You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Doug Goldstein <do...@monetra.com> on 2007/02/09 18:25:23 UTC
Subversion Hooks Issue
I'm trying to implement a pre-commit hook on my subversion repo.
However, it never works. I've reduced it down to a simple test case as
follows:
#!/bin/sh
exit 0
I am using svn+ssh:// for access so my user exists as an actual account
on the machine.
As per the the following:
http://subversion.tigris.org/faq.html#hook-debugging
I've ssh'd into the box and executed:
$ env - /var/data/svn/project/hooks/pre-commit
$ echo $?
0
So the script works successfully from the command line. I have
permission to execute the script.
But attempting to commit results in the following error:
Transmitting file data .svn: Commit failed (details follow):
svn: 'pre-commit' hook failed with error output:
Any suggestions would be very helpful.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Doug Goldstein <do...@monetra.com>.
Erik Hemdal wrote:
>
>> -----Original Message-----
>> From: Doug Goldstein [mailto:doug@monetra.com]
>> Sent: Friday, February 09, 2007 4:55 PM
>> To: users@subversion.tigris.org
>> Subject: Re: Subversion Hooks Issue
>>
>>
>>
>> # cat pre-commit
>> #!/bin/sh
>>
>> LOG=/tmp/hook.log
>>
>> /usr/bin/whoami >> $LOG 2>&1
>> /bin/echo "about to execute cmd" >> $LOG 2>&1
>> /bin/echo "finished cmd" >> $LOG 2>&1
>>
>>
>> Nothing was ever created in /tmp/. I can run the script successfully
>> with the following however:
>>
>> env - /var/data/svn/monetra/hooks/pre-commit
>>
>> The env - command clears out your environment so you don't even have
>> PATH set.
>>
>
> By any chance, are you on Linux with SELinux enforcing? I wasn't thinking
> about that before, but that also might cause these mysterious failures.
> SELinux is famous for preventing you from running something because even
> though you have permission on the script/program/etc. it's trying to work in
> a directory or a file that SELinux policy says you should not be in.
>
> Erik
>
>
>
I do have grsec on that machine. I didn't think of that. A quick glance
doesn't appear to show grsec nuking anything. But I will dig into it on
Monday and report back if I find anything. Thanks for the suggestion.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Subversion Hooks Issue
Posted by Erik Hemdal <er...@comprehensivepower.com>.
> -----Original Message-----
> From: Doug Goldstein [mailto:doug@monetra.com]
> Sent: Friday, February 09, 2007 4:55 PM
> To: users@subversion.tigris.org
> Subject: Re: Subversion Hooks Issue
>
>
>
> # cat pre-commit
> #!/bin/sh
>
> LOG=/tmp/hook.log
>
> /usr/bin/whoami >> $LOG 2>&1
> /bin/echo "about to execute cmd" >> $LOG 2>&1
> /bin/echo "finished cmd" >> $LOG 2>&1
>
>
> Nothing was ever created in /tmp/. I can run the script successfully
> with the following however:
>
> env - /var/data/svn/monetra/hooks/pre-commit
>
> The env - command clears out your environment so you don't even have
> PATH set.
>
By any chance, are you on Linux with SELinux enforcing? I wasn't thinking
about that before, but that also might cause these mysterious failures.
SELinux is famous for preventing you from running something because even
though you have permission on the script/program/etc. it's trying to work in
a directory or a file that SELinux policy says you should not be in.
Erik
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Doug Goldstein <do...@monetra.com>.
Tim Bingham wrote:
>
> On Feb 9, 2007, at 4:25 PM, Doug Goldstein wrote:
>
>> Erik Hemdal wrote:
>>>> Erik Hemdal wrote:
>>>>>> Ryan Schmidt wrote:
>>>>>>> On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
>>>>>>>
>>>> . . .
>>>>> Any possibility that another user, like 'svn' or 'apache' or
>>>>> 'whatever' is actually running the script and not the user you are
>>>>> testing with? Maybe setting world-execute would help?
>>>>>
>>>>> Erik
>>>>>
>>>>>
>>>>>
>>>> # ls -l /var/data/svn/project/hooks/pre-commit
>>>> -rwxr-xr-x 1 root svnusers 796 Feb 9 13:10
>>>> /var/data/svn/project/hooks/pre-commit
>>>>
>>> OK, the only other thing I can suggest is to verify you have execute
>>> permission on all the higher-level directories to the hook script.
