Can't open file 'svn/repo/db/txn-current-lock': Permission denied

50
votes

I have set up a Linux Server and installed Apache and SVN and dav_svn on it. Now, when I try to upload to https://x.x.x.x:x/svn/repo with Tortoise SVN I get 

Can't open file '/server/svn/repo/db/txn-current-lock': Permission denied

I have Set up my SSL correctly (I can checkout, no problems, even remotely due to Port Forwarding).

I'm guessing this has to do with the Linux Ownership of the Repository folders, How must I set this/ what are the commands?

8
apachesvn
just to make sure this is the problem give a 777 on all. โ€“ Itay Moav -Malimovka
a 777? What do you mean? โ€“ wsd
@wsd ยป I updated my answer to include additional info related to permissions, since you seem puzzled about that. โ€“ John Feminella

8 Answers

67
votes

This is a common problem. You're almost certainly running into permissions issues. To solve it, make sure that the apache user has read/write access to your entire repository. To do that, chown -R apache:apache *, chmod -R 664 * for everything under your svn repository.

Also, see here and here if you're still stuck.

Update to answer OP's additional question in comments:

The "664" string is an octal (base 8) representation of the permissions. There are three digits here, representing permissions for the owner, group, and everyone else (sometimes called "world"), respectively, for that file or directory.

Notice that each base 8 digit can be represented with 3 bits (000 for '0' through 111 for '7'). Each bit means something:

  • first bit: read permissions
  • second bit: write permissions
  • third bit: execute permissions

For example, 764 on a file would mean that:

  • the owner (first digit) has read/write/execute (7) permission
  • the group (second digit) has read/write (6) permission
  • everyone else (third digit) has read (4) permission

Hope that clears things up!

13
votes

It's permission problem. It is not "classic" read/write permissions of apache user, but selinux one.

Apache cannot write to files labeled as httpd_sys_content_t they can be only read by apache.

You have 2 possibilities:

  1. label svn repository files as httpd_sys_content_rw_t:

    chcon -R -t httpd_sys_content_rw_t /path/to/your/svn/repo

  2. set selinux boolean httpd_unified --> on

    setsebool -P httpd_unified=1

I prefer 2nd possibility. You can play also with other selinux booleans connected with httpd:

getsebool -a | grep httpd
3
votes

I also had this problem recently, and it was the SELinux which caused it. I was trying to have the post-commit of subversion to notify Jenkins that the code has change so Jenkins would do a build and deploy to Nexus.

I had to do the following to get it to work.

1) First I checked if SELinux is enabled:

    less /selinux/enforce

This will output 1 (for on) or 0 (for off)

2) Temporary disable SELinux:

    echo 0 > /selinux/enforce

Now test see if it works now.

3) Enable SELinux:

    echo 1 > /selinux/enforce

Change the policy for SELinux.

4) First view the current configuration:

    /usr/sbin/getsebool -a | grep httpd

This will give you: httpd_can_network_connect --> off

5) Set this to on and your post-commit will work with SELinux:

    /usr/sbin/setsebool -P httpd_can_network_connect on

Now it should be working again.

2
votes

for example on debian

sudo gpasswd -a svn-admin www-data
sudo chgrp -R www-data svn/
sudo chmod -R g=rwsx svn/
0
votes

I just had this problem

  1. Having multiple user using the same repo caused the problem
  2. Logout evey other user using the repo

Hope this helps

0
votes

In addition to the repository permissions, the /tmp directory must also be writeable by all users.

0
votes

3 Steps you can follow

  1. chmod -R 775 <repo path>  
---> change permissions of repository

  2. chown -R apache:apache <repo path>  
---> change owner of svn repository

  3. chcon -R -t httpd_sys_content_t <repo path>  
----> change SELinux security context of the svn repository
-1
votes

Try to disable SELinux by this command /usr/sbin/setenforce 0. In my case it solved the problem.