You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Sancho Neves-Graca <sa...@neves-graca.org> on 2003/10/14 16:40:19 UTC
Repository file permissions
Hello,
I have a question about file ownership regarding DB.
To access a SVN repository hosted on Mac OS X 10.2 stored in the
filesystem at /usr/local/svn/repos1 and served through Apache, I
changed ownership of /usr/local/svn/repos1 to the user www and group
www:
% sudo chown -R www /usr/local/svn/repos1
% sudo chgrp -R www /usr/local/svn/repos1
Otherwise, DB would issue the following error:
Berkeley DB error while opening environment for filesystem
/usr/local/svn/repos1/db: Permission denied
Whenever I want to use svnadmin I change ownership of the directory and
its contents with
% sudo chown -R <uid> /usr/local/svn/repos1
% sudo chgrp -R <gid> /usr/local/svn/repos1
where <uid> and <gid> are replaced with the IDs of my user.
The problem with this approach is that it prevents me from setting a
post-commit hook for incremental repository dumps: the script will be
run as user www and therefore result in the DB error
% svnadmin dump /usr/local/svn/repos1 --incremental > /tmp/repos1.dump
subversion/libsvn_fs/bdb/bdb-err.c:58: (apr_err=160029)
svn: Berkeley DB error
svn: Berkeley DB error while opening environment for filesystem
/usr/local/svn/repos1/db:
Permission denied
It seems to me that the DB files should be owned by a certain group
that would allow both Apache access and execution of the DB process.
Sincerely, Sancho Neves-Graca
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Repository file permissions
Posted by Christophe Labouisse <ch...@labouisse.org>.
I didn't test is thoroughly but I suggest the following:
- create a svn group and make sure your user belong to it,
- give the repository ownership to www (or whatever user Apache is
running),
- chgrp the repository to the svn group,
- alter the repository permissions in order give write permission and
directory access to the svn group for the whole repository,
- add the group ID permission to the directories,
- make sure every user accessing the repository have a umask of 00x.
--
Le cinéma en Lumière : http://www.lumiere.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Repository file permissions
Posted by Christophe Labouisse <ga...@tigris.org>.
I didn't test is thoroughly but I suggest the following:
- create a svn group and make sure your user belong to it,
- give the repository ownership to www (or whatever user Apache is
running),
- chgrp the repository to the svn group,
- alter the repository permissions in order give write permission and
directory access to the svn group for the whole repository,
- add the group ID permission to the directories,
- make sure every user accessing the repository have a umask of 00x.
--
Le cinéma en Lumière : http://www.lumiere.org/
--
Le cinéma en Lumière : http://www.lumiere.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org