You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Guido van Rossum <gu...@python.org> on 2003/08/19 20:22:45 UTC
need help setting up svn+ssh://
I'm a newbie svn administrator. I have no desire to become an Apache
administrator, so I'd like to use svnserve. I've got the 0.26 svn
RPMs installed under Red Hat 9.
I've successfully set up a svn repository. I configured svnserve to be
run by (x)inetd when a connection is made to port 3690. I created a
separate user 'subversion' and the svnserve process runs as this user.
I give the arguments "-r /home/subversion" to svnserve so I can use a
nice short url like svn://<host>/<repos> to check out from the
repository at /home/subversion/<repos>/.
This works fine, and we've been checking into and out of it for a
couple of weeks. But this way, all checkins are anonymous.
Reading the docs, I should be able to do (at least from a Unix client)
svn co svn+ssh://<host>/home/subversion/<repos>
To test this, I have added myself to the subversion group in
/etc/group; all the directories and files in the repository are group
writable and have user and group set to subversion. I am ssh'ing in
from the same host that is the server, because I've only got one Unix
host to test this with.
But no matter what I try, I get the following error messages:
svn: Couldn't find a repository
svn: No repository found in 'svn+ssh://<host>/home/subversion/<repos>'
Where can I buy a clue?
PS I'm not sure if I'm actually on this list; I sent a subscription
mail but didn't get a rseponse yet, so I'd appreciate being cc'ed on
responses. Thanks!
--Guido van Rossum (home page: http://www.python.org/~guido/)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Justin Johnson <ju...@fastmail.fm>.
Another thing I noticed... the -r option doesn't appear to do anything
for svnserve. When I specified -r /usr/local/svn, I can still access a
repo in /usr/local. Perhaps the -r option is only valid when svnserve is
daemonized???
-Justin
On Wed, 20 Aug 2003 13:28:17 -0600, "Justin Johnson"
<ju...@fastmail.fm> said:
> It appears to be a permission problem, with an extremely uninformative
> error message.
>
>
> [jjohn53@marmot jjohn53]$ svn co svn+ssh://marmot/usr/local/svn/repo1
> jjohn53@marmot's password:
> svn: Couldn't find a repository
> svn: No repository found in 'svn+ssh://marmot/usr/local/svn/repo1'
> [jjohn53@marmot jjohn53]$ svn co file:/usr/local/svn/repo1
> [jjohn53@marmot jjohn53]$ svn co file:/usr/local/svn/repo1 .
> svn: Bogus URL
> svn: `file:/usr/local/svn/repo1' does not appear to be a URL
> [jjohn53@marmot jjohn53]$ svn co file:///usr/local/svn/repo1 .
> svn: Couldn't open a repository.
> svn: Unable to open an ra_local session to URL
> svn: Unable to open repository 'file:///usr/local/svn/repo1'
> svn: Berkeley DB error
> svn: Berkeley DB error while opening environment for filesystem
> /usr/local/svn/repo1/db:
> Permission denied
>
>
> After running chmod -R 770 /usr/local/svn/repo1, everything worked fine.
>
>
> [jjohn53@marmot jjohn53]$ svn co file:///usr/local/svn/repo1 .
> Checked out revision 0.
> [jjohn53@marmot jjohn53]$
>
>
>
> On Tue, 19 Aug 2003 13:22:45 -0700, "Guido van Rossum" <gu...@python.org>
> said:
> > I'm a newbie svn administrator. I have no desire to become an Apache
> > administrator, so I'd like to use svnserve. I've got the 0.26 svn
> > RPMs installed under Red Hat 9.
> >
> > I've successfully set up a svn repository. I configured svnserve to be
> > run by (x)inetd when a connection is made to port 3690. I created a
> > separate user 'subversion' and the svnserve process runs as this user.
> > I give the arguments "-r /home/subversion" to svnserve so I can use a
> > nice short url like svn://<host>/<repos> to check out from the
> > repository at /home/subversion/<repos>/.
> >
> > This works fine, and we've been checking into and out of it for a
> > couple of weeks. But this way, all checkins are anonymous.
> >
> > Reading the docs, I should be able to do (at least from a Unix client)
> >
> > svn co svn+ssh://<host>/home/subversion/<repos>
> >
> > To test this, I have added myself to the subversion group in
> > /etc/group; all the directories and files in the repository are group
> > writable and have user and group set to subversion. I am ssh'ing in
> > from the same host that is the server, because I've only got one Unix
> > host to test this with.
> >
> > But no matter what I try, I get the following error messages:
> >
> > svn: Couldn't find a repository
> > svn: No repository found in 'svn+ssh://<host>/home/subversion/<repos>'
> >
> > Where can I buy a clue?
> >
> > PS I'm not sure if I'm actually on this list; I sent a subscription
> > mail but didn't get a rseponse yet, so I'd appreciate being cc'ed on
> > responses. Thanks!
> >
> > --Guido van Rossum (home page: http://www.python.org/~guido/)
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> > For additional commands, e-mail: users-help@subversion.tigris.org
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Sander Roobol <ph...@wanadoo.nl>.
On Sat, Aug 23, 2003 at 02:17:48PM +0200, Sander Striker wrote:
> I use wrappers for everything that accesses a repository directly:
> svn (for ra_local), svnlook, svnadmin, svnserve. This prevents a lot
> of messing up of permissions.
Wouldn't it make sense to create a configuration setting for this? So
one can just set a umask value in ~/.subversion/config?
(sigh... I need to remember to use reply-all)
Sander
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Ben Collins-Sussman <su...@collab.net>.
"Sander Striker" <st...@apache.org> writes:
> I use wrappers for everything that accesses a repository directly:
> svn (for ra_local), svnlook, svnadmin, svnserve. This prevents a lot
> of messing up of permissions.
