在apache和mod_python下运行subversion
[英]Running subversion under apache and mod_python
问题描述
My Apache server runs on some non-default (not-root) account. 
我的Apache服务器在一些非默认(非root)帐户上运行。 When it tries to run a python script which in turn executes a subversion check-out command, 'svn checkout' fails with the following error message: 当它试图运行一个python脚本,然后执行subversion check-out命令时,'svn checkout'失败,并显示以下错误消息:
svn: Can't open file '/root/.subversion/servers': Permission denied
At the same time running that python script with subversion checkout command inside from command line under the same user account goes on perfectly well. 同时在同一用户帐户下从命令行运行带有subversion checkout命令的python脚本非常顺利。
Apache server 2.2.6 with mod_python 3.2.8 runs on Fedora Core 6 machine. 带有mod_python 3.2.8的Apache服务器2.2.6在Fedora Core 6机器上运行。
Can anybody help me out? 有人可以帮帮我吗? Thanks a lot. 非常感谢。
6 个解决方案
解决方案1
5 2008-09-25 15:26:22
It sounds like the environment you apache process is running under is a little unusual. 听起来你apache进程运行的环境有点不寻常。 For whatever reason, svn seems to think the user configuration files it needs are in /root. 无论出于何种原因,svn似乎认为它需要的用户配置文件是/ root。 You can avoid having svn use the root versions of the files by specifying on the command line which config directory to use, like so: 通过在命令行中指定要使用的配置目录,可以避免让svn使用文件的根版本,如下所示:
svn --config-dir /home/myuser/.subversion checkout http://example.com/path
While not fixing your enviornment, it will at least allow you to have your script run properly... 虽然没有修复你的环境,但至少可以让你让你的脚本正常运行......
解决方案2
0 2008-09-25 15:24:06
尝试授予Apache用户(运行apache服务的用户)对该文件的r + w权限。
解决方案3
0 2008-09-25 15:30:10
Doesn't Apache's error log give you a clue? Apache的错误日志不是一个线索吗?
Maybe it has to do with SELinux. 也许它与SELinux有关。 Check /var/log/audit/audit.log and adjust your SELinux configuration accordingly, if the audit.log file indicates that it's SELinux which denies Apache access. 如果audit.log文件指示拒绝Apache访问的SELinux,请检查/var/log/audit/audit.log并相应地调整SELinux配置。
解决方案4
0 2008-09-26 10:06:52
The Permission Denied error is showing that the script is running with root credentials, because it's looking in root's home dir for files. Permission Denied错误显示脚本正在使用root凭据运行,因为它正在查找root的home目录中的文件。
I suggest you change the hook script to something that does: 我建议你将钩子脚本更改为:
id > /tmp/id
so that you can check the results of that to make sure what the uid/gid and euid/egid are. 这样你就可以检查结果,以确定uid / gid和euid / egid是什么。 You will probably find it's not actually running as the user you think it is. 您可能会发现它实际上并不像您认为的那样运行。
My first guess, like Troels, was also SELinux, but that would only be my guess if you are absolutely sure the script through Apache is running with exactly the same user/group as your manual test. 我的第一个猜测,比如Troels,也是SELinux,但如果您完全确定通过Apache运行的脚本与手动测试完全相同的用户/组,那只会是我的猜测。
解决方案5
0 2008-09-28 08:53:26
Well, thanks to all who answered the question. 好吧,感谢所有回答这个问题的人。 Anyway, I think I solved the mistery. 无论如何,我想我解决了这个问题。
SELinux is completely disabled on the machine, so the problem is definitely in 'svn co' not being able to found config_dir for the user account it runs under. SELinux在机器上被完全禁用,因此问题肯定是'svn co'无法为其运行的用户帐户找到config_dir。
Apache / mod_python doesn't read in shell environment of the user account which apache is running on. Apache / mod_python不会在运行apache的用户帐户的shell环境中读取。 Thus for examle no $HOME is seen by mod_python when apache is running under some real user ( not nobody ) 因此,对于例如当apache在某个真实用户(不是没有人)下运行时,mod_python看不到$ HOME
Now 'svn co' has a flag --config-dir which points to configuration directory to read params from. 现在'svn co'有一个标志--config-dir,它指向配置目录以读取params。 By default it is $HOME/.subversion, ie it corresponds to the user account home directory. 默认情况下它是$ HOME / .subversion,即它对应于用户帐户主目录。 Apparently when no $HOME exists mod_python goes to root home dir ( /root) and tries to fiddle with .subversion content over there - which is obviously fails miserably. 显然,当没有$ HOME存在时,mod_python会转到root home dir(/ root)并尝试在那里摆弄.subversion内容 - 这显然是失败的。
putting 把
SetEnv HOME /home/qa SetEnv HOME / home / qa
into the /etc/httpd/conf/httpd.conf doesn't solve the problem because of SetEnv having nothing to do with shell environment - it only sets apache related environment 进入/etc/httpd/conf/httpd.conf并没有解决问题,因为SetEnv与shell环境无关 - 它只设置apache相关的环境
Likewise PythonOption - sets only mod_python related variables which can be read with req.get_options() after that 同样,PythonOption - 只设置与mod_python相关的变量,之后可以使用req.get_options()读取
Running 'svn co --config-dir /home/ ...' definitely gives a workaround for running from within mod_python, but gets in the way of those who will try to run the script from command line. 运行'svn co --config-dir / home / ...'肯定会提供从mod_python内部运行的解决方法,但会妨碍那些尝试从命令行运行脚本的人。
So the proposed ( and working) solution is to set HOME environment variable prior to starting appache. 因此,提出的(和工作)解决方案是在启动appache之前设置HOME环境变量。
For example in /etc/init.d/httpd script 例如在/etc/init.d/httpd脚本中
QAHOME=/home/qa
...
HOME=$QAHOME LANG=$HTTPD_LANG daemon $httpd $OPTIONS
解决方案6
0 2010-06-23 21:02:18
What is happening is apache is being started with the environment variables of root, so it thinks that it should find its config files in /root/. 发生了什么是apache正在使用root的环境变量启动,所以它认为它应该在/ root /中找到它的配置文件。 This is NOT the case. 不是这种情况。 what happens is if you do sudo apache2ctl start, it pulls your $HOME variable from the sudo $HOME=/root/ 会发生什么,如果你做sudo apache2ctl start,它会从sudo $ HOME = / root /中提取你的$ HOME变量
I have just found a solution to this problem myself (although with mod_perl, but same thing) 我自己刚刚找到了这个问题的解决方案(虽然使用mod_perl,但同样的事情)
run this command (if its apache 1, remove the 2): 运行此命令(如果其apache 1,删除2):
sudo /etc/init.d/apache2 stop
sudo /etc/init.d/apache2 start
When /etc/init.d/apache2 starts apache, it sets all the proper environment variables that apache should be running under. 当/etc/init.d/apache2启动apache时,它会设置apache应该运行的所有适当的环境变量。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.