warning: Error waiting for process '/home/svn/repositories/dev/hooks/post-commit': No child processes
I have updated my permissions to the following.
Code:

drwxr-xr-x 4 dev  users  4096 2003-10-30 07:25 ./
drwxr-xr-x 8 root root  4096 2003-10-30 07:23 ../
drwxrwx--x 4 dev  apache 4096 2003-11-06 08:51 public_html/

The working copy in /home/dev/public_html has been checked out by the user apache.
My post-commit script reads:
Code:

#!/bin/sh

/usr/bin/svn up /home/dev/public_html --username username --password ******** --non-interactive >> /home/svn/logs/post-commit.log

The log file

I have also tried this... (which returns no errors)
Code:

su apache
env - ./post-commit



All times are GMT -5. The time now is 09:04 PM.