Oy... this is why I hope (someday) that we can create an 'svnd' daemon
process that all of those programs talk to -- much like the way MySQL
has only a single daemon that touches the database. :-)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: need help setting up svn+ssh://
Posted by Sander Striker <st...@apache.org>.
> From: cmpilato@localhost.localdomain
> [mailto:cmpilato@localhost.localdomain]On Behalf Of cmpilato@collab.net
> Sent: Friday, August 22, 2003 7:47 AM
> "Steve Williams" <st...@kromestudios.com> writes:
>
> > I'm of the opinion that svnadmin should be a wrapper script by default then
> > in the official distributions. If this umask problem is such a big deal,
> > why not have svnadmin as a script in the official distribution?
>
> You, uh, mean 'svnserve', right?
I use wrappers for everything that accesses a repository directly:
svn (for ra_local), svnlook, svnadmin, svnserve. This prevents a lot
of messing up of permissions.
Sander
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Steve Williams <st...@kromestudios.com>.
> I'm coming in late here and maybe missing something. Why put the umask
> in a wrapper script rather than in the actual source?
Because svnserve is not just for Unix platforms. As Ben said, APR is the
portability layer and umask is Unix-specific.
Sly
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by "Jamin W. Collins" <jc...@asgardsrealm.net>.
On Fri, Aug 22, 2003 at 01:09:57AM -0500, cmpilato@collab.net wrote:
> "Steve Williams" <st...@kromestudios.com> writes:
>
> > Does using the umask hack adversely affect a non-SSH or inetd
> > svnserve process? If not, then it wouldn't hurt to use it. If it
> > would affect them, then I'm not sure what would be done.
>
> That's good question to ask. If we agree that it's safe in all
> circumstances to use the script, it would make sense to ship and
> install the script with the svnserve process.
I'm coming in late here and maybe missing something. Why put the umask
in a wrapper script rather than in the actual source?
--
Jamin W. Collins
Remember, root always has a loaded gun. Don't run around with it unless
you absolutely need it. -- Vineet Kumar
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by mark benedetto king <mb...@lowlatency.com>.
On Thu, Aug 21, 2003 at 11:34:36PM -0700, junkio@cox.net wrote:
>
> If so maybe calling umask(2) directly at the beginning of
> svnserve binary, instead of shipping a wrapper, would be
> cleaner. Better yet, do it with a command line switch perhaps,
> so that situations that need it (e.g. svn+ssh) can turn it on?
>
Since the umask change is, essentially, to share files beyond what
most users' normal umasks are, this is essentially a silent
degradation of security; not something that should be taken lightly.
An explicit approach would be to add an option, "--shared-repository",
or something, but I think that that's roughly the same as adding
a wrapper, anyway.
--ben
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Joey Hess <jo...@kitenet.net>.
junkio@cox.net wrote:
> If so maybe calling umask(2) directly at the beginning of
> svnserve binary, instead of shipping a wrapper, would be
> cleaner. Better yet, do it with a command line switch perhaps,
> so that situations that need it (e.g. svn+ssh) can turn it on?
On my subversion server, I found it was best to wrap svnserve, svn,
viewcvs, and svnadmin. This way I am guaranteed no user will mess up the
repository permissions, even if they are a local user, or the admin.
What I'd most like to see is a field in the repository that contains a
umask that all subversion code sets before accessing that repository.
--
see shy jo
Re: need help setting up svn+ssh://
Posted by ju...@cox.net.
>>>>> "BCS" == Ben Collins-Sussman <su...@collab.net> writes:
>> If so maybe calling umask(2) directly at the beginning of
>> svnserve binary, instead of shipping a wrapper, would be
>> cleaner. Better yet, do it with a command line switch perhaps,
>> so that situations that need it (e.g. svn+ssh) can turn it on?
BCS> Remember that we're using APR as our portability layer. umask() is a
BCS> Unix call, and I don't think there's any equivalent APR call that will
BCS> work on Win32.
I understand that trying to stick to APR is a worthy goal to
push the platform specific issues out of the main project, but
this may be sometimes inpractical, given that APR does not yet
cover all the platform specific issues. There are "#if[n]def
SVN_WIN32" sprinkled in places like libsvn_ra_local/split_url.c,
libsvn_subr/cmdline.c, libsvn_subr/io.c among other places
already, and I do not see much harm to do something like below
in an include file (IMHO #ifdef in include files are cleaner
than in C files):
/* I understand Win32 does not have a concept of masking the
* permission bits, so "wide open" is returned as "the
* previous mask" here.
*/
#ifdef SVN_WIN32
#define umask(ignored) 0777 /* ignored */
#endif
Checking this more explicitly by adding an autoconf check to
define HAS_UMASK to configure.in, and using that symbol instead
of SVN_WIN32 would be even cleaner. But I do not know Win32
environment well enough that its shell can even run configure
script, so I am just speculating here :-).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Ben Collins-Sussman <su...@collab.net>.
junkio@cox.net writes:
> >>>>> "cmpilato" == cmpilato <cm...@collab.net> writes:
>
> cmpilato> "Steve Williams" <st...@kromestudios.com> writes:
> >> Does using the umask hack adversely affect a non-SSH or inetd
> >> svnserve process? If not, then it wouldn't hurt to use it. If it
> >> would affect them, then I'm not sure what would be done.
>
> cmpilato> That's good question to ask. If we agree that it's safe in all
> cmpilato> circumstances to use the script, it would make sense to ship and
> cmpilato> install the script with the svnserve process.
>
> If so maybe calling umask(2) directly at the beginning of
> svnserve binary, instead of shipping a wrapper, would be
> cleaner. Better yet, do it with a command line switch perhaps,
> so that situations that need it (e.g. svn+ssh) can turn it on?
