From 93cc2385c9552bbf5c5a31991505d6afd0ac2e94b59556d74de81b9b2f80d78a Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Mon, 20 May 2013 21:00:10 +0000 Subject: [PATCH 1/2] Accepting request 176189 from home:AndreasStieger:branches:devel:tools:scm:svn - add systemd support for svnserve - package now contains user and group svn - adjust and extend README.SuSE to cover a quickstart with both mod_dav_svn and svnserve, mention the user/group requirement for parallel operation and make text more compact by referencing the template config file [bnc#781980] OBS-URL: https://build.opensuse.org/request/show/176189 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm:svn/subversion?expand=0&rev=118 --- subversion.README.SuSE | 327 +++++++++++++++------------------- subversion.changes | 10 ++ subversion.conf | 29 ++- subversion.spec | 43 +++++ subversion.sysconfig.svnserve | 18 +- svnserve.service | 14 ++ svnserve.tmpfiles | 1 + 7 files changed, 242 insertions(+), 200 deletions(-) create mode 100644 svnserve.service create mode 100644 svnserve.tmpfiles diff --git a/subversion.README.SuSE b/subversion.README.SuSE index d229714..771c4ff 100644 --- a/subversion.README.SuSE +++ b/subversion.README.SuSE @@ -1,220 +1,175 @@ +Quickstart document for Apache Subversion on openSUSE. + +For the full documentation, install the package subversion-doc and see +/usr/share/doc/packages/subversion/html/book/svn-book.html +An online version can be found at http://svnbook.red-bean.com/ + Topics: -1. backup and restore your repository data -2. create svn user/group for svnserve -3. mini-howto for 2 projects -4. quickstart for mod_dontdothat +1. mini-howto +2. allowing anonymous read access +3. serving several repositories with SVNParentPath +4. serving the repositories at "/" +5. running svnserve +6. quickstart for mod_dontdothat ================================================================================ -1. backup and restore your repository data +1. mini-howto -subversion repositories use either the Berkeley Database system libraries, -or the FSFS database format which comes with the subversion package. -Since the BDB system libraries often introduce a new incompatible format during -version upgrade, a backup/restore of all the subversion repositories must be -performed _BEFORE_ doing such a system upgrade. -'svnadmin dump' will write the repository to stdout in a 'dumpfile' format. -This dumpfile can be loaded later with 'svnadmin load'. +To run a subversion server, you need to configure apache2 to load two modules: +mod_dav and mod_dav_svn. - -2. create svn user/group for svnserve - -subversion repositories can be served either via http, or via the svnserve -daemon and a special network protocol. svnserve should not run as root user. -The startup script rcsvnserve expects a user/group named 'svn', configureable -via /etc/sysconfig/svnserve. - -But this user/group must be created before first use: - - groupadd svn - useradd -d /srv/svn -s /bin/false -g svn svn - - -3. mini-howto for 2 projects - -To run a subversion server, you need to configure apache2 to load two apache2 -modules: mod_dav and mod_dav_svn. (mod_dav is needed by mod_dav_svn, it is -installed together with apache2.) - -This is done by adding the dav and dav_svn modules to the apache2 configuration -(a2enmod dav; a2enmod dav_svn), and restarting the server. + zypper in subversion-server + a2enmod dav + a2enmod dav_svn A default/example configuration of the dav_svn module can be found in -/etc/apache2/conf.d/subversion.conf. With more recent apache -packages, this configuration is *not* loaded automatically by -the apache server, since many people configure virtual hosts -and it is unlikely that the repositories shall be available -from any virtual host. To load the configuration for a certain -virtual host, add - Include /etc/apache2/conf.d/subversion.conf -or - Include /path/to/your_subversion_configuration -in the respective virtual host configuration. This *may* be done in the default -virtual host (/etc/apache2/default-server.conf). +/etc/apache2/conf.d/subversion.conf. The