SVN txn-current-lock: Permission Denied
Figured out my own answer. Derp.
So I figured out that since I'm running an apache svn server, svn commands are run as the user the httpd process is running as.
So first I ran ps aux | egrep '(apache|httpd)'
and came up with this:
nobody 1488 0.0 0.2 99604 4960 ? S 06:02 0:00 /usr/local/apache/bin/httpd -k start -DSSL
root 1962 0.0 0.0 4140 668 pts/0 S+ 06:28 0:00 egrep (apache|httpd)
root 11404 0.0 0.2 99208 5188 ? Ss Jul24 0:00 /usr/local/apache/bin/httpd -k start -DSSL
root 27766 0.0 0.1 99208 2340 ? S 00:18 0:00 /usr/local/apache/bin/httpd -k start -DSSL
nobody 27767 0.0 0.2 99604 5184 ? S 00:18 0:00 /usr/local/apache/bin/httpd -k start -DSSL
nobody 27768 0.0 0.2 99568 5188 ? S 00:18 0:00 /usr/local/apache/bin/httpd -k start -DSSL
nobody 27769 0.0 0.2 99604 5196 ? S 00:18 0:00 /usr/local/apache/bin/httpd -k start -DSSL
nobody 27770 0.0 0.2 99568 5168 ? S 00:18 0:00 /usr/local/apache/bin/httpd -k start -DSSL
nobody 27771 0.0 0.2 99568 5184 ? S 00:18 0:00 /usr/local/apache/bin/httpd -k start -DSSL
Well, there's the problem. The apache processes are running as 'nobody' not 'apache' or 'svn' or anything.
There are two possible solutions for this (I only tried one).
The one that I did (and that worked) was to go into httpd.conf, and change the lines:
User nobody
Group nobody
To:
User apache
Group apache
And then service httpd restart
and now all of those 'nobody' processes are being run by apache, and svn import
works!
Another solution that would probably work, but I didn't test it, is to go to your repo and run chgrp -R svn ./*
so all of the files in the repo have the svn group, and then add the user nobody to the svn group (usermod -g svn nobody
). You can also add any other users to the group, if you want (probably more useful is you are running an svnserve
svn server, rather than through apache).
I'm not sure why the apache config was set to run as nobody, it seems to be the default on CentOS servers from GoDaddy (which is the server I'm running on)
Related videos on Youtube
Esaevian
Updated on September 18, 2022Comments
-
Esaevian over 1 year
I've just set up an SVN repository on a Server running CentOS 6. I followed the instructions here and things were going fairly smoothly.
Until I tried to import my initial file structure
svn import /path/to/wc http://svn.host.com/svn/repos -m "Init repo"
gave me the following
svn: Can't open file '/home/podsvn/svn/repos/db/txn-current-lock': Permission denied
However,
svn import /path/to/wc file:///path/to/repository -m "Init Repo"
Works fantastically. not useful for working remotely with the repo.A bit of searching led me to see that it was a permissions problem, but any configuration of permissions for the repo failed:
This is the default repo permissions following the tutorial above, which fails:
-rw-rw-r-- 1 apache apache 229 Jul 24 08:58 README.txt drwxrwxr-x 2 apache apache 4096 Jul 24 09:17 conf/ drwxrwsr-x 6 apache apache 4096 Jul 24 08:58 db/ -r--r--r-- 1 apache apache 2 Jul 24 08:58 format drwxrwxr-x 2 apache apache 4096 Jul 24 08:58 hooks/ drwxrwxr-x 2 apache apache 4096 Jul 24 08:58 locks/
Then I added root, apache, and my main user (called poduser which created the repo via
svnadmin create repos
) to a new group called svn, still fails (even after logging in and out from ssh):-rw-rw-r-- 1 apache svn 229 Jul 24 08:58 README.txt drwxrwxr-x 2 apache svn 4096 Jul 24 09:17 conf/ drwxrwsr-x 6 apache svn 4096 Jul 24 08:58 db/ -r--r--r-- 1 apache svn 2 Jul 24 08:58 format drwxrwxr-x 2 apache svn 4096 Jul 24 08:58 hooks/ drwxrwxr-x 2 apache svn 4096 Jul 24 08:58 locks/
I ran
chmod -R g+w ./
. (Has thels -la
results you'd expect) I still get the Permission Denied error.It seems like when I run
import
orcheckout
, it's attempting to access the repository as a user other than root, apache, or poduser.Possibly it's attempting to work as the user that logged into the repo (set up in /etc/svn-auth-conf via the tutorial). However, the SVN user I set up there is separate from any accounts on the actual server, right? I shouldn't have to worry about matching up SVN users and server users?
Thanks,
-Esa-
Sameer almost 12 yearssvn import /path/to/wc svn.host.com/svn -m "Init repo" Is this right? shouldn't it be svn.host.com/svn/REPO_NAME?
-
Esaevian almost 12 yearsYou're right, I just worded my question wrong. Editing. Even with the repo name, I'm getting the Permission denied error.
-