Mailing List Archive

Hi,

Ran into this problem - you'll probably have this problem if you use the
ssh checkin.

You need to make sure that the svnserve binary sets a sane umask: the
subversion book has an explanation under Chapter 7 - Advanced topics
called "the svn+ssh server checklist" or some-such.

Good luck,
Brad.


On Mon, 2004-10-11 at 12:57 -0700, Jeff Lanzarotta wrote:
> Hello,
>
> Well I'm having permission problems again....
>
> I just checked a bunch of changes into my repository. Everything went
> just fine. I then check the repository with Trac and it said that I
> needed to run a 'recover' on the repository, which I did. Now when I
> attempt to access the repository again through Trac, I get:
>
> ---------8<---------
>
> Trac detected an internal error:
>
> ('Berkeley DB error while opening environment for filesystem
> /mnt/hd/svn/repositories/windss/db:\nPermission denied', 160029)
>
> ---------8<---------
>
> My Apache server runs a the 'apache' user and my svnserve runs as the
> 'svn' user. The apache user is a member of the svn group also...
>
> Any ideas?
>
> Regards,
>
> ----
> Jeff
> _______________________________________________
> Trac mailing list
> Trac@lists.edgewall.com
> http://lists.edgewall.com/mailman/listinfo/trac
--
Bradley Shuttleworth
Jam Warehouse http://www.jamwarehouse.com/
Smart Business Innovation
+27 21 4477440



This email is sent subject to a disclaimer available at http://www.jamwarehouse.com/about_us/EmailDisclaimer/

I'll check out the book and let you know... I'm not sure about ssh
though. I'm using TortoiseSVN as my client...

--- Bradley Shuttleworth <brad@jamwarehouse.com> wrote:

> Hi,
>
> Ran into this problem - you'll probably have this problem if you use
> the
> ssh checkin.
>
> You need to make sure that the svnserve binary sets a sane umask:
> the
> subversion book has an explanation under Chapter 7 - Advanced topics
> called "the svn+ssh server checklist" or some-such.
>
> Good luck,
> Brad.
>
>
> On Mon, 2004-10-11 at 12:57 -0700, Jeff Lanzarotta wrote:
> > Hello,
> >
> > Well I'm having permission problems again....
> >
> > I just checked a bunch of changes into my repository. Everything
> went
> > just fine. I then check the repository with Trac and it said that I
> > needed to run a 'recover' on the repository, which I did. Now when
> I
> > attempt to access the repository again through Trac, I get:
> >
> > ---------8<---------
> >
> > Trac detected an internal error:
> >
> > ('Berkeley DB error while opening environment for filesystem
> > /mnt/hd/svn/repositories/windss/db:\nPermission denied', 160029)
> >
> > ---------8<---------
> >
> > My Apache server runs a the 'apache' user and my svnserve runs as
> the
> > 'svn' user. The apache user is a member of the svn group also...
> >
> > Any ideas?
> >
> > Regards,
> >
> > ----
> > Jeff
> > _______________________________________________
> > Trac mailing list
> > Trac@lists.edgewall.com
> > http://lists.edgewall.com/mailman/listinfo/trac
> --
> Bradley Shuttleworth
> Jam Warehouse http://www.jamwarehouse.com/
> Smart Business Innovation
> +27 21 4477440
>
>
>
> This email is sent subject to a disclaimer available at
> http://www.jamwarehouse.com/about_us/EmailDisclaimer/
>
>

Well, I attempted to create a "wrapper" around the svnsever so that it
would set the umask, but it's not quite working.

When I changed my svn under /etc/xinetd.d to point to this new wrapper,
TortoiseSVN would complain when I attempted to do a commit that the
connection was terminated or something like that... I should have
written it down. I when changed my svn back to pointing to the original
svnserve and the commit worked fine...

So I then attempted to access the repository through Trac. I then got
an error indicating that I needed to recover the database!!! So I did,
and attempted to access the repository again through Trac. I now get
the permission problem again...

Should I now try the wrapper again or what?

