Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

HgWebDir push permission denied error

Tags:

mercurial

I have a new Fedora 12 server that I am attempting to set up Mercurial on. I have yum installed mercurial, and most things seem to work fine. However, after setting up hgwebdir.cgi through apache, I am unable to do an hg push to the only repo currently being hosted. The error I get back is:

searching for changes
abort: HTTP Error 500: Permission denied: .hg/store/lock

httpd is running as user apache

UID        PID  PPID  C STIME TTY          TIME CMD
root      1691     1  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1694  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1695  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1696  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1697  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1698  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1699  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1700  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd
apache    1701  1691  0 13:19 ?        00:00:00 /usr/sbin/httpd

and I set permissions so that the apache user owns the whole repo and everything. In a last ditch attempt, I even made the repo globally writable.

[root@builds .hg]# ll
total 424K
drwxrwxrwx.  3 apache apache 4.0K 2010-04-19 14:43 .
drwxrwxrwx. 19 apache apache 4.0K 2010-04-15 13:33 ..
-rw-rw-rw-.  2 apache apache   57 2010-04-13 11:42 00changelog.i
-rw-rw-rw-.  1 apache apache   93 2010-04-16 15:33 branchheads.cache
-rw-rw-rw-.  1 apache apache 192K 2010-04-15 13:33 dirstate
-rw-r--r--.  1 apache apache  156 2010-04-19 14:43 hgrc
-rw-rw-rw-.  1 apache apache   42 2010-04-15 13:33 last-message.txt
-rw-rw-rw-.  2 apache apache   23 2010-04-13 11:42 requires
drwxrwxrwx.  4 apache apache 4.0K 2010-04-19 11:26 store
-rw-rw-rw-.  1 apache apache   45 2010-04-14 14:08 tags.cache
-rw-rw-rw-.  1 apache apache    7 2010-04-16 15:33 undo.branch
-rw-rw-rw-.  1 apache apache 192K 2010-04-16 15:33 undo.dirstate
[root@builds .hg]# cd store
[root@builds store]# ll
total 308K
drwxrwxrwx.  4 apache apache 4.0K 2010-04-19 11:26 .
drwxrwxrwx.  3 apache apache 4.0K 2010-04-19 14:43 ..
-rw-rw-rw-.  1 apache apache  20K 2010-04-16 15:33 00changelog.i
-rw-rw-rw-.  1 apache apache  81K 2010-04-16 15:33 00manifest.i
drwxrwxrwx. 17 apache apache 4.0K 2010-04-13 11:47 data
drwxrwxrwx.  3 apache apache 4.0K 2010-04-13 11:43 dh
-rw-rw-rw-.  2 apache apache 177K 2010-04-15 11:03 fncache
-rw-rw-rw-.  1 apache apache   67 2010-04-16 15:33 undo

I have a clone of the repo elsewhere on the machine running as a different user. If I set the the default value in the [paths] section of the clones hgrc file to the local filepath on the server, the push works fine, but if I switch it to use the url, I get the error every time.

Some possible quirks in how I've set this up... hgwebdir.cgi is sitting in /var/www/cgi-bin and the repo is a child of /opt/hg. I turned off suexec as well, and this doesn't seem to clear up the issue. The only line I added in the apache config to get hgwebdir running is:

ScriptAlias /hg "/var/www/cgi-bin/hgwebdir.cgi"

The hgweb.config is also in /var/www/cgi-bin and it's contents are:

[collections]
/opt/hg = /opt/hg

[trusted]
users = *

[web]
baseurl = /hg
push_ssl = false
allow_push = *

The repo browser is working fine, it's just push that doesn't work. Apache error_log doesn't have anything in about this error at all.

like image 724
Gregg Avatar asked Apr 19 '10 22:04

Gregg


3 Answers

For me it was the permissions were set wrong on the server. A chown -R www-data /path/to/repo (on the server) fixed it all up for me... maybe this is different for you. Good luck.

like image 102
Jasper Avatar answered Dec 27 '22 03:12

Jasper


I had a similar problem on Ubuntu. The problem stopped when I loosened the permissions on the .hg directory.

I did a chmod -R 777 .hg from the repo directory. After that, everything worked. I still need to play around to find the minimally permissive option that permits pushes, but this works on our internal dev server.

like image 21
Ross McFarlane Avatar answered Dec 27 '22 04:12

Ross McFarlane


Instead of 777, with the webserver running under the group apache, and your repositories in /opt/hg:

Execute sudo chown :apache /opt/hg -R to add the repositories to the apache group and sudo chmod g+w /opt/hg -R to give write access to the group. This way you just give enough permissions.

BTW under Ubuntu the apache process runs under www-data instead of apache.

like image 32
svandragt Avatar answered Dec 27 '22 04:12

svandragt