svnserve changes ownership of files in FSFS repo...

[Ben Kyrlach <bk...@hobsons-us.com>]

Here's my setup...

 

Multiple users connect to SVN using SVN+SSH with a common key.

The *nix machine hosting svnserve is using the authorized_keys file in
each users $HOME/.ssh to launch svnserve when connecting with said key.

 

Whenever a user makes a commit to the single FSFS repository there, the
myrepository/db/current file has its ownership changed to the user. So,
if I commit, the files ownership changes to bkyrlach.bkyrlach. Because
the repository disallows any access at the "other" level, it essentially
prevents any other users from committing to the repository. I've tried
using sudo and or su in the authorized_keys file to run svnserve as
root, but when I do this I get an error stating that I need a TTY in
order to perform that action.

 

Are my permissions set wrong perhaps? I had it set up so that everything
myrepository under was owned by root.developers, and all of the people
with svn access were in the developers group. Or is there a way to make
svnserve not change ownership of that file?

 

Thanks,

 

Ben.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1712602

To unsubscribe from this discussion, e-mail: [users-unsubscribe@subversion.tigris.org].

RE: [SOLVED] svnserve changes ownership of files in FSFS repo...

[Ben Kyrlach <bk...@hobsons-us.com>]

Wow... I missed that section of the SVN book when I was searching. It
actually turned out to be a combination of the umask part of the script,
and ensuring that the primary group of the users involved was set to the
common group.

-----Original Message-----
From: Andy Levy [mailto:andy.levy@gmail.com] 
Sent: Tuesday, April 14, 2009 12:29 PM
To: Ben Kyrlach
Cc: users@subversion.tigris.org
Subject: Re: svnserve changes ownership of files in FSFS repo...

On Tue, Apr 14, 2009 at 12:06, Ben Kyrlach <bk...@hobsons-us.com>
wrote:
> Here's my setup...
>
>
>
> Multiple users connect to SVN using SVN+SSH with a common key.
>
> The *nix machine hosting svnserve is using the authorized_keys file in
each
> users $HOME/.ssh to launch svnserve when connecting with said key.
>
>
>
> Whenever a user makes a commit to the single FSFS repository there,
the
> myrepository/db/current file has its ownership changed to the user.
So, if I
> commit, the files ownership changes to bkyrlach.bkyrlach. Because the
> repository disallows any access at the "other" level, it essentially
> prevents any other users from committing to the repository. I've tried
using
> sudo and or su in the authorized_keys file to run svnserve as root,
but when
> I do this I get an error stating that I need a TTY in order to perform
that
> action.
>
>
>
> Are my permissions set wrong perhaps? I had it set up so that
everything
> myrepository under was owned by root.developers, and all of the people
with
> svn access were in the developers group. Or is there a way to make
svnserve
> not change ownership of that file?

You need to change the umask being set for those users. See the box at
the bottom of
http://svnbook.red-bean.com/en/1.5/svn.serverconfig.multimethod.html

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1714187

To unsubscribe from this discussion, e-mail: [users-unsubscribe@subversion.tigris.org].

Re: svnserve changes ownership of files in FSFS repo...

[Andy Levy <an...@gmail.com>]

On Tue, Apr 14, 2009 at 12:06, Ben Kyrlach <bk...@hobsons-us.com> wrote:
> Here’s my setup…
>
>
>
> Multiple users connect to SVN using SVN+SSH with a common key.
>
> The *nix machine hosting svnserve is using the authorized_keys file in each
> users $HOME/.ssh to launch svnserve when connecting with said key.
>
>
>
> Whenever a user makes a commit to the single FSFS repository there, the
> myrepository/db/current file has its ownership changed to the user. So, if I
> commit, the files ownership changes to bkyrlach.bkyrlach. Because the
> repository disallows any access at the “other” level, it essentially
> prevents any other users from committing to the repository. I’ve tried using
> sudo and or su in the authorized_keys file to run svnserve as root, but when
> I do this I get an error stating that I need a TTY in order to perform that
> action.
>
>
>
> Are my permissions set wrong perhaps? I had it set up so that everything
> myrepository under was owned by root.developers, and all of the people with
> svn access were in the developers group. Or is there a way to make svnserve
> not change ownership of that file?

You need to change the umask being set for those users. See the box at
the bottom of http://svnbook.red-bean.com/en/1.5/svn.serverconfig.multimethod.html

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1712830

To unsubscribe from this discussion, e-mail: [users-unsubscribe@subversion.tigris.org].

Re: svnserve changes ownership of files in FSFS repo...

[Greg Troxel <gd...@ir.bbn.com>]

Ryan Schmidt <su...@ryandesign.com> writes:

> On Apr 14, 2009, at 11:06, Ben Kyrlach wrote:
>
>> Multiple users connect to SVN using SVN+SSH with a common key.
>> The *nix machine hosting svnserve is using the authorized_keys file  
>> in each users $HOME/.ssh to launch svnserve when connecting with  
>> said key.
>>
>> Whenever a user makes a commit to the single FSFS repository there,  
>> the myrepository/db/current file has its ownership changed to the  
>> user. So, if I commit, the files ownership changes to  
>> bkyrlach.bkyrlach. Because the repository disallows any access at  
>> the “other” level, it essentially prevents any other users from  
>> committing to the repository. I’ve tried using sudo and or su in  
>> the authorized_keys file to run svnserve as root, but when I do  
>> this I get an error stating that I need a TTY in order to perform  
>> that action.
>
> You may need svnserve to be a wrapper script that sets a different  
> umask, then calls the real svnserve. This section of the book should  
> help:

Or, you could use svnstsw from contrib which is suid to the svn user and
uses authz, so you get the same behavior as with https.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1717311

To unsubscribe from this discussion, e-mail: [users-unsubscribe@subversion.tigris.org].

Re: svnserve changes ownership of files in FSFS repo...

[Ryan Schmidt <su...@ryandesign.com>]

On Apr 14, 2009, at 11:06, Ben Kyrlach wrote:

> Multiple users connect to SVN using SVN+SSH with a common key.
> The *nix machine hosting svnserve is using the authorized_keys file  
> in each users $HOME/.ssh to launch svnserve when connecting with  
> said key.
>
> Whenever a user makes a commit to the single FSFS repository there,  
> the myrepository/db/current file has its ownership changed to the  
> user. So, if I commit, the files ownership changes to  
> bkyrlach.bkyrlach. Because the repository disallows any access at  
> the “other” level, it essentially prevents any other users from  
> committing to the repository. I’ve tried using sudo and or su in  
> the authorized_keys file to run svnserve as root, but when I do  
> this I get an error stating that I need a TTY in order to perform  
> that action.
>
> Are my permissions set wrong perhaps? I had it set up so that  
> everything myrepository under was owned by root.developers, and all  
> of the people with svn access were in the developers group. Or is  
> there a way to make svnserve not change ownership of that file?

You may need svnserve to be a wrapper script that sets a different  
umask, then calls the real svnserve. This section of the book should  
help:

http://svnbook.red-bean.com/en/1.5/svn.serverconfig.multimethod.html

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1717059

To unsubscribe from this discussion, e-mail: [users-unsubscribe@subversion.tigris.org].