--- Jeff Lanzarotta <delux256-trac@yahoo.com> wrote:

> I'll check out the book and let you know... I'm not sure about ssh
> though. I'm using TortoiseSVN as my client...
>
> --- Bradley Shuttleworth <brad@jamwarehouse.com> wrote:
>
> > Hi,
> >
> > Ran into this problem - you'll probably have this problem if you
> use
> > the
> > ssh checkin.
> >
> > You need to make sure that the svnserve binary sets a sane umask:
> > the
> > subversion book has an explanation under Chapter 7 - Advanced
> topics
> > called "the svn+ssh server checklist" or some-such.
> >
> > Good luck,
> > Brad.
> >
> >
> > On Mon, 2004-10-11 at 12:57 -0700, Jeff Lanzarotta wrote:
> > > Hello,
> > >
> > > Well I'm having permission problems again....
> > >
> > > I just checked a bunch of changes into my repository. Everything
> > went
> > > just fine. I then check the repository with Trac and it said that
> I
> > > needed to run a 'recover' on the repository, which I did. Now
> when
> > I
> > > attempt to access the repository again through Trac, I get:
> > >
> > > ---------8<---------
> > >
> > > Trac detected an internal error:
> > >
> > > ('Berkeley DB error while opening environment for filesystem
> > > /mnt/hd/svn/repositories/windss/db:\nPermission denied', 160029)
> > >
> > > ---------8<---------
> > >
> > > My Apache server runs a the 'apache' user and my svnserve runs as
> > the
> > > 'svn' user. The apache user is a member of the svn group also...
> > >
> > > Any ideas?
> > >
> > > Regards,
> > >
> > > ----
> > > Jeff
> > > _______________________________________________
> > > Trac mailing list
> > > Trac@lists.edgewall.com
> > > http://lists.edgewall.com/mailman/listinfo/trac
> > --
> > Bradley Shuttleworth
> > Jam Warehouse http://www.jamwarehouse.com/
> > Smart Business Innovation
> > +27 21 4477440
> >
> >
> >
> > This email is sent subject to a disclaimer available at
> > http://www.jamwarehouse.com/about_us/EmailDisclaimer/
> >
> >
>
> _______________________________________________
> Trac mailing list
> Trac@lists.edgewall.com
> http://lists.edgewall.com/mailman/listinfo/trac
>

Ok, here's a little more info that might give someone an idea of what
is going on...

I've got the wrapper setup to correctly set the umask to 002. I've also
set the permission on the db directory in the repository to:

drwxrwxr-T 2 svn svn 4096 Oct 13 15:47 db/

The permissions on the file in the db directory look like this:

-rw-rw-r-- 1 svn svn 425984 Oct 13 15:47 changes
-rw-rw-r-- 1 svn svn 8192 Oct 13 15:47 copies
-rw-rw-r-- 1 svn svn 16384 Oct 13 15:47 __db.001
-rw-rw-r-- 1 svn svn 278528 Oct 13 15:47 __db.002
-rw-rw-r-- 1 svn svn 327680 Oct 13 15:47 __db.003
-rw-rw-r-- 1 svn svn 892928 Oct 13 15:47 __db.004
-rw-rw-r-- 1 svn svn 16384 Oct 13 15:47 __db.005
-rw-rw-r-- 1 svn svn 1738 Jun 4 09:04 DB_CONFIG
-rw-r--r-- 1 svn svn 1047665 Oct 13 15:18 log.0000000399
-rw-r--r-- 1 svn svn 654717 Oct 13 15:47 log.0000000400
-rw-rw-r-- 1 svn svn 311296 Oct 13 15:47 nodes
-rw-rw-r-- 1 svn svn 495616 Oct 13 15:47 representations
-rw-rw-r-- 1 svn svn 8192 Oct 13 15:47 revisions
-rw-rw-r-- 1 svn svn 223457280 Oct 13 15:47 strings
-rw-rw-r-- 1 svn svn 8192 Oct 13 15:47 transactions
-rw-rw-r-- 1 svn svn 8192 Oct 13 15:47 uuids

Ok, with that said, everytime I make any change to the Trac for the
project I have to do a DB_RECOVERY on the database... It doesn't matter
if I add a ticket or simply change a ticket report... After I do it, I
have to do a DB_RECOVERY... Any ideas would be greatly appreciated...

Thanks...


