On Dec 15, 2009, at 23:35, DEVELA Brent wrote:
> Ryan Schmidt wrote:
>
>> On Dec 15, 2009, at 04:14, DEVELA Brent wrote:
>>
>>> I've created my very first hook and what it does is that a Python script
>>> calls a java jar file which then creates a file writes something into it.
>>> When it is run as a hook, I am getting a Permission Denied error. The
>>> script runs perfectly when its directly run using the command line. Any
>>> help will be appreciated. How do I get around this security issue? The SVN
>>> resides on a Linux box.
>>
>> How is your repository served -- via apache? or svnserve? As what user is
>> that process running? Does that user have permission to write to the place
>> where your jar is creating its file?
>>
> Thanks for the reply, My repository is served via apache and the user
> running it is www-data. And yes, the user does have rights in the folder.
> Here's the code I'm trying to run with the contents of the output.txt file
> from the python code.
>
> Python code:
>
> log_cmd='java -jar -Duser.home=/var/www
> /tmp/integrationtestscript-1.0-SNAPSHOT.jar'
> import os
> output = os.popen(log_cmd, 'r').read()
> ofile = open('/tmp/output.txt','w')
> ofile.write(output)
> ofile.close()
>
> JAVA code:
>
> package integrationtestscript;
>
> import com.ibatis.common.jdbc.ScriptRunner;
> import java.io.*;
> import java.sql.SQLException;
> import com.mysql.jdbc.ConnectionImpl;
>
> public class App {
> public static void main(String[] args) {
>
> try {
> System.out.println("Hello World!");
>
> File f;
> f=new File("/tmp/myfile.txt");
> if(!f.exists()){
> f.createNewFile();
> System.out.println("New file \"myfile.txt\" has been created
> to the current directory");
> }
>
> System.out.println("Exit");
> System.exit(0);
> } catch (Exception ex) {
> System.out.println(ex.getMessage());
> }
> }
> }
>
> Contents of /tmp/Output.txt after execution as a pre-commit hook.
>
> Hello World!
> Permission denied
So the Python hook script can run, can call the Java code, and can write its
output to /tmp/output.txt. But the Java code cannot create /tmp/myfile.txt.
Does /tmp/myfile.txt already exist, and if so, are its permissions and
ownership such that www-data can write to it?
Another possibility: is SELinux enabled? If so, you may need to configure
additional things.