Remember that we're using APR as our portability layer. umask() is a
Unix call, and I don't think there's any equivalent APR call that will
work on Win32.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by ju...@cox.net.
>>>>> "cmpilato" == cmpilato <cm...@collab.net> writes:
cmpilato> "Steve Williams" <st...@kromestudios.com> writes:
>> Does using the umask hack adversely affect a non-SSH or inetd
>> svnserve process? If not, then it wouldn't hurt to use it. If it
>> would affect them, then I'm not sure what would be done.
cmpilato> That's good question to ask. If we agree that it's safe in all
cmpilato> circumstances to use the script, it would make sense to ship and
cmpilato> install the script with the svnserve process.
If so maybe calling umask(2) directly at the beginning of
svnserve binary, instead of shipping a wrapper, would be
cleaner. Better yet, do it with a command line switch perhaps,
so that situations that need it (e.g. svn+ssh) can turn it on?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by cm...@collab.net.
"Steve Williams" <st...@kromestudios.com> writes:
> Does using the umask hack adversely affect a non-SSH or inetd
> svnserve process? If not, then it wouldn't hurt to use it. If it
> would affect them, then I'm not sure what would be done.
That's good question to ask. If we agree that it's safe in all
circumstances to use the script, it would make sense to ship and
install the script with the svnserve process.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Steve Williams <st...@kromestudios.com>.
Does using the umask hack adversely affect a non-SSH or inetd svnserve
process? If not, then it wouldn't hurt to use it. If it would affect them,
then I'm not sure what would be done.
Sly
cmpilato@collab.net wrote:
> "Steve Williams" <st...@kromestudios.com> writes:
>
>> Uhh, yeah... that one. *grin*
>>
>> cmpilato@collab.net wrote:
>>> "Steve Williams" <st...@kromestudios.com> writes:
>>>
>>>> I'm of the opinion that svnadmin should be a wrapper script by
>>>> default then in the official distributions. If this umask problem
>>>> is such a big deal, why not have svnadmin as a script in the
>>>> official distribution?
>>>
>>> You, uh, mean 'svnserve', right?
>
> Now, to address the actual question. Actually, I have to first ask a
> question -- do all uses of svnserve require the umask hack? My
> understanding was that this was only a problem that only occurs in the
> svn+ssh scenario, and that a non-SSH daemonized or inetd'd svnserve
> process doesn't run into these umask problems.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by cm...@collab.net.
"Steve Williams" <st...@kromestudios.com> writes:
> Uhh, yeah... that one. *grin*
>
> cmpilato@collab.net wrote:
> > "Steve Williams" <st...@kromestudios.com> writes:
> >
> >> I'm of the opinion that svnadmin should be a wrapper script by
> >> default then in the official distributions. If this umask problem
> >> is such a big deal, why not have svnadmin as a script in the
> >> official distribution?
> >
> > You, uh, mean 'svnserve', right?
Now, to address the actual question. Actually, I have to first ask a
question -- do all uses of svnserve require the umask hack? My
understanding was that this was only a problem that only occurs in the
svn+ssh scenario, and that a non-SSH daemonized or inetd'd svnserve
process doesn't run into these umask problems.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Steve Williams <st...@kromestudios.com>.
Uhh, yeah... that one. *grin*
cmpilato@collab.net wrote:
> "Steve Williams" <st...@kromestudios.com> writes:
>
>> I'm of the opinion that svnadmin should be a wrapper script by
>> default then in the official distributions. If this umask problem
>> is such a big deal, why not have svnadmin as a script in the
>> official distribution?
>
> You, uh, mean 'svnserve', right?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by cm...@collab.net.
"Steve Williams" <st...@kromestudios.com> writes:
> I'm of the opinion that svnadmin should be a wrapper script by default then
> in the official distributions. If this umask problem is such a big deal,
> why not have svnadmin as a script in the official distribution?
You, uh, mean 'svnserve', right?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Steve Williams <st...@kromestudios.com>.
I'm of the opinion that svnadmin should be a wrapper script by default then
in the official distributions. If this umask problem is such a big deal,
why not have svnadmin as a script in the official distribution?
Sly
Michael Wood wrote:
> Hi
>
> On Thu, Aug 21, 2003 at 08:37:05AM +1000, Steve Williams wrote:
> [snip]
>>> Your wrapper could be:
>>> #!/bin/sh
>>> umask 0007
>>> exec /path/to/real/svnserve "$@"
>>>
>>> As long as everyone is in the same group.
>>
>> This has been the single most helpful response to this issue that I
>> have seen. I love seeing examples, but it often seems to be assumed
>> that everyone is a Linux expert and knows exactly what to do to
>> create a wrapper script that sets the umask (I don't even know what
>> the umask does).
>
> Glad you liked it :)
>
> The umask just tells things what permission bits not to set on new
> files.
>
> e.g.:
>
> $ cd /tmp
> $ rm -f test
> $ umask 0000
> $ ls -l test
> -rw-rw-rw- 1 michael michael 0 Aug 21 17:14 test
> $ rm test
> $ umask 7777
> $ ls -l test
> ---------- 1 michael michael 0 Aug 21 17:29 test
>
> This does not mean that a process is unable to set the permission bits
> in the umask. It's just specifies the default permission bits to
> leave unset.
>
> man umask for more details. Also search for umask in the bash man
> page.
>
>> Another question related to this: do we call the wrapper script
>> 'svnserve' as well? If so, how do we make sure the wrapper script is
>> executed instead of the real svnserve? Yes I'm a Linux newbie.
> [snip]
>
> You could rename the real svnserve to svnserve.bin and call the
> wrapper svnserve. Then in the wrapper refer to svnserve.bin.
>
> Otherwise, if you are using ssh keys with the "command=blah" in
> authorized_keys, then you could just refer to the wrapper (e.g.
> command="svnserve.wrapper -r /blah -t")
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Michael Wood <mw...@its.uct.ac.za>.
Hi
On Thu, Aug 21, 2003 at 08:37:05AM +1000, Steve Williams wrote:
[snip]
> > Your wrapper could be:
> > #!/bin/sh
> > umask 0007
> > exec /path/to/real/svnserve "$@"
> >
> > As long as everyone is in the same group.
>
> This has been the single most helpful response to this issue that I
> have seen. I love seeing examples, but it often seems to be assumed
> that everyone is a Linux expert and knows exactly what to do to create
> a wrapper script that sets the umask (I don't even know what the umask
> does).
Glad you liked it :)
The umask just tells things what permission bits not to set on new
files.
e.g.:
$ cd /tmp
$ rm -f test
$ umask 0000
$ ls -l test
-rw-rw-rw- 1 michael michael 0 Aug 21 17:14 test
$ rm test
$ umask 7777
$ ls -l test
---------- 1 michael michael 0 Aug 21 17:29 test
This does not mean that a process is unable to set the permission bits
in the umask. It's just specifies the default permission bits to leave
unset.
man umask for more details. Also search for umask in the bash man page.
> Another question related to this: do we call the wrapper script
> 'svnserve' as well? If so, how do we make sure the wrapper script is
> executed instead of the real svnserve? Yes I'm a Linux newbie.
[snip]
You could rename the real svnserve to svnserve.bin and call the wrapper
svnserve. Then in the wrapper refer to svnserve.bin.
Otherwise, if you are using ssh keys with the "command=blah" in
authorized_keys, then you could just refer to the wrapper (e.g.
command="svnserve.wrapper -r /blah -t")
--
Michael Wood <mw...@its.uct.ac.za>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Steve Williams <st...@kromestudios.com>.
>> (Also, a future warning: because a bunch of users will be
>> reading/writing the berkeley-db repository files, be careful about
>> permissions and umasks. Many people make the 'svnserve' process on
>> the server into a wrapper-script which 1) sets a sane umask, 2) runs
>> the real svnserve.)
> [snip]
>
> Yes. To be slightly more explicit about this, all users need *write*
> access to the Berkeley DB files even for apparently readonly
> operations. If one user runs some svn command with the wrong umask,
> it will cause problems for other people.
>
> Your wrapper could be:
> #!/bin/sh
> umask 0007
> exec /path/to/real/svnserve "$@"
>
> As long as everyone is in the same group.
This has been the single most helpful response to this issue that I have
seen. I love seeing examples, but it often seems to be assumed that
everyone is a Linux expert and knows exactly what to do to create a wrapper
script that sets the umask (I don't even know what the umask does).
Another question related to this: do we call the wrapper script 'svnserve'
as well? If so, how do we make sure the wrapper script is executed instead
of the real svnserve? Yes I'm a Linux newbie.
Sly
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Michael Wood <mw...@its.uct.ac.za>.
On Fri, Aug 22, 2003 at 10:06:46AM -0500, Ben Collins-Sussman wrote:
> Guido van Rossum <gu...@python.org> writes:
>
[snip]
> > But then ANOTHER issue came up, once the second developer used ssh
> > tunneling: THE <repos>/db DIRECTORY NEEDS TO HAVE THE SETGID BIT SET!
> > (I don't know about other directories under <repos>, or <repos>
> > itself.) Without this, files created by user x will have owner and
> > group set to x, and that defeats the group writability for other
> > members of the subversion group. (Our setup lets everyone log in via
> > ssh as themselves, and has a separate subversion group that you must
> > be in before you can use svnserve. The subversion group is nobody's
> > primary group.)
>
> I'll make a note to add this to the appropriate place in the book,
> where it discusses creating a umask wrapper around svnserve.
*BSD doesn't need the setgid bit set. Linux uses the setgid bit on
directories to mean "do what *BSD does." I don't know about other
Unixen.
--
Michael Wood <mw...@its.uct.ac.za>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Guido van Rossum <gu...@python.org>.
> > So I expect that you *can* distinguish between (paraphrasing) "no
> > database there" and "no permission to open that database" from the
> > BerkeleyDB error code. In that case I would recommend passing the
> > most specific error (anything else than "no database there") back to
> > the client. You could also try to detect the repository through
> > different means, e.g. looking for something that has a subdirectory
> > named "db", and only trying the BerkeleyDB open call if that is
> > found.
>
> There was actually a patch committed (yesterday?) to do just this.
> Previously the error was not being propagated back up to the client.
>
> In the future, errors like this should produce output like this:
>
> svn: Couldn't find a repository
> svn: No repository found in 'svn://localhost/home/svn/trunk'
> svn: Berkeley DB error
> svn: Berkeley DB error while opening environment for filesystem
> /home/svn/db: Permission denied
>
> (Well, according the the submitter's post to the list it should, I
> haven't actually tested it because I don't have a current version of svn
> built at the moment.)
Cool. I'll see if I can install just the svnserve binary built from
the latest source -- I still haven't figured out why svn built from
source core dumps for me (nor even how to actually get a core dump, or
where the core gets dumped).
--Guido van Rossum (home page: http://www.python.org/~guido/)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Garrett Rooney <ro...@electricjellyfish.net>.
Guido van Rossum wrote:
> So I expect that you *can* distinguish between (paraphrasing) "no
> database there" and "no permission to open that database" from the
> BerkeleyDB error code. In that case I would recommend passing the
> most specific error (anything else than "no database there") back to
> the client. You could also try to detect the repository through
> different means, e.g. looking for something that has a subdirectory
> named "db", and only trying the BerkeleyDB open call if that is
> found.
