LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Apache & SVN permissions
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 03-30-2010, 06:47 PM   #1
blueAlien
Member
 
Registered: May 2005
Location: Seattle, WA
Distribution: Slackware 13
Posts: 87

Rep: Reputation: 15
Apache & SVN permissions

I recently started using SVN with Apache for my web development, although I find it really annoying that I have to issue two SVN commands (one local, one remote) to update my web site. I have been looking into SVN post-commit hooks to solve this problem. The only problem is that apache does not have permission to modify files in my user directory...

So here is how everything is setup. I am running Slackware 13 full install. There have been no installations overriding any of the default installs.

From httpd.conf
Code:
# Enable user directories
#
UserDir public_html

<Directory "/home/*/public_html">
    AllowOverride FileInfo AuthConfig Limit Indexes
    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
    <Limit GET POST OPTIONS>
        Order allow,deny
        Allow from all
    </Limit>
    <LimitExcept GET POST OPTIONS>
        Order deny,allow
        Deny from all
    </LimitExcept>
</Directory>

# Enable svn support:
#
LoadModule dav_svn_module lib/httpd/modules/mod_dav_svn.so
LoadModule authz_svn_module lib/httpd/modules/mod_authz_svn.so

<Location /svn>
    DAV svn  
    SVNParentPath /home/svn/repositories
    AuthName "blueSerf SVN Repository"
    AuthType Basic
    AuthUserFile /home/svn/.svn-auth-file
    Require valid-user
 </Location>

# Disallow browsing of SV working copy admin dirs.
<DirectoryMatch "^/.*/\.svn/">
    Order deny,allow
    Deny from all
</DirectoryMatch>
I have setup an SVN repository in my home directory (~blueAlien/public_html). Currently I have to issue "svn commit -m 'message'" from my local machine, and then "svn up" from the server to get the web site updated. I want to modify to post-hook script to do something similar to the following.

Code:
cd /home/blueAlien/public_html/
/usr/bin/svn up
Although, Apache does not have write permissions in my user directory. I have looked at a few different options for solving this issue. The first one involves writing a C script to handle calling svn, compiling it, giving it special permissions (chmod +s), and then running that from the post-commit hook. I really do not like this solution, as I would either have to compile one for each SVN repository that I create or modify it two handle multiple repositories. I am not a C developer, so this is really all over my head...

The second option is to change the permissions on my home directory and public_html folder to allow Apache to write files, which could also help in other future development projects I have. This is the route that I would like to take. So, my question is... what are your suggestions for accomplishing this in a secure manor? Please note the linked references I have supplied above.

Thanks.
Peace!
 
Old 03-31-2010, 05:15 AM   #2
blueAlien
Member
 
Registered: May 2005
Location: Seattle, WA
Distribution: Slackware 13
Posts: 87

Original Poster
Rep: Reputation: 15
Update...
I have succeeded in getting my post-commit script to work, although it is still returning an error. Does anyone know how to get rid of this error?
Code:
Warning: Error waiting for process '/home/svn/repositories/dev/hooks/post-commit': No child processes
I have updated my permissions to the following.
Code:
drwxr-xr-x 4 dev  users  4096 2003-10-30 07:25 ./
drwxr-xr-x 8 root root   4096 2003-10-30 07:23 ../
drwxrwx--x 4 dev  apache 4096 2003-11-06 08:51 public_html/
The working copy in /home/dev/public_html has been checked out by the user apache.
My post-commit script reads:
Code:
#!/bin/sh

/usr/bin/svn up /home/dev/public_html --username username --password ******** --non-interactive >> /home/svn/logs/post-commit.log
The log file

I have also tried this... (which returns no errors)
Code:
su apache
env - ./post-commit
 
  


Reply

Tags
apache, directory, permissions, publichtml, slackware, svn, user


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
svn and unix file permissions davidcollins001 Linux - Software 1 05-29-2009 03:39 AM
anon svn read-only over apache: '.svn/entries': No such file hedpe Linux - Software 2 04-29-2009 05:31 AM
SVN Setup & User Permissions navvywavvy Linux - Security 3 12-05-2005 02:34 PM
Apache & PureFTPD Permissions and groups! DHR Linux - Newbie 2 09-05-2004 09:20 AM
Help, Apache & Permissions wburquhart Linux - Newbie 1 01-16-2004 05:53 PM


All times are GMT -5. The time now is 12:39 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration