1

I want to do SVN update easier - with calling PHP script.

I created PHP script:

$cmd = "svn update  https://___/svn/website /var/www/html/website/ 2>&1";
exec($cmd, $out);

As the user running the script is apache (not root), I get some permission errors.

If I change the owner of every directory to apache (or chrown everything to 777) I have another problem. Because I use https protocol user apache should permanently accept certificate of the svn server. I tried to do "su - apache" and accept certificate but OS says that "apache" is not valid user. I also dont know how could I accept certificate with exec() function.

Any idea? How can I make svn update-ing easier?

Improve this question
0

3 Answers 3

Reset to default
3

Is the error telling you that the user isn't a valid svn user? If apache is the user running httpd, you should be able to su to it. This is the script I use:

/usr/bin/svn --config-dir=/home/user/.subversion --username=svnuser --password=svnpass update

once the password is saved you can remove it from the command. Again, make sure the user/pass above is a valid SVN user.

Lately I've actually migrated to using Hudson for svn updates as you can schedule it as well as run manually and do a bunch of other tasks, plus you can view the svn logs for each commit as well as any console errors.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I manually changed /etc/passwd file for apache user (changing /sbin/nologin to /bin/bash). Than I was able to do "su - apache" and store certificates on the server. The only thing to do then is to use --config-dir option like ldg mentions above .. Thanks!
2

Why not use php svn functions instead of (insecure) exec?

http://www.php.net/manual/en/function.svn-auth-set-parameter.php has good examples for authentification options.

Improve this answer

3 Comments

I will also try this option! Tnx
@stefgosselin How would you go about displaying error messages encountered after executing svn_update, svn_commit, etc.? With exec() I don't have an issue getting and displaying exactly what went wrong. Any suggestions?
@nimph Unfortunately as you probably already saw, the svn_ functions return rev. number on success, false on failure. I don't know if you are religious, these functionsare to be used on 'faith' that svn is quite robust. if setup properly it should work fine, as long as your script has a proper connexion and proper credentials to the server.
1

Use getent apache on the shell. This will return the shell of apache. Most likely, it is /bin/nologin or /bin/false. Change this to /bin/bash. You'll also need to specify the home directory and create it on the file system.

UPDATE: getent apache will actually return the entry in the /etc/passwd file for the apache user. The last token in this string is the shell.

Improve this answer

4 Comments

getent returned nothing. I manually changed /etc/passwd file for apache user.
I manually changed /etc/passwd file for apache user (for changing /sbin/nologin to /bin/bash). How do I specify home directory? Now I can do "su - apache" and update through svn but certificate is not stored even if I choose "permanently save certificate" ..
pass the --config-dir=/path/to/svnconfig argument both when you do it manually and in your script.
I didn't know about the --config-dir option. I would have actually created /home/apache and put it in the /etc/passwd file. But the config-dir option is definitely better.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.