There was actually a patch committed (yesterday?) to do just this.
Previously the error was not being propagated back up to the client.
In the future, errors like this should produce output like this:
svn: Couldn't find a repository
svn: No repository found in 'svn://localhost/home/svn/trunk'
svn: Berkeley DB error
svn: Berkeley DB error while opening environment for filesystem
/home/svn/db: Permission denied
(Well, according the the submitter's post to the list it should, I
haven't actually tested it because I don't have a current version of svn
built at the moment.)
-garrett
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Guido van Rossum <gu...@python.org>.
> > Request to the svnserve developers: try to distinguish between
> > permission problems on the repository and "no repository found".
>
> This is a common problem, many have complained. I'm not sure how to
> fix it, though. Ultimately it's BerkeleyDB that throws an error, and
> I think it's pretty vague -- like "hey, I couldn't open the db
> environment." BerkeleyDB never says *why* it couldn't open the
> environment (permission problem? is it not there? etc.) So
> Subversion is just relaying the same vague message back to the user.
> I wonder if we can make this situation better, somehow.
That's not quite true. I looked at the code in svnserve and it throws
away the BerkeleyDB error, replacing it with a generic svn error
instead. (I'd give the line number but I don't have svn checked out
here.) This is understandable because when you pass it something like
svn://host/path/to/repos/sub/subsub/subsubsubdir
it doesn't know where the path to the repository ends and where the
subdirectories of the repository begin, so it tries every possibility
(from the back) until it gets a hit.
But I recall printing the error that BerkeleyDB gave, and noticing
immediately that it complained about permissions, which helped me
track down the problem (and also later problems that were variations
of the first one -- all had to do with broken permissions).
So I expect that you *can* distinguish between (paraphrasing) "no
database there" and "no permission to open that database" from the
BerkeleyDB error code. In that case I would recommend passing the
most specific error (anything else than "no database there") back to
the client. You could also try to detect the repository through
different means, e.g. looking for something that has a subdirectory
named "db", and only trying the BerkeleyDB open call if that is
found.
--Guido van Rossum (home page: http://www.python.org/~guido/)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Tobias Ringström <to...@ringstrom.mine.nu>.
Ben Collins-Sussman wrote:
> Guido van Rossum <gu...@python.org> writes:
>
>>Request to the svnserve developers: try to distinguish between
>>permission problems on the repository and "no repository found".
>
> This is a common problem, many have complained. I'm not sure how to
> fix it, though. Ultimately it's BerkeleyDB that throws an error, and
> I think it's pretty vague -- like "hey, I couldn't open the db
> environment." BerkeleyDB never says *why* it couldn't open the
> environment (permission problem? is it not there? etc.) So
> Subversion is just relaying the same vague message back to the user.
> I wonder if we can make this situation better, somehow.
It's actually quite easy to fix. I have a patch to do that in my tree,
and I plan to send it to the list for review after I've cleaned it up a bit.
Note that there are two problems. The first one is that svnserve does
not "relay" any errors from the open_repos call. The second one is that
we do not have an error code to use when BDB returns EACCESS. My fix
adresses both these issues.
I'll be back! ;-)
/Tobias
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Ben Collins-Sussman <su...@collab.net>.
Guido van Rossum <gu...@python.org> writes:
> Request to the svnserve developers: try to distinguish between
> permission problems on the repository and "no repository found".
This is a common problem, many have complained. I'm not sure how to
fix it, though. Ultimately it's BerkeleyDB that throws an error, and
I think it's pretty vague -- like "hey, I couldn't open the db
environment." BerkeleyDB never says *why* it couldn't open the
environment (permission problem? is it not there? etc.) So
Subversion is just relaying the same vague message back to the user.
I wonder if we can make this situation better, somehow.
> But then ANOTHER issue came up, once the second developer used ssh
> tunneling: THE <repos>/db DIRECTORY NEEDS TO HAVE THE SETGID BIT SET!
> (I don't know about other directories under <repos>, or <repos>
> itself.) Without this, files created by user x will have owner and
> group set to x, and that defeats the group writability for other
> members of the subversion group. (Our setup lets everyone log in via
> ssh as themselves, and has a separate subversion group that you must
> be in before you can use svnserve. The subversion group is nobody's
> primary group.)
I'll make a note to add this to the appropriate place in the book,
where it discusses creating a umask wrapper around svnserve.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Guido van Rossum <gu...@python.org>.
> [snip]
> > There are two non-mutually-exclusive (but independent ways) to run
> > svnserve:
> >
> > 1. have a daemon listening on port 3690, clients connected
> > unauthenticated.
>
> Or have (x)inetd start it as Guido has done, of course, which is
> equivalent.
Right.
> > 2. have clients use their own ssh binaries to spawn "private"
> > svnserve processes on the server. They authenticate via ssh,
> > and the svnserve process runs as their own UID.
> >
> > So it sounds like you want case #2, in which case, there was no need
> > to set up case #1, unless you want to provide anonymous read-access to
> > people someday.
I did it this way initially because I needed write access from a
Windows box and I hadn't figured out how to tunnel through SSH from
there (in a way that I felt comfortable explaining to the other
developers). I am now happily using PLINK (see below).
> > > But no matter what I try, I get the following error messages:
> > >
> > > svn: Couldn't find a repository
> > > svn: No repository found in 'svn+ssh://<host>/home/subversion/<repos>'
> >
> > svn+ssh:// requires that you use an *absolute* path after the
> > hostname. Is that what you're doing?
Yes.
