Trac post commit hook permission problem¶
Trac has a nice subversion post-commit hook script. Once enabled you can put special markers in your commit messages:
“closes #1234” or “fixes #1234” automatically closes bug 1234 with a resolution of “fixed”. And your full commit message is appended as a comment to the bug. You can specify multiple numbers: “fixes #12, #13 and #14”.
“re #1234”, “see #1234”, “addresses #1234”, “refs #1234” and some other variants append your full commit message as a comment to the bug. This also includes a link to the changeset.
Problem: the user that effectively runs the post-commit script has not always the proper permissions to access the trac database. I experimented with a setuid C wrapper that you find a lot when googling: no success. Setuid post commit script: no success.
The solution was simple: allow your users (in my case a group) to execute
the trac post commit script as the user that runs trac. For this, enter a
line like this in your /etc/sudoers file:
# The relevant users are in the "src" group.
%src ourhost = (tracuser) NOPASSWD: /path/to/tracpostcommithook
And in your /path/to/svn/hooks/post-commit:
/usr/bin/sudo -u tracuser /path/to/tracpostcommithook -r $REV ....
Writing it down in this blog post so that I can google it in three years time when I’ve forgotten how to do it :-)
Reinout van Rees
My name is Reinout van Rees and I program in Python, I live in the Netherlands, I cycle recumbent bikes and I have a model railway.
- Weblog
- Preken (NL)
- Over mij (NL)
- About me (EN)
- Ligfiets (NL)
- Eifelburgenbahn (model railway)
- Videos
- PhD (EN)
Weblog feeds
Most of my website content is in my weblog. You can keep up to date by subscribing to the automatic feeds (for instance with Google reader):