Getting Redmine integrated with svn while running passenger as user www-data

Posted on

Getting Redmine integrated with svn while running passenger as user www-data – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about apache-2.2, svn, phusion-passenger, redmine, www-data.

I’m having some problems getting passenger and svn to work in Redmine.

System

  • Ubuntu 12.04
  • Apache 2.2.22
  • PassengerRuby 1.9.1
  • Passenger 3.0.19

Problem

When I let Passenger do it’s normal user switching and run as www-data, svn integration doesn’t work.
I have made sure to enter an absolute path to svn (/usr/bin/svn) in configuration.yml, but when I go to Administration->Settings->Repositories there is a red exclamation icon next to the command. Also, when I create a new project and try to create a repository I get this error message

SCM command is not available. Please check settings on the
administration panel.

Now, if I instead let passenger run as my own user myusername svn works. This is not how it should be run though, as far as I know.

So my thinking is that is’s a permission problem somewhere, but I just can’t figure out where.

I have made sure that my self signed certificate is not causing problems by accepting it permanently while running svn as www-data like this:

sudo -u www-data -H svn --username mysvnusername info https://svn.mydomain.com/myrepo

This works correctly as far as I can see. It writes into /var/www/.subversion and when I run it again I’m not asked about the certificate.

Here is the relevant output of ps -ef:

UID      PID   PPID   C STIME TTY      TIME     CMD
root     16151     1  0 14:41 ?        00:00:00 /usr/sbin/apache2 -k start
root     16155 16151  0 14:41 ?        00:00:00 PassengerWatchdog
root     16158 16155  0 14:41 ?        00:00:02 PassengerHelperAgent
root     16160 16158  0 14:41 ?        00:00:00 Passenger spawn server
nobody   16165 16155  0 14:41 ?        00:00:00 PassengerLoggingAgent
www-data 16205     1  0 14:41 ?        00:00:04 Rack: /var/www/redmine
www-data 16391 16151  0 14:52 ?        00:00:01 /usr/sbin/apache2 -k start
www-data 16418 16151  0 14:53 ?        00:00:01 /usr/sbin/apache2 -k start
www-data 16427 16151  0 14:53 ?        00:00:01 /usr/sbin/apache2 -k start

To be clear here, the problem doesn’t seem to be the actual connection to the svn server, but a problem with www-data running the actual svn command.

Where should I look? What should I do?

Solution :

I solved this for now by adding a new system user and chown’ing the redmine application dir to the redmine user:

sudo adduser --system redmine  
sudo chown -R redmine:www-data /var/www/redmine  

Now the Redmine application is running as user redmine and svn works. Maybe this is also the best solution with regards to security?

Leave a Reply

Your email address will not be published. Required fields are marked *