> To get around this, you can use the "-r" switch to svnserve. Just bare
> in mind that in "tunnel" mode (i.e. when using the svnserve protocol
> over SSH etc.) svnserve must be run with the -t switch. Otherwise
> everything will still be anonymous. You can do this by using SSH keys
> and then putting something like this in the authorized_keys file:
>
> command="svnserve -t -r /home/svn" ssh-dss AAAAB3...
>
> (see the ssh docs for more details.)
I don't understand this, but it's irrelevant.
> This is not necessary if you do not want to use the "-r" switch.
Right.
> > (Also, a future warning: because a bunch of users will be
> > reading/writing the berkeley-db repository files, be careful about
> > permissions and umasks. Many people make the 'svnserve' process on
> > the server into a wrapper-script which 1) sets a sane umask, 2) runs
> > the real svnserve.)
> [snip]
>
> Yes. To be slightly more explicit about this, all users need *write*
> access to the Berkeley DB files even for apparently readonly operations.
> If one user runs some svn command with the wrong umask, it will cause
> problems for other people.
>
> Your wrapper could be:
> #!/bin/sh
> umask 0007
> exec /path/to/real/svnserve "$@"
>
> As long as everyone is in the same group.
This was my problem. I *thought* I was in the subversion group (my
umask was correct and I had added myself to the subversion group in
/etc/group) but I wasn't; I didn't know about /etc/gshadow. Once I
was *really* in the subversion group, it worked.
Request to the svnserve developers: try to distinguish between
permission problems on the repository and "no repository found". I
had to add logging statements to the svnserve source to figure out
that the problem had something to do with permissions on the database.
But then ANOTHER issue came up, once the second developer used ssh
tunneling: THE <repos>/db DIRECTORY NEEDS TO HAVE THE SETGID BIT SET!
(I don't know about other directories under <repos>, or <repos>
itself.) Without this, files created by user x will have owner and
group set to x, and that defeats the group writability for other
members of the subversion group. (Our setup lets everyone log in via
ssh as themselves, and has a separate subversion group that you must
be in before you can use svnserve. The subversion group is nobody's
primary group.)
You may want to add this to the svnserve docs if it's not already
there. I got everything I know from the INSTALL (?) file in the svn
source tree, it's a bit sparse on details.
> By the way, svn+ssh://blah works fine on Windows too. At least I've
> tried it out with a Windows client connecting to a Linux server. I
> think other people on the dev@subversion.tigris.org list have it working
> with a Windows SSH server too, but I could be wrong.
>
> You can use plink.exe as the ssh client. Get it from the Putty download
> page.
Right, I already got it.
> One funny thing when setting this up under Windows is that you seem to
> have to use double backslashes or single forward slashes in the config
> file to specify the path to the SSH executable if it's not in your PATH.
>
> e.g.:
> [tunnels]
> ssh = C:/blah/plink.exe
> # or ssh = C:\\blah\\plink.exe
Right; I presume something is doing an extra pass of backslash
interpolation. I ended up avoiding either and copying plink.exe into
the \WINDOWS directory. :-)
--Guido van Rossum (home page: http://www.python.org/~guido/)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Michael Wood <mw...@its.uct.ac.za>.
On Wed, Aug 20, 2003 at 08:18:01AM -0500, Ben Collins-Sussman wrote:
> Guido van Rossum <gu...@python.org> writes:
>
[snip]
> There are two non-mutually-exclusive (but independent ways) to run
> svnserve:
>
> 1. have a daemon listening on port 3690, clients connected
> unauthenticated.
Or have (x)inetd start it as Guido has done, of course, which is
equivalent.
> 2. have clients use their own ssh binaries to spawn "private"
> svnserve processes on the server. They authenticate via ssh,
> and the svnserve process runs as their own UID.
>
> So it sounds like you want case #2, in which case, there was no need
> to set up case #1, unless you want to provide anonymous read-access to
> people someday.
>
> > But no matter what I try, I get the following error messages:
> >
> > svn: Couldn't find a repository
> > svn: No repository found in 'svn+ssh://<host>/home/subversion/<repos>'
>
> svn+ssh:// requires that you use an *absolute* path after the
> hostname. Is that what you're doing?
To get around this, you can use the "-r" switch to svnserve. Just bare
in mind that in "tunnel" mode (i.e. when using the svnserve protocol
over SSH etc.) svnserve must be run with the -t switch. Otherwise
everything will still be anonymous. You can do this by using SSH keys
and then putting something like this in the authorized_keys file:
command="svnserve -t -r /home/svn" ssh-dss AAAAB3...
(see the ssh docs for more details.)
This is not necessary if you do not want to use the "-r" switch.
> (Also, a future warning: because a bunch of users will be
> reading/writing the berkeley-db repository files, be careful about
> permissions and umasks. Many people make the 'svnserve' process on
> the server into a wrapper-script which 1) sets a sane umask, 2) runs
> the real svnserve.)
[snip]
Yes. To be slightly more explicit about this, all users need *write*
access to the Berkeley DB files even for apparently readonly operations.
If one user runs some svn command with the wrong umask, it will cause
problems for other people.
Your wrapper could be:
#!/bin/sh
umask 0007
exec /path/to/real/svnserve "$@"
As long as everyone is in the same group.
By the way, svn+ssh://blah works fine on Windows too. At least I've
tried it out with a Windows client connecting to a Linux server. I
think other people on the dev@subversion.tigris.org list have it working
with a Windows SSH server too, but I could be wrong.
You can use plink.exe as the ssh client. Get it from the Putty download
page.
One funny thing when setting this up under Windows is that you seem to
have to use double backslashes or single forward slashes in the config
file to specify the path to the SSH executable if it's not in your PATH.
e.g.:
[tunnels]
ssh = C:/blah/plink.exe
# or ssh = C:\\blah\\plink.exe
--
Michael Wood <mw...@its.uct.ac.za>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Ben Collins-Sussman <su...@collab.net>.
