On Dec 26, 2007, at 08:07, pinky goyal wrote:
> On 12/26/07, pinky goyal wrote:
>
>> On 12/26/07, Ryan Schmidt wrote:
>>
>>> On Dec 25, 2007, at 23:34, Ryan Schmidt wrote:
>>>
>>> > On Dec 25, 2007, at 23:27, pinky goyal wrote:
>>> >
>>> >> On 12/20/07, Ryan Schmidt wrote:
>>> >>
>>> >>> <?php
>>> >>> $cmd = '/usr/bin/svn list file:///var/subversion/devfoundry/
>>> 2>&1';
>>> >>> exec($cmd, $output);
>>> >>> $output = implode("\n", $output) . "\n";
>>> >>> echo $output;
>>> >>> ?>
>>> >>
>>> >> thnx for the reply.
>>> >>
>>> >> i have tried this and now what error i am getting is.
>>> >>
>>> >> svn:can't open file '/root/.subversion/servers':permission denied
>>> >>
>>> >> i have tried after giving rights to the file also, but even
>>> than i
>>> >> am getting the same error.
>>> >
>>> > I figured it would be some error like that. The svn command needs
>>> > to read data out of the .subversion directory in the current
>>> user's
>>> > home directory. When running under your web server, it thinks /
>>> root
>>> > is its home, but your web server is not running as root; it's
>>> > probably running as www or apache or nobody. Those users probably
>>> > don't have permission to read things in /root. One option might be
>>> > to tell the svn command where its home is, e.g.
>>> >
>>> > <?php
>>> > $cmd = 'HOME=/some/place /usr/bin/svn list file:///var/subversion/
>>> > devfoundry/ 2>&1';
>>> > ?>
>>> >
>>> > where /some/place is a directory the web server user can read and
>>> > write, so that svn can create the .subversion directory there.
>>>
>>> I forgot svn offers a more direct switch you can use:
>>>
>>> <?php
>>> $cmd = '/usr/bin/svn list --config-dir /some/place file:///var/
>>> subversion/devfoundry/ 2>&1';
>>> ?>
>>>
>>> That would be better.
>>
>> Thnx for the help.....
>> the issue was that you have suggested.
>> again thnx a lot.
>
> i am able to get the command run if give the execute rights to the /
> root folder but giving rights to whole root folder is a big
> security issue.
> and .subversion/servers exists in root folder.
>
> $cmd = '/usr/bin/svn list --config-dir /some/place file:///var/
> subversion/devfoundry/ 2>&1';
>
> according to you by this --config-dir /some/place in the command,
> svn will create .subversion directory in the specified directory
> but this .subversion directory exists in root folders. and command
> don't create it in the specified directory.
>
> giving the execute rights to .subversion instead of root folder
> doesn't solve the problem.
Well, actually, if you use --config-dir /some/place, Subversion will
use /some/place as the config directory (it won't create
a .subversion directory inside it and then use that as the config
directory).
Here, look:
$ mkdir /tmp/mysvnconfig
$ ls -l /tmp/mysvnconfig
$ svn list --config-dir /tmp/mysvnconfig http://svn.collab.net/repos/
svn/
README
branches/
developer-resources/
svn-logos/
tags/
trunk/
$ ls -l /tmp/mysvnconfig
total 0
drwx------ 5 rschmidt wheel 170 Dec 26 08:16 auth
$
So, you're right, you don't want to open up /root or /
root/.subversion so everyone can write to it. That would indeed be a
security issue. Instead, you should have a new directory somewhere,
which only the web user can read from and write to, and point svn to
that directory using --config-dir.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Dec 26 15:21:44 2007