2

While setting up mod_dav_svn on Apache 2.2.x on shared hosting, I've ran into some trouble. The main problem is that most of the vhosts use their own user/group, websiteX:clientX, and the svn repository files are owned by this user, with just read/write rights for this specific user, none on group/world.

The problem is that when I explicitly specify SuexecUserGroup in the vhost file, it's simply ignored by mod_dav_svn. The alternative would of course be to use the User/Group directive, but since apache 2.2.0 you can only set this system-wide, which is no option for the few sites and controlpanels running without suexec...

Do I have any alternatives, besides loosening the permissions (which I'd rather not)?

Leftblank
  • 33
  • 3

1 Answers1

1

SuexecUserGroup is an option that affects the execution of CGI scripts, not every operation that the vhost performs with regards to processes and files. mod_dav_svn runs with the credentials of the main http user.

Your best option would be to run a purpose-built apache with just mod_dav_svn running under the user and group you wish (with a low number of workers) and reverse proxy to it from the main Apache on your site.

I would say that you're not likely to have the ability to do this on shared hosting, but you do say that you have the ability to override the user and group, so perhaps your provider gives you a level of control more akin to a VPS. If that's the case, the above technique may work for you.

James F
  • 6,689
  • 1
  • 26
  • 24