--- Jeff Lanzarotta <delux256-trac@yahoo.com> wrote:

> Well, I attempted to create a "wrapper" around the svnsever so that
> it
> would set the umask, but it's not quite working.
>
> When I changed my svn under /etc/xinetd.d to point to this new
> wrapper,
> TortoiseSVN would complain when I attempted to do a commit that the
> connection was terminated or something like that... I should have
> written it down. I when changed my svn back to pointing to the
> original
> svnserve and the commit worked fine...
>
> So I then attempted to access the repository through Trac. I then got
> an error indicating that I needed to recover the database!!! So I
> did,
> and attempted to access the repository again through Trac. I now get
> the permission problem again...
>
> Should I now try the wrapper again or what?
>
> --- Jeff Lanzarotta <delux256-trac@yahoo.com> wrote:
>
> > I'll check out the book and let you know... I'm not sure about ssh
> > though. I'm using TortoiseSVN as my client...
> >
> > --- Bradley Shuttleworth <brad@jamwarehouse.com> wrote:
> >
> > > Hi,
> > >
> > > Ran into this problem - you'll probably have this problem if you
> > use
> > > the
> > > ssh checkin.
> > >
> > > You need to make sure that the svnserve binary sets a sane umask:
>
> > > the
> > > subversion book has an explanation under Chapter 7 - Advanced
> > topics
> > > called "the svn+ssh server checklist" or some-such.
> > >
> > > Good luck,
> > > Brad.
> > >
> > >
> > > On Mon, 2004-10-11 at 12:57 -0700, Jeff Lanzarotta wrote:
> > > > Hello,
> > > >
> > > > Well I'm having permission problems again....
> > > >
> > > > I just checked a bunch of changes into my repository.
> Everything
> > > went
> > > > just fine. I then check the repository with Trac and it said
> that
> > I
> > > > needed to run a 'recover' on the repository, which I did. Now
> > when
> > > I
> > > > attempt to access the repository again through Trac, I get:
> > > >
> > > > ---------8<---------
> > > >
> > > > Trac detected an internal error:
> > > >
> > > > ('Berkeley DB error while opening environment for filesystem
> > > > /mnt/hd/svn/repositories/windss/db:\nPermission denied',
> 160029)
> > > >
> > > > ---------8<---------
> > > >
> > > > My Apache server runs a the 'apache' user and my svnserve runs
> as
> > > the
> > > > 'svn' user. The apache user is a member of the svn group
> also...
> > > >
> > > > Any ideas?
> > > >
> > > > Regards,
> > > >
> > > > ----
> > > > Jeff
> > > > _______________________________________________
> > > > Trac mailing list
> > > > Trac@lists.edgewall.com
> > > > http://lists.edgewall.com/mailman/listinfo/trac
> > > --
> > > Bradley Shuttleworth
> > > Jam Warehouse http://www.jamwarehouse.com/
> > > Smart Business Innovation
> > > +27 21 4477440
> > >
> > >
> > >
> > > This email is sent subject to a disclaimer available at
> > > http://www.jamwarehouse.com/about_us/EmailDisclaimer/
> > >
> > >
> >
> > _______________________________________________
> > Trac mailing list
> > Trac@lists.edgewall.com
> > http://lists.edgewall.com/mailman/listinfo/trac
> >
>
>

Hi Jeff,

[Jeff Lanzarotta Wed, Oct 13, 2004 at 01:16:14PM -0700]
> Ok, here's a little more info that might give someone an idea of what
> is going on...

i am slightly confused by your reports ...

> I've got the wrapper setup to correctly set the umask to 002. I've also
> set the permission on the db directory in the repository to:

Earlier on you mentioned that you wrapped the svnserver but it
seems ...

> Ok, with that said, everytime I make any change to the Trac for the
> project I have to do a DB_RECOVERY on the database...

... that you are talking about accesses from Trac now. The two problems
are probably separate as svnserver is the commandline utility
for svn+ssh and trac uses the python bindings to access the repo.

Now, how is your Trac setup? Via CGI, ProxyPass or mod_python?
What exactly is your problem?

cheers,

holger

Hi Holger,

I know what my problem is, but that for a different disussion group :^)

I think the problem is permissions... but I don't know quite why...

Trac is setup using CGI, I believe... but if could be python
to...??????