>>> If you
>>> don't have it, you can't pass through to find the script so you can
>>> run it.
>>> Erik
>>
>> doug@doug ~ $ ssh doug@gravel
>> Last login: Fri Feb 9 16:22:19 2007 from doug.
>> doug@gravel ~ $ /var/data/svn/project/hooks/pre-commit
>> doug@gravel ~ $ echo $?
>> 0
>> doug@gravel ~ $ groups
>> users svnusers
>>
>> Since I am using svn+ssh://, my commits should be running as my user,
>> "doug". So svnserve will be running as that user.
>>
>> You can see the script is owned by the svnusers group, which I also am
>> a part of. If the directories below did not have the execute bit, I
>> would not be able to execute this file.
>
> I think you already know that -
> - the environment that the hook script runs in is empty (there's no
> PATH defined)
> - the hook script may not run as the user you expect
>
> I usually use brute force to debug hook scripts -
>
> - define a log file
> - for selected/every command 'cmd' in the hook script redirect all
> output to the log file
> - put messages in the log file with echo
>
> so the hook script might contain debugging code like this -
>
> LOG=/tmp/hook.log
>
> /usr/bin/whoami >> $LOG 2>&1
> /bin/echo "about to execute cmd" >> $LOG 2>&1
> cmd >> $LOG 2>&1
> /bin/echo "finished cmd" >> $LOG 2>&1
>
> Then on the server
>
> $ tail -f /tmp/hook.log
>
> Then on the client commit something
>
> When debugging I'm always surprised by what I see/don't see in the log
> file :-)
>
> Hope this helps.
>
> Tim.
>
>
>
>
# cat pre-commit
#!/bin/sh
LOG=/tmp/hook.log
/usr/bin/whoami >> $LOG 2>&1
/bin/echo "about to execute cmd" >> $LOG 2>&1
/bin/echo "finished cmd" >> $LOG 2>&1
Nothing was ever created in /tmp/. I can run the script successfully
with the following however:
env - /var/data/svn/monetra/hooks/pre-commit
The env - command clears out your environment so you don't even have
PATH set.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Tim Bingham <Ti...@comcast.net>.
On Feb 9, 2007, at 4:25 PM, Doug Goldstein wrote:
> Erik Hemdal wrote:
>>> Erik Hemdal wrote:
>>>>> Ryan Schmidt wrote:
>>>>>> On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
>>>>>>
>>> . . .
>>>> Any possibility that another user, like 'svn' or 'apache' or
>>>> 'whatever' is actually running the script and not the user you
>>>> are testing with? Maybe setting world-execute would help?
>>>>
>>>> Erik
>>>>
>>>>
>>>>
>>> # ls -l /var/data/svn/project/hooks/pre-commit
>>> -rwxr-xr-x 1 root svnusers 796 Feb 9 13:10 /var/data/svn/project/
>>> hooks/pre-commit
>>>
>> OK, the only other thing I can suggest is to verify you have execute
>> permission on all the higher-level directories to the hook
>> script. If you
>> don't have it, you can't pass through to find the script so you
>> can run it.
>> Erik
>
> doug@doug ~ $ ssh doug@gravel
> Last login: Fri Feb 9 16:22:19 2007 from doug.
> doug@gravel ~ $ /var/data/svn/project/hooks/pre-commit
> doug@gravel ~ $ echo $?
> 0
> doug@gravel ~ $ groups
> users svnusers
>
> Since I am using svn+ssh://, my commits should be running as my
> user, "doug". So svnserve will be running as that user.
>
> You can see the script is owned by the svnusers group, which I also
> am a part of. If the directories below did not have the execute
> bit, I would not be able to execute this file.
I think you already know that -
- the environment that the hook script runs in is empty (there's
no PATH defined)
- the hook script may not run as the user you expect
I usually use brute force to debug hook scripts -
- define a log file
- for selected/every command 'cmd' in the hook script redirect all
output to the log file
- put messages in the log file with echo
so the hook script might contain debugging code like this -
LOG=/tmp/hook.log
/usr/bin/whoami >> $LOG 2>&1
/bin/echo "about to execute cmd" >> $LOG 2>&1
cmd >> $LOG 2>&1
/bin/echo "finished cmd" >> $LOG 2>&1
Then on the server
$ tail -f /tmp/hook.log
Then on the client commit something
When debugging I'm always surprised by what I see/don't see in the
log file :-)
Hope this helps.
