Lee*_*ton 12 linux svn version-control webdav selinux
我知道之前已经多次询问过,但我相信我的情况有所不同.
我正在尝试向SVN存储库添加一个pre-revprop-change挂钩,以便对日志消息进行更改.
在我添加pre-revprop-change文件之前,我收到此错误:
$ svn propset -r 557 --revprop svn:log "New message!" https://myserver/repos/myrepo
svn: DAV request failed; it's possible that the repository's pre-revprop-change hook either failed or is non-existent
svn: At least one property change failed; repository is unchanged
svn: Error setting property 'log':
Repository has not been enabled to accept revision propchanges;
ask the administrator to create a pre-revprop-change hook
没问题,我想.我会加上它:
$ cd /var/www/svn/myrepo/hooks
$ # Create the simplest hook possible
$ echo '#!/bin/sh' > pre-revprop-change
$ echo 'exit 0' >> pre-revprop-change
$ # Check that it looks correct
$ cat pre-revprop-change
#!/bin/sh
exit 0
$ # Looks good, now make it executable
$ chmod a+x pre-revprop-change
$ # Check the permissions
$ ls -al pre-revprop-change
-rwxr-xr-x 1 apache apache 17 2012-05-24 12:05 pre-revprop-change
$ # Run it, to make sure it runs, and check the error code
$ ./pre-revprop-change
$ echo $?
0
所以,根据我在SO上阅读的其他内容,应该是我需要的所有工作.但是,当我再次尝试编辑日志消息时,我仍然会收到错误(这次是另一个错误):
$ svn propset -r 557 --revprop svn:log "New message!" https://myserver/repos/myrepo
svn: DAV request failed; it's possible that the repository's pre-revprop-change hook either failed or is non-existent
svn: At least one property change failed; repository is unchanged
svn: Error setting property 'log':
Revprop change blocked by pre-revprop-change hook (exit code 255) with no output.
有几点需要注意:
1)存储库托管在SELinux服务器(Fedora核心10)上.也许在这些权限方面我需要做些什么?以下是钩子的SE权限:
$ ls -alZ pre-revprop-change
-rwxr-xr-x apache apache unconfined_u:object_r:httpd_sys_content_rw_t:s0 pre-revprop-change
2)通过WebDAV访问存储库(注意https://存储库名称).我是否需要在WebDAV端设置一些内容以允许更改前的更改?
经过几个小时的尝试,我找到了答案.而且,因为它似乎不存在于互联网上的任何其他地方,我会在这里发布...
这个问题是由SELinux引起的(没有什么惊喜).似乎apache(/usr/sbin/httpd)没有必要的权限来运行带有上述SE权限的钩子脚本.要使其执行,需要更改SELinux权限
$ chcon -t httpd_exec_t pre-revprop-change
(我首先尝试将其更改为httpd_sys_script_exec_t,但这还不足以让脚本执行.但是httpd_exec_t它的工作类型.)
最后一个问题:这是一件安全的事吗?
| 归档时间: |
|
| 查看次数: |
12192 次 |
| 最近记录: |