current default configuration +automatically includes this file the default server configuration. +Create some directories to contain the repositories and other files: + mkdir -p /srv/svn/repos + mkdir -p /srv/svn/user_access + mkdir -p /srv/svn/html -Minihowto: +Edit /etc/apache2/conf.d/subversion.conf and uncomment the desired sections. +The first section "project related HTML files" is optional and will allow you +to return some static content when /repos is accessed alone. If you do not need +this, discard this section. -The plan: +If instead you wish to show a list of repositories, set "SVNListParentPath on" +later. See for details: +http://svnbook.red-bean.com/en/1.7/svn.serverconfig.httpd.html#svn.serverconfig.httpd.extra.browsing.reposlisting -host 2 source projects with subversion -both must have anonymous read access -both must have limited write access for a few users -they are accessed only via HTTP, not (!) locally -they will be reachable via: +The section following that will configure a repository to be served out of +the path /srv/svn/repos/myproject1. Note that the location "/repo/myproject1" +and "SVNPath" is specified explicitly, see section 3 for an alternative. - http://hostname/repos/project1 - http://hostname/repos/project2 +To create the repository itself: -Both will have the official version of the source tree and our modified -version for the distribution. Projects in question are: -project1 -project2 - -The realisation: - -find a machine to host the projects. Keep backup (and restore!) in mind -when hunting for hardware. - -install needed packages -(you might check for update packages on -ftp://ftp.suse.com/pub/projects/apache/ ) - -rpm -Uvh \ - apache2 \ - apache2-doc \ - apache2-prefork \ - libapr1 \ - libapr-util1 \ - neon \ - subversion \ - subversion-doc \ - subversion-server - - - -# Update /etc/sysconfig/apache2 by -# adding 'dav dav_svn' to $APACHE_MODULES: -a2enmod dav -a2enmod dav_svn - -create a few directories: -mkdir -p /srv/svn/repos -mkdir -p /srv/svn/user_access -mkdir -p /srv/svn/html - -Add the http repository data to /etc/apache2/conf.d/subversion.conf: -#------------------------------------------------------------------------ -# -# project related HTML files -# - -Alias /repos "/srv/svn/html" - - - Options +Indexes +Multiviews -FollowSymLinks - IndexOptions FancyIndexing \ - ScanHTMLTitles \ - NameWidth=* \ - DescriptionWidth=* \ - SuppressLastModified \ - SuppressSize - - order allow,deny - allow from all - - - -# project repository files for project1 - - DAV svn - SVNPath /srv/svn/repos/project1 - - # Limit write access to certain people - AuthType Basic - AuthName "Authorization for project1 required" - AuthUserFile /srv/svn/user_access/project1_passwdfile - AuthGroupFile /srv/svn/user_access/project1_groupfile - - Require group project1_committers - - - # Limit read access to certain people - - Require group project1_committers - Require group project1_readers - - - - -# project repository files for project2 - - DAV svn - SVNPath /srv/svn/repos/project2 - - # Limit write permission to list of valid users. - - # Require SSL connection for password protection. - # SSLRequireSSL - - AuthType Basic - AuthName "Authorization for project2 required" - AuthUserFile /srv/svn/user_access/project2_passwdfile - Require valid-user - - -#------------------------------------------------------------------------ - -create the repositories itself: -cd /srv/svn/repos -svnadmin create project1 -chown -R wwwrun:www project1/{dav,db,locks} -svnadmin create project2 -chown -R wwwrun:www project2/{dav,db,locks} + cd /srv/svn/repos + svnadmin create project1 + chown -R wwwrun:www project1/{db,locks} +If using svnserve is not planned, /srv/svn/repos may be owned by wwrun:www. +Otherwise see instruction in the svnserve section on how to use the user and +group svn. The webserver must be (re)started: -rcapache2 restart -Now create the user access files: -project1 is a restricted project. -read access requires a password -write access is limited to