Tim.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Doug Goldstein <do...@monetra.com>.
Erik Hemdal wrote:
>> doug@doug ~ $ ssh doug@gravel
>> Last login: Fri Feb 9 16:22:19 2007 from doug.
>> doug@gravel ~ $ /var/data/svn/project/hooks/pre-commit
>> doug@gravel ~ $ echo $?
>> 0
>> doug@gravel ~ $ groups
>> users svnusers
>>
>> Since I am using svn+ssh://, my commits should be running as my user,
>> "doug". So svnserve will be running as that user.
>>
>> You can see the script is owned by the svnusers group, which
>> I also am a
>> part of. If the directories below did not have the execute
>> bit, I would
>> not be able to execute this file.
>
> Yes, that all looks OK. I'm stumped....because I tried an example like this
> on my Fedora system and it works just fine. Maybe there's something broken
> in the file
> like a a missing newline on the last line of the script file?
>
> I've sometimes seen weird behavior like this if a file has Windows line
> endings or some other weirdness. But I'm reaching here...it looks like you
> did everything right.
>
> I think it would have to be something either really arcane or something so
> obvious that I'll be doing the dope slap in a moment. :-) Unfortunately,
> I'm not sure what else to suggest. Erik
>
>
Thanks for your help. I'm sure it's gotta be something either really
simple or some very obscure thing because I have used hooks before and
they've worked successfully for me.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Subversion Hooks Issue
Posted by Erik Hemdal <er...@comprehensivepower.com>.
>
> doug@doug ~ $ ssh doug@gravel
> Last login: Fri Feb 9 16:22:19 2007 from doug.
> doug@gravel ~ $ /var/data/svn/project/hooks/pre-commit
> doug@gravel ~ $ echo $?
> 0
> doug@gravel ~ $ groups
> users svnusers
>
> Since I am using svn+ssh://, my commits should be running as my user,
> "doug". So svnserve will be running as that user.
>
> You can see the script is owned by the svnusers group, which
> I also am a
> part of. If the directories below did not have the execute
> bit, I would
> not be able to execute this file.
Yes, that all looks OK. I'm stumped....because I tried an example like this
on my Fedora system and it works just fine. Maybe there's something broken
in the file
like a a missing newline on the last line of the script file?
I've sometimes seen weird behavior like this if a file has Windows line
endings or some other weirdness. But I'm reaching here...it looks like you
did everything right.
I think it would have to be something either really arcane or something so
obvious that I'll be doing the dope slap in a moment. :-) Unfortunately,
I'm not sure what else to suggest. Erik
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Doug Goldstein <do...@monetra.com>.
Erik Hemdal wrote:
>> Erik Hemdal wrote:
>>>> Ryan Schmidt wrote:
>>>>> On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
>>>>>
>> . . .
>>> Any possibility that another user, like 'svn' or 'apache' or
>>> 'whatever' is actually running the script and not the user you are
>>> testing with? Maybe setting world-execute would help?
>>>
>>> Erik
>>>
>>>
>>>
>> # ls -l /var/data/svn/project/hooks/pre-commit
>> -rwxr-xr-x 1 root svnusers 796 Feb 9 13:10
>> /var/data/svn/project/hooks/pre-commit
>>
>
> OK, the only other thing I can suggest is to verify you have execute
> permission on all the higher-level directories to the hook script. If you
> don't have it, you can't pass through to find the script so you can run it.
>
> Erik
>
>
>
doug@doug ~ $ ssh doug@gravel
Last login: Fri Feb 9 16:22:19 2007 from doug.
doug@gravel ~ $ /var/data/svn/project/hooks/pre-commit
doug@gravel ~ $ echo $?
0
doug@gravel ~ $ groups
users svnusers
Since I am using svn+ssh://, my commits should be running as my user,
"doug". So svnserve will be running as that user.
You can see the script is owned by the svnusers group, which I also am a
part of. If the directories below did not have the execute bit, I would
not be able to execute this file.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Subversion Hooks Issue
Posted by Erik Hemdal <er...@comprehensivepower.com>.
> Erik Hemdal wrote:
> >> Ryan Schmidt wrote:
> >>> On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
> >>>
>. . .
> >
> > Any possibility that another user, like 'svn' or 'apache' or
> > 'whatever' is actually running the script and not the user you are
> > testing with? Maybe setting world-execute would help?
