I use Linux Ubuntu 11.04, as root:
First, make sure you have svn installed or you can install it with command:
# apt-get install subversion
mine already installed version 1.6.12
Step 1, create svn repository directory:
# cd /your/repo
# svnadmin create dir
Step 2, edit server configuration:
# vi /your/repo/dir/conf/svnserve.conf
Edit/uncomment following:
anon-access = read
auth-access = write
and uncomment below:
password-db = passwd
Step 3, edit passwd file in the same directory
# vi /your/repo/dir/conf/passwd
edit:
[users]
user = password
Step 4, to run the svn server at boot (from init.d), you need to create a script:
# cd /etc/init.d
# vi mysvn
Then paste code below into the script:
#! /bin/sh
### BEGIN INIT INFO
# Provides: svnserve
# Required-Start: $local_fs $syslog $remote_fs
# Required-Stop: $local_fs $syslog $remote_fs
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Start svnserve
### END INIT INFO
# Author: Michal Wojciechowski <odyniec@odyniec.net>
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="svnserve"
NAME=svnserve
DAEMON=/usr/bin/$NAME
DAEMON_ARGS="-d -r /your/repo/dir"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
[ -x "$DAEMON" ] || exit 0
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
. /lib/init/vars.sh
. /lib/lsb/init-functions
do_start()
{
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
}
do_stop()
{
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
rm -f $PIDFILE
return "$RETVAL"
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
restart|force-reload)
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 3
;;
esac
exit 0
Step 5, make the script executable and starts on default runlevel:
# chmod +x mysvn
# update-rc.d mysvn defaults
Step 6, import your project into svn repository:
# svn import project_dir file:///your/repo/dir/project -m "First"
Done.
You can start working on your project by checking out:
$ svn co svn://user@hostname/project myworkingdir
Enjoy.
Thanks to Michal Wojciechowski for the boot script.
Friday, April 12, 2013
Sunday, March 24, 2013
Setup chroot jail for ssh / sftp in Ubuntu
Using Ubuntu 10.04.2 LTS.
Step by step:
Read here for more complete and original information (thanks for the script).
Or follow instruction below:
You must be root.
Get the script from the above link:
# cd /usr/local/sbin
# wget http://www.fuschlberger.net/programs/ssh-scp-sftp-chroot-jail/make_chroot_jail.sh
# chmod 700 /usr/local/sbin/make_chroot_jail.sh
Edit the script (make_chroot_jail.sh):
# vi /usr/local/sbin/make_chroot_jail.sh
change first line, from:
#!/bin/sh
into:
#!/bin/bash
because it will be error if we use sh on Ubuntu 10.04.2 LTS.
Then add line after these below:
[...]
else
APPS="/bin/bash /bin/cp /usr/bin/dircolors /bin/ls /bin/mkdir /bin/mv /bin/rm /bin/rmdir /bin/sh /bin/su /usr/bin/groups /usr/bin/id /usr/bin/rsync /usr/bin/ssh /usr/bin/scp /usr/sbin/unix_chkpwd"
fi
Add this line below, some program that we might want to add to the APPS variable:
APPS+=" /bin/cat /usr/bin/vi"
The /bin/cat is mandatory since .bashrc using it.
Create jail directory:
# mkdir /path/to/jail
Create will be jailed user account:
# adduser jailed_username
Run the script:
# make_chroot_jail.sh jailed_username /bin/bash /path/to/jail
Edit sshd_config:
# vi /etc/ssh/sshd_config
Change from:
Subsystem sftp /usr/lib/openssh/sftp-server
into:
Subsystem sftp internal-sftp
And add these to the end of the file:
Match User jailed_username
ChrootDirectory /path/to/jail
AllowTCPForwarding no
X11Forwarding no
Restart sshd:
# /etc/init.d/ssh restart
We need to edit /etc/passwd and change from:
jailed_username:x:1001:1001:,,,:/path/to/jail/home/jailed_username:/bin/bash
into:
jailed_username:x:1001:1001:,,,:/home/jailed_username:/bin/bash
because it will not see /path/to/jail anymore, but /
Finish.
Step by step:
Read here for more complete and original information (thanks for the script).
Or follow instruction below:
You must be root.
Get the script from the above link:
# cd /usr/local/sbin
# wget http://www.fuschlberger.net/programs/ssh-scp-sftp-chroot-jail/make_chroot_jail.sh
# chmod 700 /usr/local/sbin/make_chroot_jail.sh
Edit the script (make_chroot_jail.sh):
# vi /usr/local/sbin/make_chroot_jail.sh
change first line, from:
#!/bin/sh
into:
#!/bin/bash
because it will be error if we use sh on Ubuntu 10.04.2 LTS.
Then add line after these below:
[...]
else
APPS="/bin/bash /bin/cp /usr/bin/dircolors /bin/ls /bin/mkdir /bin/mv /bin/rm /bin/rmdir /bin/sh /bin/su /usr/bin/groups /usr/bin/id /usr/bin/rsync /usr/bin/ssh /usr/bin/scp /usr/sbin/unix_chkpwd"
fi
Add this line below, some program that we might want to add to the APPS variable:
APPS+=" /bin/cat /usr/bin/vi"
The /bin/cat is mandatory since .bashrc using it.
Create jail directory:
# mkdir /path/to/jail
Create will be jailed user account:
# adduser jailed_username
Run the script:
# make_chroot_jail.sh jailed_username /bin/bash /path/to/jail
Edit sshd_config:
# vi /etc/ssh/sshd_config
Change from:
Subsystem sftp /usr/lib/openssh/sftp-server
into:
Subsystem sftp internal-sftp
And add these to the end of the file:
Match User jailed_username
ChrootDirectory /path/to/jail
AllowTCPForwarding no
X11Forwarding no
Restart sshd:
# /etc/init.d/ssh restart
We need to edit /etc/passwd and change from:
jailed_username:x:1001:1001:,,,:/path/to/jail/home/jailed_username:/bin/bash
into:
jailed_username:x:1001:1001:,,,:/home/jailed_username:/bin/bash
because it will not see /path/to/jail anymore, but /
Finish.
Subscribe to:
Posts (Atom)