On 09/22/2015 08:37 PM, Matthew Saltzman wrote:
On Tue, 2015-09-22 at 19:21 +0100, Trevor Hemsley wrote:
On 22/09/15 18:50, Matthew Saltzman wrote:
for pid file '/var/www/svn/FlopC++/subgit/daemon.pid
Probably not the best location for a pid file. I'd suspect that write access to anything under /var/www is disallowed. Can you not move it to /var/run?
*I* can't. It's hard-coded in a compiled executable. I could make that recommendation to the Subgit folks. I suspect they may do that because they know for sure where the directory they are executing from is, but they may not feel they have a guarantee that /var/run is available in every *nix distribution.
We can label /var/www/svn/FlopC++/subgit for example if it is owned by a package.
The main gole is we need to get AVCs. Try to re-test it and run
#ausearch -m avc,user_avc -ts recent
On the other hand, the Subversion repositories themselves are in /var/www/svn and interacting with them works fine (including writes), modulo this issue.
Trevor