ssh issues

[Simon McClenahan <sm...@healthcompartners.com>]

We are using svn+ssh protocol to access a repository, and every so often I get a corrupt database error due to the fact that the BDB log files are not writable. A previous poster describes as follows:

> -----Original Message-----
> From: Pete Gonzalez [mailto:pgonzalez@bluel.com]
> Sent: Wednesday, January 14, 2004 8:02 PM
> To: users@subversion.tigris.org
> Subject: Suggestion for FAQ

> And when that was all working, I discovered a new problem:  The
> tunneled svn commands are running with the user account permissions,
> which means the Berkeley database files need writeable group flags
> or some such.  This completely defeats the svn permissions, since e.g.
> a user could just copy the entire Berkeley database directly.  And
> so I found some docs about writing setuid wrappers for the svn
> commands etc.


I also had the issue where I have Subversion installed in a non-standard place, and the path cannot be changed for the SSH login, so I had to create a symbolic link /usr/local/bin/svnserve to get it to work for the users


Then Perry Metzger started a thread regarding security and setuid/setgid, and a comment was made:

> -----Original Message-----
> From: Travis P [mailto:svn@castle.fastmail.fm]
> Sent: Friday, February 13, 2004 1:22 PM
> To: Garrett Rooney
> Cc: Brian Mathis; users@subversion.tigris.org; Perry E. Metzger
> Subject: Re: a few nits setting up svn...

> As Perry noticed, both use svnserve.  Brian's point is that the two 
> methods that are causing confusion use it in different ways.
> 
> 1) svn+ssh://  User tunnels to server and as himself runs 
> svnserve *as 
> himself*.  As mentioned many times, this is equivalent to file:// 
> access.
> 
> 2) Alternative method that uses the same components in a 
> different way:
> ssh tunnel with svn:// access via svnserve (which is configured to 
> allow localhost only connections).  User tunnels to server and the 
> opens a network connection to svnserve which performs the 
> action on the 
> user's behalf *with the permissions of the svnserve daemon.*  This 
> alternative method achieves the setuid feature that Perry desires.



My question is: what is the best way to set up svn+ssh access? I raised the issue because I got file permission problems with BDB, but apparently there are security issues as well (although I don't have the Subversion machine accessible through the Internet ... yet). Is svn: through SSH tunnel the best? Can I "fix" the BDB file ownership problem with setuid/setgid wrappers? Eventually I will go to http: access, but svn+ssh: is the only thing that works for me right now. Step-by-step instructions would be helpful :-)

- Simon



--------------------------
NOTE:  This message and any included attachments are from HealthCom Partners, LLC and are intended only for the addressee(s). The information contained herein may include trade secrets or privileged or otherwise confidential information. Unauthorized review, forwarding, printing, copying, distributing, or using such information is strictly prohibited and may be unlawful. If you received this message in error, or have reason to believe you are not authorized to receive it, please promptly delete this message and notify the sender by e-mail.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: ssh issues

["Perry E. Metzger" <pe...@piermont.com>]

"Simon McClenahan" <sm...@healthcompartners.com> writes:
> My question is: what is the best way to set up svn+ssh access?

Currently, I'm doing a group writable repository, using a small setgid
wrapper script around svnserve that I posted to the mailing list
recently. Things are all working quite well.

Perry

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org