> >
> > Erik
> >
> >
> >
> # ls -l /var/data/svn/project/hooks/pre-commit
> -rwxr-xr-x 1 root svnusers 796 Feb 9 13:10
> /var/data/svn/project/hooks/pre-commit
>
OK, the only other thing I can suggest is to verify you have execute
permission on all the higher-level directories to the hook script. If you
don't have it, you can't pass through to find the script so you can run it.
Erik
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Doug Goldstein <do...@monetra.com>.
Erik Hemdal wrote:
>> Ryan Schmidt wrote:
>>> On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
>>>
>>> And if you delete the pre-commit hook, then commits succeed? You're
>>> sure
>>> you're dealing with the correct pre-commit file (and not perhaps a
>>> pre-commit hook in a different unrelated repository)? I'm
>> sure you are,
>>> I'm just not sure what else to suggest...
>>>
>>>
>> Yes, if I delete that pre-commit file my commits succeed.
>>
>
> Any possibility that another user, like 'svn' or 'apache' or 'whatever' is
> actually running the script and not the user you are testing with? Maybe
> setting world-execute would help?
>
> Erik
>
>
>
# ls -l /var/data/svn/project/hooks/pre-commit
-rwxr-xr-x 1 root svnusers 796 Feb 9 13:10
/var/data/svn/project/hooks/pre-commit
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
RE: Subversion Hooks Issue
Posted by Erik Hemdal <er...@comprehensivepower.com>.
>
> Ryan Schmidt wrote:
> >
> > On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
> >
>
> > And if you delete the pre-commit hook, then commits succeed? You're
> > sure
> > you're dealing with the correct pre-commit file (and not perhaps a
> > pre-commit hook in a different unrelated repository)? I'm
> sure you are,
> > I'm just not sure what else to suggest...
> >
> >
>
> Yes, if I delete that pre-commit file my commits succeed.
>
Any possibility that another user, like 'svn' or 'apache' or 'whatever' is
actually running the script and not the user you are testing with? Maybe
setting world-execute would help?
Erik
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Doug Goldstein <do...@monetra.com>.
Ryan Schmidt wrote:
>
> On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
>
>> I'm trying to implement a pre-commit hook on my subversion repo.
>> However, it never works. I've reduced it down to a simple test case as
>> follows:
>>
>> #!/bin/sh
>> exit 0
>>
>> I am using svn+ssh:// for access so my user exists as an actual
>> account on the machine.
>>
>> As per the the following:
>> http://subversion.tigris.org/faq.html#hook-debugging
>>
>> I've ssh'd into the box and executed:
>>
>> $ env - /var/data/svn/project/hooks/pre-commit
>> $ echo $?
>> 0
>>
>> So the script works successfully from the command line. I have
>> permission to execute the script.
>>
>> But attempting to commit results in the following error:
>>
>> Transmitting file data .svn: Commit failed (details follow):
>> svn: 'pre-commit' hook failed with error output:
>>
>> Any suggestions would be very helpful.
>
> And if you delete the pre-commit hook, then commits succeed? You're sure
> you're dealing with the correct pre-commit file (and not perhaps a
> pre-commit hook in a different unrelated repository)? I'm sure you are,
> I'm just not sure what else to suggest...
>
>
Yes, if I delete that pre-commit file my commits succeed.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Subversion Hooks Issue
Posted by Ryan Schmidt <su...@ryandesign.com>.
On Feb 9, 2007, at 12:25, Doug Goldstein wrote:
> I'm trying to implement a pre-commit hook on my subversion repo.
> However, it never works. I've reduced it down to a simple test case
> as follows:
>
> #!/bin/sh
> exit 0
>
> I am using svn+ssh:// for access so my user exists as an actual
> account on the machine.
>
> As per the the following: http://subversion.tigris.org/
> faq.html#hook-debugging
>
> I've ssh'd into the box and executed:
>
> $ env - /var/data/svn/project/hooks/pre-commit
> $ echo $?
> 0
>
> So the script works successfully from the command line. I have
> permission to execute the script.
>
> But attempting to commit results in the following error:
>
> Transmitting file data .svn: Commit failed (details follow):
> svn: 'pre-commit' hook failed with error output:
>
> Any suggestions would be very helpful.
And if you delete the pre-commit hook, then commits succeed? You're
sure you're dealing with the correct pre-commit file (and not perhaps
a pre-commit hook in a different unrelated repository)? I'm sure you
are, I'm just not sure what else to suggest...
--
To reply to the mailing list, please use your mailer's Reply To All
function
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org