a few users -touch /srv/svn/user_access/project1_passwdfile -chown root:www /srv/svn/user_access/project1_passwdfile -chmod 640 /srv/svn/user_access/project1_passwdfile + rcapache2 restart -htpasswd2 /srv/svn/user_access/project1_passwdfile olaf -htpasswd2 /srv/svn/user_access/project1_passwdfile olh +To create the user access files: -this is the group file for project1: -/srv/svn/user_access/project1_groupfile -content: -project1_committers: olh -project1_readers: olaf olh + touch /srv/svn/user_access/project1_passwdfile + chown root:www /srv/svn/user_access/project1_passwdfile + chmod 640 /srv/svn/user_access/project1_passwdfile -project2 is world readable, but only a few can commit to the sources. -touch /srv/svn/user_access/project2_passwdfile -chown root:www /srv/svn/user_access/project2_passwdfile -chmod 640 /srv/svn/user_access/project2_passwdfile -htpasswd2 /srv/svn/user_access/project2_passwdfile olaf + htpasswd2 /srv/svn/user_access/project1_passwdfile user1 + htpasswd2 /srv/svn/user_access/project1_passwdfile user2 -You should be able to connect to the server: -http://host/repos/project2 -http://host/repos/project1 +Create the group file for project1: + /srv/svn/user_access/project1_groupfile -Now import the data, e.g. -svn import /path/to/project2-tree http://host/repos/project2 + project1_committers: user2 + project1_readers: user1 user2 +You can test access by: + svn info http://127.0.0.1/repos/project1 +================================================================================ +2. allowing anonymous read access -4. quickstart for mod_dontdothat +To allow anonymous read access, remove the section and move the +three Auth* statements into the section. + +================================================================================ + +3. serving several repositories with SVNParentPath + +When serving several repositories, instead of specifying each location with +SVNPath in a separate location, you can use SVNParentPath with a single location. +Change the directive form the template to start with the following: + + + DAV svn + SVNParentPath /srv/svn/repos + SVNListParentPath on + +Do not forget to restart the apache service to make the configuration effective. + + service apache2 restart + +================================================================================ + +4. serving the repositories at "/" + +Include the configuration into the relevant vhost configuration. Uncomment the +section in the template files labeled 'Hosting svn at "/"' and adjust as required. +Note that this example uses "SVNParentPath" as given in the previous section. + +================================================================================ + +5. running svnserve + +Subversion repositories can be via the svnserve daemon and a special network +protocol. svnserve should not run as root user. The startup scripts expects a +user/group named 'svn', configureable via /etc/sysconfig/svnserve. + +The subversion package now creates a user and group svn. + +If you want to expose the repository via both svnserve and mod_dav_svn +(Apache httpd) in parallel, ensure that the apache user is part of the +svn group. + + usermod -A svn wwwrun + +This requires a restart of the apache2 service to become effective. + +Change the permissions to let the svn group write, and set the setgid flag +on the repositories. + + chown -R svn:svn /srv/svn/repos + chmod -R g+ws /srv/svn/repos + +Then proceed to create reposititories using svnadmin create described above. + +In either case, if using svnserve, ensure that the repositories are owned by +svn:svn. + +The settings files with the options passed to the daemon is is located in: + + /etc/sysconfig/svnserve + +To start, ensure proper ownership of repositories and run: + + service svnserve start + +For further information about multi-method repository access, see +http://svnbook.red-bean.com/en/1.7/svn.serverconfig.multimethod.html + +You can test repository access by: + + svn info svn://127.0.0.1/project1 + +Please note that by default, svnserve is configured to be