Guido van Rossum <gu...@python.org> writes:
> I've spent nearly a day trying to build from source, and failed. It
> may be a RH9 problem. I've heard problems about building Python on
> that system too, though I haven't run into them myself. Even
> switching to all-static linking didn't help. Building svn needs to
> become easier before 1.0, folks!
Can you be more specific? Svn has a lot of dependencies... was that
the problem?
Building the tarball should be a no-brainer:
./configure
make
make install
At least, that will give you an http:// and svn:// capable client.
It's totally self-contained.
Maybe you ran into problems with building/detecting BerkeleyDB, so you
could compile svnserve or mod_dav_svn?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Steve Williams <st...@kromestudios.com>.
> > On http://subversion.tigris.org/project_packages.html there's a
> > purported link to Red Hat 9 RPMs, but it points to a page that only
> > has RH8 RPMs. I did eventually find RH9 RPMs, but don't recall where
> > I got them. But they work!
summersoft.fay.ar.us has RPMs for RH7, 8 and 9. Easy to find. All linked
on the Distributions page. I've use summersoft to get all my RH9 Subversion
RPMs.
> sudo rpm -Uvh subversion.mumble (from the page you posted)
> unresolved dependencies (perl-something).
If you check back through the archives, you will see my (painful) adventures
in trying to sort out RPM package dependencies on a freshly-installed RH9
system from a complete newbie perspective. Here is my idiot's guide to
installing Subversion. This was written for Subversion 0.23 I believe, so
some of the steps may no longer be necessary. As for cpanflute2, I think
CPAN are now offering RPM packages.
First of all, do not install mod_perl, mod_php or mod_python in Apache 2.0.
These will prevent a clean upgrade to Apache 2.0.47.
Download apt-get
# wget
http://ftp.freshrpms.net/pub/freshrpms/redhat/9/apt/apt-0.5.5cnc6-fr1.i386.rpm
Install it (remember that you must be logged in as root, ie. su root)
# rpm –Uvh apt-0.5.5cnc6-fr1.i386.rpm
First you must update the packages that apt-get knows about
# apt-get update
Use apt-get to download and install cpanflute2
# apt-get install perl-RPM-Specfile
Download the Config-IniFiles-2.38 module from CPAN
# wget http://www.cpan.org/authors/id/W/WA/WADG/Config-IniFiles-2.38.tar.gz
Use cpanflute2 to compile the RPMs for Config-IniFiles
# cpanflute2 --buildall Config-IniFiles-2.38.tar.gz
Install the newly created RPM
# rpm -Uvh perl-Config-IniFiles-2.38.i386.rpm
Get the latest perl-CGI package (required by subversion-tools)
# apt-get install perl-CGI
Download the RPMs for Subversion (all except devel RPMs)
http://summersoft.fay.ar.us/pub/subversion/i386/subversion-latest/redhat-9.x/
Now you can update Subversion
# rpm -Uvh *.rpm
Subversion should now be successfully (and cleanly) installed.
> So I tried yum instead (HIGHLY recommended; google duke and yum)
> sudo yum install subversion
> resolving dependencies... (several)
> done
Never heard of 'yum' before. What a goofy name. :)
Sly
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by "Brad Cox, Ph.D." <bc...@virtc.com>.
Working from several day old memory (notoriously unreliable), I had a
similar problem on Redhat 9.0
sudo rpm -Uvh subversion.mumble (from the page you posted)
unresolved dependencies (perl-something).
So I tried yum instead (HIGHLY recommended; google duke and yum)
sudo yum install subversion
resolving dependencies... (several)
done
MUCH better! I believe the version installed though is somewhat old, and
didn't realize I should use it only to download a later one. Once I did
that it worked flawlessly.
PS: Why perl? I thought only python was involved.
On Fri, 2003-08-22 at 10:53, Guido van Rossum wrote:
> > > I'm a newbie svn administrator. I have no desire to become an Apache
> > > administrator, so I'd like to use svnserve. I've got the 0.26 svn
> > > RPMs installed under Red Hat 9.
> >
> > We're up to 0.27 now, and 0.28 will be released this weekend. Where
> > are you getting your RPMs from?
>
> I don't recall, but the last time I searched for "subversion download
> RPM" on Google, I only found RPMs for Red Hat 8.
>
> On http://subversion.tigris.org/project_packages.html there's a
> purported link to Red Hat 9 RPMs, but it points to a page that only
> has RH8 RPMs. I did eventually find RH9 RPMs, but don't recall where
> I got them. But they work!
>
> BTW, that page is a bit hard to find from the svn home page. It took
> me a while to think of clicking on "Distributions" -- almost every
> website I've ever seen uses "Downloads" for this. "Source code" also
> didn't seem right.
>
> I've spent nearly a day trying to build from source, and failed. It
> may be a RH9 problem. I've heard problems about building Python on
> that system too, though I haven't run into them myself. Even
> switching to all-static linking didn't help. Building svn needs to
> become easier before 1.0, folks! (Ditto for managing a server, see my
> previous email.)
>
> --Guido van Rossum (home page: http://www.python.org/~guido/)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by kf...@collab.net.
Guido van Rossum <gu...@python.org> writes:
> BTW, that page is a bit hard to find from the svn home page. It took
> me a while to think of clicking on "Distributions" -- almost every
> website I've ever seen uses "Downloads" for this. "Source code" also
> didn't seem right.
I'm planning some web site improvements; will include this one, thanks.
-K
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Guido van Rossum <gu...@python.org>.
