Subversion python/perl hook scripts on RHEL4

Hi

I don't know if this is the right list to post, but I just wanted to share
my experience in regards to hooks scripts execution on RHEL v4 with SELinux
enabled. I looked through the FAQ and I think the following would be
valuable addition.

I wanted to add a Python script to pre-commit hook to test no only for empty
log messages but also for message length.
Googling directed me to http://www.powertrip.co.za/blog/archives/pre-commit
and I copied content into commit-log-check.py file and modified my
pre-commit script to have

/opt/svn/repos/hooks/commit-log-check.py "$REPOS" "$TNX" || exit 1

line in it....
This is where the problems started occurring. On RHEL v4 with targeted
selinux enforcing policy Apache user didn't not have permissions to execute
this script. Using chcon as it is outlined in current FAQ was not enough.
The scripts have a different security context !!!!

After doing

chcon -v -R -h -t httpd_sys_script_exec_t
/opt/svn/repos/hooks/commit-log-check.py

everything worked fine.

Perhaps this little bit of info can be added to a FAQ and save RHEL and
Fedora users some time...

Thanks
Amir

Amir Mistric (amistric@nemours.org)
Senior Web Application Developer
Nemours Foundation

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jun 9 13:33:15 2005