started with -R, +meaning read-only access only. Remove to allow write access, after you have +configued access via + + /srv/svn/repos/repo1/conf/svnserve.conf + +To configue authentication for svnserve, see +http://svnbook.red-bean.com/en/1.7/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.auth + +================================================================================ + +6. quickstart for mod_dontdothat The apache module mod_dontdothat can be used to prevent users from causing high load on the server, e.g. checking out the root of the tree or the tags or @@ -227,7 +182,7 @@ Add configuration for the module, e.g. DAV svn - SVNParentPath /srv/svn/repositories/ + SVNParentPath /srv/svn/repos/ SVNListParentPath on # [...other configuration...] diff --git a/subversion.changes b/subversion.changes index 5bc1c2d..3da3cef 100644 --- a/subversion.changes +++ b/subversion.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Mon May 20 19:30:52 UTC 2013 - andreas.stieger@gmx.de + +- add systemd support for svnserve +- package now contains user and group svn +- adjust and extend README.SuSE to cover a quickstart with both + mod_dav_svn and svnserve, mention the user/group requirement for + parallel operation and make text more compact by referencing the + template config file [bnc#781980] + ------------------------------------------------------------------- Tue May 14 21:52:35 UTC 2013 - andreas.stieger@gmx.de diff --git a/subversion.conf b/subversion.conf index fa7b4b4..6fd8ca9 100644 --- a/subversion.conf +++ b/subversion.conf @@ -1,5 +1,7 @@ # Example configuration for a subversion repository -# see /usr/share/doc/packages/subversion for the full documentation +# Install the package subversion-doc and see +# /usr/share/doc/packages/subversion for the full documentation +# An online version can be found at http://svnbook.red-bean.com/ # @@ -28,17 +30,26 @@ # # DAV svn # SVNPath /srv/svn/repos/myproject1 - +# +# AuthType Basic +# AuthName "Authorization Realm" +# AuthUserFile /srv/svn/user_access/myproject1_passwdfile +# +# # Limit read access to certain people +# +# # uncomment to require SSL connection for password protection. +# # SSLRequireSSL +# Require group project1_committers +# Require group project1_readers +# +# # # Limit write permission to list of valid users. # -# # Require SSL connection for password protection. +# # uncomment to require SSL connection for password protection. # # SSLRequireSSL -# -# AuthType Basic -# AuthName "Authorization Realm" -# AuthUserFile /srv/svn/user_access/myproject1_passwdfile -# Require valid-user +# Require project1_committers # +# # ## @@ -73,7 +84,7 @@ # # # # DAV svn -# SVNParentPath /srv/svn/repositories/ +# SVNParentPath /srv/svn/repos/ # SVNListParentPath on # AuthType Basic # AuthName "subversion repository" diff --git a/subversion.spec b/subversion.spec index 1976a6a..fb249f0 100644 --- a/subversion.spec +++ b/subversion.spec @@ -45,6 +45,9 @@ %define with_bashcomp 1 %endif +%define svngroup svn +%define svnuser svn + Name: subversion Version: 1.7.9 Release: 0 @@ -63,6 +66,14 @@ BuildRequires: python-devel BuildRequires: python-xml BuildRequires: update-alternatives BuildRequires: zlib-devel +Requires(pre): pwdutils +# +%if 0%{?suse_version} > 1140 +BuildRequires: pkgconfig(systemd) +%{?systemd_requires} +%define has_systemd 1 +%endif +# %if %with_bashcomp BuildRequires: bash-completion %endif #with_bashcomp @@ -138,6 +149,8 @@ Source9: subversion.rcsvnserve Source10: subversion.sysconfig.svnserve Source12: subversion.sysconfig.svnserve.remoteaccess Source13: subversion.xinetd.svnserve +Source14: svnserve.service +Source15: svnserve.tmpfiles Source42: subversion.svngrep.sh Source43: subversion.svndiff.sh # https://people.apache.org/keys/group/subversion.asc @@ -582,6 +595,13 @@ install -m 755 -D %{S:9} $RPM_BUILD_ROOT/etc/init.d/svnserve ln -sv /etc/init.d/svnserve $RPM_BUILD_ROOT/usr/sbin/rcsvnserve install -m 644 -D %{S:10} $RPM_BUILD_ROOT/var/adm/fillup-templates/sysconfig.svnserve install -m 644 -D %{S:12} $RPM_BUILD_ROOT/%{_fwdefdir}/svnserve +%{__install} -d -m 0755 %{buildroot}/srv/svn +%if 0%{?has_systemd} +install -m 644 -D %{S:14} $RPM_BUILD_ROOT/%{_unitdir}/svnserve.service +%{__install} -d -m 0755 %{buildroot}/var/run/svnserve/ +%{__install} -d -m 0755 %{buildroot}/usr/lib/tmpfiles.d/ +%{__install} -m 0644 %{SOURCE15} %{buildroot}/usr/lib/tmpfiles.d/svnserve.conf +%endif #useless libtool stuff rm -f %{buildroot}%{_libdir}/*.la if [ "$with_jdk" != "" ] ; then @@ -743,16 +763,33 @@ kill -9 `cat "$HTTPD_PIDFILE" 2>/dev/null` %clean %__rm -rf "%{buildroot}" +%pre +getent group %{svngroup} >/dev/null || groupadd -r %{svngroup} +getent passwd %{svnuser} >/dev/null || useradd -r -g %{svngroup} -d /srv/svn -s /sbin/nologin -c "user for Apache Subversion svnserve" %{svnuser} +%if 0%{?has_systemd} +%service_add_pre svnserve.service +%endif + %preun %stop_on_removal svnserve +%if 0%{?has_systemd} +%service_del_preun svnserve.service +%endif %post %{fillup_and_insserv -n svnserve svnserve} +%if 0%{?has_systemd} +%service_add_post svnserve.service +systemd-tmpfiles --create /usr/lib/tmpfiles.d/svnserve.conf +%endif /sbin/ldconfig %postun %restart_on_update svnserve %{insserv_cleanup} +%if 0%{?has_systemd} +%service_del_postun svnserve.service +%endif /sbin/ldconfig %post -n subversion-python -p /sbin/ldconfig @@ -790,7 +827,13 @@ kill -9 `cat "$HTTPD_PIDFILE" 2>/dev/null` %attr(754,root,root) /etc/init.d/svnserve %attr(754,root,root) /usr/sbin/rcsvnserve /var/adm/fillup-templates/sysconfig.svnserve +%dir %attr(755,%{svnuser},%{svngroup}) /srv/svn %config %{_fwdefdir}/* +%if 0%{?has_systemd} +%{_unitdir}/svnserve.service +%ghost %dir %attr(755,%{svnuser},%{svngroup}) /var/run/svnserve +/usr/lib/tmpfiles.d/svnserve.conf +%endif # %attr(755,root,root) /usr/bin/svn %attr(755,root,root) /usr/bin/svnadmin diff --git a/subversion.sysconfig.svnserve b/subversion.sysconfig.svnserve index 62b5f43..73a7597 100644 --- a/subversion.sysconfig.svnserve +++ b/subversion.sysconfig.svnserve @@ -8,7 +8,7 @@ # The -R option enforces read-only access, i.e. write operations to the # repository (such as commits) will not be allowed. # Authentication should be configured before allowing write access. -# See http://svnbook.red-bean.com/en/1.5/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.auth +# See http://svnbook.red-bean.com/en/1.7/svn.serverconfig.svnserve.html#svn.serverconfig.svnserve.auth # SVNSERVE_OPTIONS="-d -R -r /srv/svn/repos" @@ -16,8 +16,12 @@ SVNSERVE_OPTIONS="-d -R -r /srv/svn/repos" ## Default "svn" # # svnserve should run as unprivileged user. -# The userid/groupid svn is not created during package install. -# Run 'groupadd svn; useradd -d /srv/svn -s /bin/false -g svn svn' to create the userid/groupid. +# If you want to expose the repository via both svnserve and mod_dav_svn +# (Apache httpd) in parallel, ensure that the apache user is part of the +# svn group and the setgid flag is set on the repositories +# usermod -A svn wwwrun +# chmod -R g+s /srv/svn/repos +# See http://svnbook.red-bean.com/en/1.7/svn.serverconfig.multimethod.html # SVNSERVE_USERID="svn" @@ -25,7 +29,11 @@ SVNSERVE_USERID="svn" ## Default "svn" # # svnserve should run as unprivileged user. -# The userid/groupid svn is not created during package install. -# Run 'groupadd svn; useradd -d /srv/svn -s /bin/false -g svn svn' to create the userid/groupid. +# If you want to expose the repository via both svnserve and mod_dav_svn +# (Apache httpd) in parallel, ensure that the apache user is part of the +# svn group and the setgid flag is set on the repositories +# usermod -A svn wwwrun +# chmod -R g+s /srv/svn/repos +# See http://svnbook.red-bean.com/en/1.7/svn.serverconfig.multimethod.html # SVNSERVE_GROUPID="svn" diff --git a/svnserve.service b/svnserve.service new file mode 100644 index 0000000..3c91fca --- /dev/null +++ b/svnserve.service @@ -0,0 +1,14 @@ +[Unit] +Description=Subversion protocol daemon +After=syslog.target network.target + +[Service] +Type=forking +EnvironmentFile=/etc/sysconfig/svnserve +User=svn +Group=svn +PIDFile=/var/run/svnserve/svnserve.pid +ExecStart=/usr/bin/svnserve --daemon --pid-file=/var/run/svnserve/svnserve.pid $SVNSERVE_OPTIONS + +[Install] +WantedBy=multi-user.target diff --git a/svnserve.tmpfiles b/svnserve.tmpfiles new file mode 100644 index 0000000..daec23a --- /dev/null +++ b/svnserve.tmpfiles @@ -0,0 +1 @@ +D /var/run/svnserve 0755 svn svn - From 33988ce29908ac8a6bdde4d254fbf09c34b356df82aff9531c816ecc78bad0e0 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Tue, 21 May 2013 19:50:08 +0000 Subject: [PATCH 2/2] Accepting request 176300 from home:AndreasStieger:branches:devel:tools:scm:svn - use svnserveautocheck.sh and davautocheck.sh for unit tests, greatly reducing complexity of spec file and adding support for running unit tests with httpd 2.4 in factory - add subversion-1.7.9-davautocheck-LD_LIBRARY_PATH.patch to not overwrite LD_LIBRARY_PATH in davautocheck.sh to make auth-test pass OBS-URL: https://build.opensuse.org/request/show/176300 OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm:svn/subversion?expand=0&rev=119 --- ...n-1.7.9-davautocheck-LD_LIBRARY_PATH.patch | 48 ++++++++++ subversion-tests-httpd-users | 2 - subversion-tests-httpd.conf.tmpl | 33 ------- subversion.changes | 10 +++ subversion.spec | 87 ++----------------- 5 files changed, 67 insertions(+), 113 deletions(-) create mode 100644 subversion-1.7.9-davautocheck-LD_LIBRARY_PATH.patch delete mode 100644 subversion-tests-httpd-users delete mode 100644 subversion-tests-httpd.conf.tmpl diff --git a/subversion-1.7.9-davautocheck-LD_LIBRARY_PATH.patch b/subversion-1.7.9-davautocheck-LD_LIBRARY_PATH.patch new file mode 100644 index 0000000..4afb054 --- /dev/null +++ b/subversion-1.7.9-davautocheck-LD_LIBRARY_PATH.patch @@ -0,0 +1,48 @@ +From: Andreas Stieger +Date: 2013-05-21 17:43:00 +0100 +Subject: [PATCH] do not clear LD_LIBRARY_PATH in davautocheck.sh +Upstream: merged +References: http://svn.apache.org/viewvc?view=revision&revision=1197065 + +During "make check", auth-test loads DSOs at runtime and cannot find them +unless LD_LIBRARY_PATH inlucdes subversion/libsvn_auth_kwallet/.libs and +/subversion/libsvn_auth_gnome_keyring/.libs. + +Adjust davautocheck.sh so that LD_LIBRARY_PATH is prepended to rather +than overwritten so that the spec file can set the required paths for +the auth-tests to pass. + +Actually then found to have been fixed in the trunk in r1197065. Required +for unit tests with 1.7.x but not 1.8.x + +--- + subversion/tests/cmdline/dav-mirror-autocheck.sh | 2 +- + subversion/tests/cmdline/davautocheck.sh | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +Index: subversion-1.7.9/subversion/tests/cmdline/dav-mirror-autocheck.sh +=================================================================== +--- subversion-1.7.9.orig/subversion/tests/cmdline/dav-mirror-autocheck.sh 2011-04-21 12:42:32.000000000 +0100 ++++ subversion-1.7.9/subversion/tests/cmdline/dav-mirror-autocheck.sh 2013-05-21 20:32:40.000000000 +0100 +@@ -323,7 +323,7 @@ fi + [ -r "$MOD_AUTHZ_SVN" ] \ + || fail "authz_svn_module not found, please use '--enable-shared --enable-dso --with-apxs' with your 'configure' script" + +-export LD_LIBRARY_PATH="$ABS_BUILDDIR/subversion/libsvn_ra_neon/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_local/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_svn/.libs" ++export LD_LIBRARY_PATH="$ABS_BUILDDIR/subversion/libsvn_ra_neon/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_local/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_svn/.libs:$LD_LIBRARY_PATH" + + MASTER_REPOS="${MASTER_REPOS:-"$HTTPD_ROOT/master_repos"}" + SLAVE_REPOS="${SLAVE_REPOS:-"$HTTPD_ROOT/slave_repos"}" +Index: subversion-1.7.9/subversion/tests/cmdline/davautocheck.sh +=================================================================== +--- subversion-1.7.9.orig/subversion/tests/cmdline/davautocheck.sh 2012-05-13 05:03:03.000000000 +0100 ++++ subversion-1.7.9/subversion/tests/cmdline/davautocheck.sh 2013-05-21 20:32:40.000000000 +0100 +@@ -198,7 +198,7 @@ fi + [ -r "$MOD_AUTHZ_SVN" ] \ + || fail "authz_svn_module not found, please