> > I'm a newbie svn administrator. I have no desire to become an Apache
> > administrator, so I'd like to use svnserve. I've got the 0.26 svn
> > RPMs installed under Red Hat 9.
>
> We're up to 0.27 now, and 0.28 will be released this weekend. Where
> are you getting your RPMs from?
I don't recall, but the last time I searched for "subversion download
RPM" on Google, I only found RPMs for Red Hat 8.
On http://subversion.tigris.org/project_packages.html there's a
purported link to Red Hat 9 RPMs, but it points to a page that only
has RH8 RPMs. I did eventually find RH9 RPMs, but don't recall where
I got them. But they work!
BTW, that page is a bit hard to find from the svn home page. It took
me a while to think of clicking on "Distributions" -- almost every
website I've ever seen uses "Downloads" for this. "Source code" also
didn't seem right.
I've spent nearly a day trying to build from source, and failed. It
may be a RH9 problem. I've heard problems about building Python on
that system too, though I haven't run into them myself. Even
switching to all-static linking didn't help. Building svn needs to
become easier before 1.0, folks! (Ditto for managing a server, see my
previous email.)
--Guido van Rossum (home page: http://www.python.org/~guido/)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Ben Collins-Sussman <su...@collab.net>.
Guido van Rossum <gu...@python.org> writes:
> Where can I buy a clue?
Open-source celebrities get them for free. :-)
> I'm a newbie svn administrator. I have no desire to become an Apache
> administrator, so I'd like to use svnserve. I've got the 0.26 svn
> RPMs installed under Red Hat 9.
We're up to 0.27 now, and 0.28 will be released this weekend. Where
are you getting your RPMs from?
> I've successfully set up a svn repository. I configured svnserve to be
> run by (x)inetd when a connection is made to port 3690.
No need for this. Take a look at chapter 5 in the subversion book
(svnbook.red-bean.com). There's a section about svnserve in there.
There are two non-mutually-exclusive (but independent ways) to run
svnserve:
1. have a daemon listening on port 3690, clients connected
unauthenticated.
2. have clients use their own ssh binaries to spawn "private"
svnserve processes on the server. They authenticate via ssh,
and the svnserve process runs as their own UID.
So it sounds like you want case #2, in which case, there was no need
to set up case #1, unless you want to provide anonymous read-access to
people someday.
> But no matter what I try, I get the following error messages:
>
> svn: Couldn't find a repository
> svn: No repository found in 'svn+ssh://<host>/home/subversion/<repos>'
svn+ssh:// requires that you use an *absolute* path after the
hostname. Is that what you're doing?
(Also, a future warning: because a bunch of users will be
reading/writing the berkeley-db repository files, be careful about
permissions and umasks. Many people make the 'svnserve' process on
the server into a wrapper-script which 1) sets a sane umask, 2) runs
the real svnserve.)
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: need help setting up svn+ssh://
Posted by Justin Johnson <ju...@fastmail.fm>.
It appears to be a permission problem, with an extremely uninformative
error message.
[jjohn53@marmot jjohn53]$ svn co svn+ssh://marmot/usr/local/svn/repo1
jjohn53@marmot's password:
svn: Couldn't find a repository
svn: No repository found in 'svn+ssh://marmot/usr/local/svn/repo1'
[jjohn53@marmot jjohn53]$ svn co file:/usr/local/svn/repo1
[jjohn53@marmot jjohn53]$ svn co file:/usr/local/svn/repo1 .
svn: Bogus URL
svn: `file:/usr/local/svn/repo1' does not appear to be a URL
[jjohn53@marmot jjohn53]$ svn co file:///usr/local/svn/repo1 .
svn: Couldn't open a repository.
svn: Unable to open an ra_local session to URL
svn: Unable to open repository 'file:///usr/local/svn/repo1'
svn: Berkeley DB error
svn: Berkeley DB error while opening environment for filesystem
/usr/local/svn/repo1/db:
Permission denied
After running chmod -R 770 /usr/local/svn/repo1, everything worked fine.
[jjohn53@marmot jjohn53]$ svn co file:///usr/local/svn/repo1 .
Checked out revision 0.
[jjohn53@marmot jjohn53]$
On Tue, 19 Aug 2003 13:22:45 -0700, "Guido van Rossum" <gu...@python.org>
said:
> I'm a newbie svn administrator. I have no desire to become an Apache
> administrator, so I'd like to use svnserve. I've got the 0.26 svn
> RPMs installed under Red Hat 9.
>
> I've successfully set up a svn repository. I configured svnserve to be
> run by (x)inetd when a connection is made to port 3690. I created a
> separate user 'subversion' and the svnserve process runs as this user.
> I give the arguments "-r /home/subversion" to svnserve so I can use a
> nice short url like svn://<host>/<repos> to check out from the
> repository at /home/subversion/<repos>/.
>
> This works fine, and we've been checking into and out of it for a
> couple of weeks. But this way, all checkins are anonymous.
>
> Reading the docs, I should be able to do (at least from a Unix client)
>
> svn co svn+ssh://<host>/home/subversion/<repos>
>
> To test this, I have added myself to the subversion group in
> /etc/group; all the directories and files in the repository are group
> writable and have user and group set to subversion. I am ssh'ing in
> from the same host that is the server, because I've only got one Unix
> host to test this with.
>
> But no matter what I try, I get the following error messages:
>
> svn: Couldn't find a repository
> svn: No repository found in 'svn+ssh://<host>/home/subversion/<repos>'
>
> Where can I buy a clue?
>
> PS I'm not sure if I'm actually on this list; I sent a subscription
> mail but didn't get a rseponse yet, so I'd appreciate being cc'ed on
> responses. Thanks!
>
> --Guido van Rossum (home page: http://www.python.org/~guido/)
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org