We create the dedicated user and group svn and we change the permissions of our repository accordingly :
$ adduser --system --no-create-home --group svn
$ chown -R svn.svn /var/jails/svn/var/lib/svn
Then, we write the initialization script for launching the Subversion server
into the file /etc/init.d/svn. I've used the file
/etc/init.d/skeleton as a template and read the man page of
start-stop-daemon(8) to find all the needed options :
#! /bin/sh
DAEMON=/usr/bin/svnserve
NAME=svn
DESC="SVN Server"
OPTS="--daemon --threads --listen-port=3690 --root=/var/lib/svn"
CHROOT="/var/jails/svn"
USER=svn
GROUP=svn
test -x $DAEMON || exit 0
set -e
case "$1" in
start)
echo -n "Starting $DESC: $NAME"
start-stop-daemon --start --quiet \
--user $USER --chuid $USER:$GROUP \
--chroot $CHROOT \
--startas $DAEMON -- $OPTS
echo "."
;;
stop)
echo -n "Stopping $DESC: $NAME"
start-stop-daemon --stop --quiet \
--user $USER \
--startas $DAEMON
echo "."
;;
restart)
echo -n "Restarting $DESC: $NAME"
start-stop-daemon --stop --quiet \
--user $USER \
--startas $DAEMON \
--oknodo
sleep 1
start-stop-daemon --start \
--user $USER --chuid $USER:$GROUP \
--chroot $CHROOT \
--startas $DAEMON -- $OPTS
echo "."
;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|restart}" >&2
exit 1
;;
esac
exit 0
As you can see, I use the --chroot option to specify the location of the jail under which the process will chroot. The --chuid option allows us to run the Subversion server under the svn user and group.
We can test the script typing :
$ /etc/init.d/svn start
Starting SVN Server: svn.
$ /etc/init.d/svn stop
Stopping SVN Server: svn.
$ /etc/init.d/svn restart
Restarting SVN Server: svn.
The only thing left to do is to automate the launching of the server on the booting process of the machine. For this, I use a Debian utilitary program called update-rc.d. This program builds all the links for all the required runlevels :
$ update-rc.d svn defaults
To test it, I reboot the machine and check the process information :
$ shutdown -r now
$ ps -Ao "%p %y %x %U %c" | grep svn
24358 ? 00:00:00 svn svnserve
$ ls -la /proc/24358
total 0
dr-xr-x--- 3 svn uucp 0 Feb 15 22:15 .
dr-xr-xr-x 44 root root 0 Feb 15 05:31 ..
-r--r--r-- 1 svn uucp 0 Feb 15 22:15 cmdline
-r--r--r-- 1 svn uucp 0 Feb 15 22:15 cpu
lrwxrwxrwx 1 svn uucp 0 Feb 15 22:15 cwd -> /var/jails/svn
-r-------- 1 svn uucp 0 Feb 15 22:15 environ
lrwxrwxrwx 1 svn uucp 0 Feb 15 22:15 exe -> /var/jails/svn/usr/bin/svnserve
dr-x------ 2 svn uucp 0 Feb 15 22:15 fd
-r--r--r-- 1 svn uucp 0 Feb 15 22:15 maps
-rw------- 1 svn uucp 0 Feb 15 22:15 mem
lrwxrwxrwx 1 svn uucp 0 Feb 15 22:15 root -> /var/jails/svn
-r--r--r-- 1 svn uucp 0 Feb 15 22:15 stat
-r--r--r-- 1 svn uucp 0 Feb 15 22:15 statm
-r--r--r-- 1 svn uucp 0 Feb 15 22:15 status
We can see that the process svnserve is running under svn user with a root pointing to /var/jails/svn.
Mission accomplished!
Running Chrooted SVN on Debian Mini-HOWTO
0.1.0 - February 2005fbergeron@fbergeron.com