To access the repository I use 'http://server/cgi-bin/trac.cgi'

Ok, what happens is this:

1) Access for example 'timeline' from Trac. Timeline is displayed.
2) Go to linux and access repository using for example, 'svnlook' I get
and error indicating that I need to do a DB_RECOVERY. OR If I attempt
to display the timeline again through Trac, I get that DB_RECOVERY is
needed.
3) Do a DB_RECOVERY and everything is fine until I access the
repository again through Trac...

--- holger krekel <hpk@trillke.net> wrote:

> Hi Jeff,
>
> [Jeff Lanzarotta Wed, Oct 13, 2004 at 01:16:14PM -0700]
> > Ok, here's a little more info that might give someone an idea of
> what
> > is going on...
>
> i am slightly confused by your reports ...
>
> > I've got the wrapper setup to correctly set the umask to 002. I've
> also
> > set the permission on the db directory in the repository to:
>
> Earlier on you mentioned that you wrapped the svnserver but it
> seems ...
>
> > Ok, with that said, everytime I make any change to the Trac for the
> > project I have to do a DB_RECOVERY on the database...
>
> ... that you are talking about accesses from Trac now. The two
> problems
> are probably separate as svnserver is the commandline utility
> for svn+ssh and trac uses the python bindings to access the repo.
>
> Now, how is your Trac setup? Via CGI, ProxyPass or mod_python?
> What exactly is your problem?
>
> cheers,
>
> holger
>

[Jeff Lanzarotta Wed, Oct 13, 2004 at 01:56:32PM -0700]
> Hi Holger,
>
> I know what my problem is, but that for a different disussion group :^)

:-)

> I think the problem is permissions... but I don't know quite why...
>
> Trac is setup using CGI, I believe... but if could be python
> to...??????
> To access the repository I use 'http://server/cgi-bin/trac.cgi'

yes, that looks like CGI.

Now the question is if trac.cgi has the permissions to access
the svn repository read/write. Can you check under which
user-id your apache runs? Make the repository to have the same
ownership with something like 'chown -R apache:apache path/to/repo'
where 'apache:apache' is the user/group of your apache process.

can you try?

holger

Well my setup is sort of like that...

I have created a user and group named svn. Apache, which is the user
that the webserver runs under is also a member of the svn group. The
repository is owned by svn:svn...

as a side note, not all the files in the db directory are read+write.
for example the log files are:

-rw-r--r-- 1 svn svn 1047665 Oct 13 15:18 log.0000000399
-rw-r--r-- 1 svn svn 698791 Oct 13 16:41 log.0000000400

--- holger krekel <hpk@trillke.net> wrote:

> [Jeff Lanzarotta Wed, Oct 13, 2004 at 01:56:32PM -0700]
> > Hi Holger,
> >
> > I know what my problem is, but that for a different disussion group
> :^)
>
> :-)
>
> > I think the problem is permissions... but I don't know quite why...
> >
> > Trac is setup using CGI, I believe... but if could be python
> > to...??????
> > To access the repository I use 'http://server/cgi-bin/trac.cgi'
>
> yes, that looks like CGI.
>
> Now the question is if trac.cgi has the permissions to access
> the svn repository read/write. Can you check under which
> user-id your apache runs? Make the repository to have the same
> ownership with something like 'chown -R apache:apache path/to/repo'
> where 'apache:apache' is the user/group of your apache process.
>
> can you try?
>
> holger
>

[Jeff Lanzarotta Wed, Oct 13, 2004 at 02:28:18PM -0700]
> Well my setup is sort of like that...
>
> I have created a user and group named svn. Apache, which is the user
> that the webserver runs under is also a member of the svn group. The
> repository is owned by svn:svn...
>
> as a side note, not all the files in the db directory are read+write.
> for example the log files are:
>
> -rw-r--r-- 1 svn svn 1047665 Oct 13 15:18 log.0000000399
> -rw-r--r-- 1 svn svn 698791 Oct 13 16:41 log.0000000400

yes, i guess your apache runs the trac.cgi with the group-write
permission off. At first the trac.cgi can access read/write but
then it gets messed up because every file the trac.cgi causes
to write will have group-write perm off.

You may try to patch the umask by inserting the two lines

import os
os.umask(002)

at the beginning of the trac.cgi file.

holger