You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@subversion.apache.org by Arran Cudbard-Bell <A....@sussex.ac.uk> on 2008/05/19 12:28:10 UTC

Subversion 1.4.6 incorrect locking behavior under Mac OSX 10.4.11

Hi,

Bug Report follows:

OS: Mac OSX 10.4.11
Protocol: SVN WebDav (Compiled with APXS Apache 2.2.4)
File System (Local): HFS+ Journaled (Case insensitive + Case Preserving)
File System (SVN Data): XSAN (CVFS)
SVN DB: FSFS

Symptoms:

Attempting to lock a file fails when the SVN Locks directory 
(./repository/db/locks) is owned by a group of which the user (that 
apache is running under) is not a member of.

For example if apache is running under user WWW and SVN data is owned by 
user WWW and group SVNAdmin and WWW is not a member of SVNAdmin then the 
lock will fail. If WWW becomes a member of SVNAdmin then locking will 
succeed.
This is only an issue when creating new directories under 
./repository/db/locks, locks may be re-used once established.

Cause (I think, please verify):
When the SVNAdmin tool creates the directory structure it sets the gid 
bit (chmod g+s) on the db directory (and possibly sub directories).

This has absolutely no effect with Mac OSX as it uses Berkley permission 
inheritance semantics (on creation directories inherit permissions from 
their parent directory), instead of Posix semantics where the directory 
inherits permissions from the user creating it (I think... correct me if 
i'm wrong on this one). So there's no reason to set the gid bit on any 
directories under OSX.

There is however a compelling reason not to set the gid bit under OSX. A 
chmod operation attempting to set the gid bit will fail if the user 
doing the chmod is not a member of the group that currently owns the 
directory.

So:

1. User attempts to lock file
2. Apache process attempts to create subdir under /repo/db/locks (and 
succeeds)
3. Apache process attempts to chmod subdir to match the permissions of 
/repo/db/locks (I think that's what the code is saying) (and fails if 
apache is not a member of the group owning the locks directory)
4. Lock fails because of the failed chmod (that wasn't really needed in 
the first place)

Workarounds:

chmod -Rv g-s /repo/db
chgrp -Rv www /repo/db

It'd be nice to have this fixed for 1.5.

Best Regards,
Arran Cudbard-Bell

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org