use '--enable-shared --enable-dso --with-apxs' with your 'configure' script" + +-export LD_LIBRARY_PATH="$ABS_BUILDDIR/subversion/libsvn_ra_neon/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_local/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_svn/.libs" ++export LD_LIBRARY_PATH="$ABS_BUILDDIR/subversion/libsvn_ra_neon/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_local/.libs:$ABS_BUILDDIR/subversion/libsvn_ra_svn/.libs:$LD_LIBRARY_PATH" + + case "`uname`" in + Darwin*) LDD='otool -L' diff --git a/subversion-tests-httpd-users b/subversion-tests-httpd-users deleted file mode 100644 index 040f91f..0000000 --- a/subversion-tests-httpd-users +++ /dev/null @@ -1,2 +0,0 @@ -jrandom:xCGl35kV9oWCY -jconstant:xCGl35kV9oWCY diff --git a/subversion-tests-httpd.conf.tmpl b/subversion-tests-httpd.conf.tmpl deleted file mode 100644 index 804baaf..0000000 --- a/subversion-tests-httpd.conf.tmpl +++ /dev/null @@ -1,33 +0,0 @@ -Listen 127.0.0.1:REPLACE_PORT -ServerName tests.example.com -ErrorLog ./error_log -PidFile ./httpd.pid -LoadModule auth_basic_module REPLACE_APACHE_LIBEXECDIR/mod_auth_basic.so -LoadModule authn_file_module REPLACE_APACHE_LIBEXECDIR/mod_authn_file.so -LoadModule alias_module REPLACE_APACHE_LIBEXECDIR/mod_alias.so -LoadModule dav_module REPLACE_APACHE_LIBEXECDIR/mod_dav.so -LoadModule dav_svn_module REPLACE_BUILDROOTREPLACE_APACHE_LIBEXECDIR/mod_dav_svn.so -LoadModule authz_svn_module REPLACE_BUILDROOTREPLACE_APACHE_LIBEXECDIR/mod_authz_svn.so - - - DAV svn - SVNParentPath REPLACE_BUILDDIR/subversion/tests/cmdline/svn-test-work/repositories - AuthzSVNAccessFile REPLACE_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz - AuthType Basic - AuthName "Subversion Repository" - AuthUserFile REPLACE_BUILDDIR/users - Require valid-user - - - - DAV svn - SVNPath REPLACE_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp/repos - AuthzSVNAccessFile REPLACE_BUILDDIR/subversion/tests/cmdline/svn-test-work/authz - AuthType Basic - AuthName "Subversion Repository" - AuthUserFile REPLACE_BUILDDIR/users - Require valid-user - - -RedirectMatch permanent ^/svn-test-work/repositories/REDIRECT-PERM-(.*)$ /svn-test-work/repositories/$1 -RedirectMatch ^/svn-test-work/repositories/REDIRECT-TEMP-(.*)$ /svn-test-work/repositories/$1 diff --git a/subversion.changes b/subversion.changes index 3da3cef..28eb602 100644 --- a/subversion.changes +++ b/subversion.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Tue May 21 19:41:36 UTC 2013 - andreas.stieger@gmx.de + +- use svnserveautocheck.sh and davautocheck.sh for unit tests, + greatly reducing complexity of spec file and adding support + for running unit tests with httpd 2.4 in factory +- add subversion-1.7.9-davautocheck-LD_LIBRARY_PATH.patch to + not overwrite LD_LIBRARY_PATH in davautocheck.sh to make + auth-test pass + ------------------------------------------------------------------- Mon May 20 19:30:52 UTC 2013 - andreas.stieger@gmx.de diff --git a/subversion.spec b/subversion.spec index fb249f0..08c1a66 100644 --- a/subversion.spec +++ b/subversion.spec @@ -119,8 +119,9 @@ BuildRequires: openldap2-devel %endif # suse_version > 1030 %endif # with neon %if %{with regression_tests} -# for check section, to find a free port: -BuildRequires: iproute2 +# svnserveautocheck.sh davautocheck.sh requirements +BuildRequires: net-tools +BuildRequires: wget %endif # with regression_tests # %define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services @@ -173,8 +174,6 @@ BuildRequires: sqlite3-devel >= %{sqlite_version} %requires_ge libsqlite3-0 %endif # with_intree_sqlite Source92: %{name}.rpmlintrc -Source93: subversion-tests-httpd.conf.tmpl -Source94: subversion-tests-httpd-users # Patch11: subversion.libtool-verbose.patch # build fixes @@ -186,6 +185,7 @@ Patch37: subversion-no-build-date.patch Patch38: subversion-neon-systemproxy.patch Patch39: subversion-1.7.4-ruby-1.9-RbConfig.patch Patch40: subversion-1.7.8-TestHarness_run_py_test_exit_code.patch +Patch41: subversion-1.7.9-davautocheck-LD_LIBRARY_PATH.patch # %if %with_ruby %if %{!?rb_arch:1}0 @@ -361,6 +361,7 @@ popd #./sqlite-amalgamation %patch38 %patch39 -p1 %patch40 -p1 +%patch41 -p1 SQLITE_RECOMMENDED_VER=$(grep -E '^SQLITE_RECOMMENDED_VER=' configure.ac|cut -f2 -d=|cut -f2 -d\") #" @@ -659,91 +660,21 @@ ulimit -a # During "make check", auth-test loads DSOs at runtime and can't find # them if we don't set up LD_LIBRARY_PATH as below. export LD_LIBRARY_PATH="$PWD/subversion/libsvn_auth_kwallet/.libs:$PWD/subversion/libsvn_auth_gnome_keyring/.libs:$LD_LIBRARY_PATH" -CHECK_FS_TYPE=fsfs # run tests over ra_local (file://) -%__make check CLEANUP=true FS_TYPE="$CHECK_FS_TYPE" - -SVNSERVE_PIDFILE="$PWD/svnserve.pid" -HTTPD_PIDFILE="$PWD/httpd.pid" -# hook up cleanup routine -function on_exit { - if [ -e "$SVNSERVE_PIDFILE" ]; then - pid=`cat "$SVNSERVE_PIDFILE" 2>/dev/null || :` - test -n "$pid" && kill -9 "$pid" || : - fi - if [ -e "$HTTPD_PIDFILE" ]; then - pid=`cat "$HTTPD_PIDFILE" 2>/dev/null || :` - test -n "$pid" && kill -9 "$pid" || : - fi -} -trap on_exit EXIT - -# find next free port -function find_next_free_port { - if [ -z "$free_port" ]; then # on first invocation - local start_port=1025 # start with user port range - else # on subsequent invocations - local start_port=$free_port; # look for ports above the last - let start_port++; # as the daemon might still use it - fi - free_port="" - # in the OBS build VMs, the call to ss actually fails, resulting in all port to be returned as unused, - # subsequent calls to the function will use a sequence from 1025, which are always available in VM. - # For local builds this takes into account locally used ports. Either way works to get a usable port. - for p in `/usr/sbin/ss -nat|tail +2|awk '{ split($4, a, ":"); if (a[2] > 1024) { print a[2]; }}'`; do used_port[$p]="$p"; done - for p in `seq $start_port 65535`; do - if [ -z "${used_port[$p]}" ]; then - free_port="$p" - break - fi - done - if [ -z "$free_port" ]; then - echo "ERROR: failed to find a free port" >&2 - echo "Used TCP ports: ${used_port[*]}" >&2 - exit 1 - fi -} -find_next_free_port +%__make check CLEANUP=true FS_TYPE=fsfs # run tests over ra_svn (svn://) -"$PWD/subversion/svnserve/svnserve" --listen-host 127.0.0.1 --listen-port "$free_port" --pid-file "$SVNSERVE_PIDFILE" -d -r "$PWD/subversion/tests/cmdline" -%__make check CLEANUP=true FS_TYPE="$CHECK_FS_TYPE" BASE_URL="svn://127.0.0.1:$free_port" -kill -9 `cat "$SVNSERVE_PIDFILE" 2>/dev/null` -%__rm "$SVNSERVE_PIDFILE" +%__make svnserveautocheck CLEANUP=true FS_TYPE=fsfs # run tests over ra_neon (http://) %if %{with neon} -find_next_free_port -# create apache configuration -%__cp "%{SOURCE94}" users -APACHE_LIBEXECDIR="%{apache_libexecdir}" -< "%{SOURCE93}" \ - sed "s/REPLACE_PORT/$free_port/g" | \ - sed "s/REPLACE_BUILDROOT/${RPM_BUILD_ROOT//\//\\/}/g" | \ - sed "s/REPLACE_BUILDDIR/${PWD//\//\\/}/g" | \ - sed "s/REPLACE_APACHE_LIBEXECDIR/${APACHE_LIBEXECDIR//\//\\/}/g" > httpd.conf -LD_LIBRARY_PATH="%{buildroot}%{_libdir}:$LD_LIBRARY_PATH" /usr/sbin/httpd2 -d "$PWD" -f httpd.conf -%__make check CLEANUP=true FS_TYPE="$CHECK_FS_TYPE" BASE_URL=http://127.0.0.1:$free_port HTTP_LIBRARY=neon -kill -9 `cat "$HTTPD_PIDFILE" 2>/dev/null` -%__rm "$HTTPD_PIDFILE" +%__make davautocheck CLEANUP=true FS_TYPE=fsfs HTTP_LIBRARY=neon %endif # neon # run tests over ra_serf (http://) %if %{with serf} -find_next_free_port -# create apache configuration -%__cp "%{SOURCE94}" users -APACHE_LIBEXECDIR="%{apache_libexecdir}" -< "%{SOURCE93}" \ - sed "s/REPLACE_PORT/$free_port/g" | \ - sed "s/REPLACE_BUILDROOT/${RPM_BUILD_ROOT//\//\\/}/g" | \ - sed "s/REPLACE_BUILDDIR/${PWD//\//\\/}/g" | \ - sed "s/REPLACE_APACHE_LIBEXECDIR/${APACHE_LIBEXECDIR//\//\\/}/g" > httpd.conf -LD_LIBRARY_PATH="%{buildroot}%{_libdir}:$LD_LIBRARY_PATH" /usr/sbin/httpd2 -d "$PWD" -f httpd.conf -%__make check CLEANUP=true FS_TYPE="$CHECK_FS_TYPE" BASE_URL=http://127.0.0.1:$free_port HTTP_LIBRARY=serf -kill -9 `cat "$HTTPD_PIDFILE" 2>/dev/null` -%__rm "$HTTPD_PIDFILE" +%__make davautocheck CLEANUP=true FS_TYPE=fsfs HTTP_LIBRARY=serf %endif # serf %if %with_java