Permission Denied Error on Pre-commit Java hook

2009-12-15 Thread DEVELA Brent 
Hello Everyone,

This is my very first post in this mailing list and I have a 
rather simple question. I've created my very first hook and what it does is 
that a Python script calls a java jar file which then creates a file writes 
something into it. When it is run as a hook, I am getting a Permission Denied 
error. The script runs perfectly when its directly run using the command line. 
Any help will be appreciated. How do I get around this security issue? The SVN 
resides on a Linux box.

Thanks,

Brent

RE: Permission Denied Error on Pre-commit Java hook

2009-12-15 Thread DEVELA Brent 
Hi Ryan,

Thanks for the reply, My repository is served via apache and the user 
running it is www-data. And yes, the user does have rights in the folder. 
Here's the code I'm trying to run with the contents of the output.txt file from 
the python code.

Python code: 

log_cmd='java -jar -Duser.home=/var/www 
/tmp/integrationtestscript-1.0-SNAPSHOT.jar'
import os
output = os.popen(log_cmd, 'r').read()
ofile = open('/tmp/output.txt','w')
ofile.write(output)
ofile.close()

JAVA code: 

package integrationtestscript;

import com.ibatis.common.jdbc.ScriptRunner;
import java.io.*;
import java.sql.SQLException;
import com.mysql.jdbc.ConnectionImpl;

public class App {
public static void main(String[] args) {

try {
System.out.println("Hello World!");

File f;
f=new File("/tmp/myfile.txt");
if(!f.exists()){
f.createNewFile();
System.out.println("New file \"myfile.txt\" has been created to 
the current directory");
}

System.out.println("Exit");
System.exit(0);
} catch (Exception ex) {
System.out.println(ex.getMessage());
}
}
}

Contents of /tmp/Output.txt after execution as a pre-commit hook.

Hello World!
Permission denied


Regards,

Brent


-Original Message-
From: Ryan Schmidt [mailto:subversion-20...@ryandesign.com] 
Sent: Tuesday, December 15, 2009 10:02 PM
To: DEVELA Brent
Cc: 'users@subversion.apache.org'
Subject: Re: Permission Denied Error on Pre-commit Java hook


On Dec 15, 2009, at 04:14, DEVELA Brent wrote:

> I've created my very first hook and what it does is that a Python script 
> calls a java jar file which then creates a file writes something into it. 
> When it is run as a hook, I am getting a Permission Denied error. The script 
> runs perfectly when its directly run using the command line. Any help will be 
> appreciated. How do I get around this security issue? The SVN resides on a 
> Linux box.

How is your repository served -- via apache? or svnserve? As what user is that 
process running? Does that user have permission to write to the place where 
your jar is creating its file?

RE: Permission Denied Error on Pre-commit Java hook

2009-12-16 Thread DEVELA Brent 


-Original Message-
From: Ryan Schmidt [mailto:subversion-20...@ryandesign.com] 
Sent: Wednesday, December 16, 2009 4:48 PM
To: DEVELA Brent
Cc: 'users@subversion.apache.org'
Subject: Re: Permission Denied Error on Pre-commit Java hook

On Dec 15, 2009, at 23:35, DEVELA Brent wrote:

> Ryan Schmidt wrote:
> 
>> On Dec 15, 2009, at 04:14, DEVELA Brent wrote:
>> 
>>> I've created my very first hook and what it does is that a Python script 
>>> calls a java jar file which then creates a file writes something into it. 
>>> When it is run as a hook, I am getting a Permission Denied error. The 
>>> script runs perfectly when its directly run using the command line. Any 
>>> help will be appreciated. How do I get around this security issue? The SVN 
>>> resides on a Linux box.
>> 
>> How is your repository served -- via apache? or svnserve? As what user is 
>> that process running? Does that user have permission to write to the place 
>> where your jar is creating its file?
>> 
>   Thanks for the reply, My repository is served via apache and the user 
> running it is www-data. And yes, the user does have rights in the folder. 
> Here's the code I'm trying to run with the contents of the output.txt file 
> from the python code.
> 
> Python code: 
> 
> log_cmd='java -jar -Duser.home=/var/www 
> /tmp/integrationtestscript-1.0-SNAPSHOT.jar'
> import os
> output = os.popen(log_cmd, 'r').read()
> ofile = open('/tmp/output.txt','w')
> ofile.write(output)
> ofile.close()
> 
> JAVA code: 
> 
> package integrationtestscript;
> 
> import com.ibatis.common.jdbc.ScriptRunner;
> import java.io.*;
> import java.sql.SQLException;
> import com.mysql.jdbc.ConnectionImpl;
> 
> public class App {
>public static void main(String[] args) {
> 
>try {
>System.out.println("Hello World!");
> 
>File f;
>f=new File("/tmp/myfile.txt");
>if(!f.exists()){
>f.createNewFile();
>System.out.println("New file \"myfile.txt\" has been created 
> to the current directory");
>}
> 
>System.out.println("Exit");
>System.exit(0);
>} catch (Exception ex) {
>System.out.println(ex.getMessage());
>}
>}
> }
> 
> Contents of /tmp/Output.txt after execution as a pre-commit hook.
> 
> Hello World!
> Permission denied

So the Python hook script can run, can call the Java code, and can write its 
output to /tmp/output.txt. But the Java code cannot create /tmp/myfile.txt. 
Does /tmp/myfile.txt already exist, and if so, are its permissions and 
ownership such that www-data can write to it?

Another possibility: is SELinux enabled? If so, you may need to configure 
additional things.


Ryan,

Your solution worked. I changed the ownership of the file. It's running 
smoothly now. I did not have to configure SELinux because it was not installed 
in the first place. Thank you very much! 

Thanks,

Brent