问题
subversion package in debian jessie does not include a systemd service file. what is the simplest solution for automatic start. i try
[Unit]
Description=Subversion protocol daemon
After=syslog.target network.target
[Service]
Type=forking
#EnvironmentFile=/etc/conf.d/svnserve
#ExecStart=/usr/bin/svnserve --daemon $SVNSERVE_ARGS
ExecStart=/usr/bin/svnserve -d -r /svnFolder/repositories
ExecReload=/bin/kill -HUP $MAINPID
KillMode=process
Restart=on-failure
[Install]
WantedBy=multi-user.target
Alias=svnserve.service
it is an adaptation of https://bbs.archlinux.org/viewtopic.php?id=190127 but i have put the arguments directly for svnserve directly here.
what can be improved?
回答1:
Here is a proposal to setup svnserve service "the-Debian-way" running with a dedicated svn service account with proper logging. According to FHS, repositories should be stored in /srv/:
mkdir -p /srv/svn/repos; chown svn /srv/svn/repos
First, the service configuration for systemd /etc/systemd/system/svnserve.service:
[Unit]
Description=Subversion protocol daemon
After=syslog.target network.target
[Service]
Type=forking
RuntimeDirectory=svnserve
PIDFile=/run/svnserve/svnserve.pid
EnvironmentFile=/etc/default/svnserve
ExecStart=/usr/bin/svnserve $DAEMON_ARGS
User=svn
Group=svn
KillMode=control-group
Restart=on-failure
[Install]
WantedBy=multi-user.target
Second, the service startup options at /etc/default/svnserve:
# svnserve options
DAEMON_ARGS="--daemon --pid-file /run/svnserve/svnserve.pid --root /srv/svn/repos --log-file /var/log/svnserve/svnserve.log"
To work properly, the folder for log files must be created with proper ownership:
mkdir /var/log/svnserve; chown svn /var/log/svnserve
To end with log rotation configuration /etc/logrotate.d/svnserve:
/var/log/svnserve/*.log {
daily
missingok
rotate 14
compress
notifempty
create 640 svn adm
sharedscripts
postrotate
if /bin/systemctl status svnserve > /dev/null ; then \
/bin/systemctl restart svnserve > /dev/null; \
fi;
endscript
}
Hope this helps.
回答2:
Update: My answer below has been obsoleted. These improvements and others have been incorporated into Yves Martin's excellent solution.
I have two improvements: it's generally recommended not to run such things as root. Create a user for this, for example 'svn'. It is also recommended to explicitly specify a PID file when using forking. My svnserve.service looks much like yours except I add the lines:
User=svn
Group=svn
PIDFile=/usr/local/svn/svnserve.pid
ExecStart=/usr/bin/svnserve -d -r /usr/local/svn/repos --pid-file /usr/local/svn/svnserve.pid
回答3:
One comment on Yves Martin's excellent answer above (I don't have the rep points to comment yet):
When trying to enable the service to start on boot, I'd get an error:
$ sudo systemctl enable svnserve.service
Failed to execute operation: Invalid argument
After doing some research I found you apparently cannot set an alias to the same name as the service. Deleting the Alias line from the [Install] section of the svnserve.service solved the issue:
[Unit]
Description=Subversion protocol daemon
After=syslog.target network.target
[Service]
Type=forking
RuntimeDirectory=svnserve
PIDFile=/run/svnserve/svnserve.pid
EnvironmentFile=/etc/default/svnserve
ExecStart=/usr/bin/svnserve $DAEMON_ARGS
User=svn
Group=svn
KillMode=control-group
Restart=on-failure
[Install]
WantedBy=multi-user.target
回答4:
Please consider this replacement of xinet -> systemd: (This was mostly gleaned from http://0pointer.de/blog/projects/inetd.html
You would need to create two files:
svnserve.socket
[Unit]
Description=SVN Socket for Per-Connection Servers
[Socket]
ListenStream=3690
Accept=yes
[Install]
WantedBy=sockets.target
and svnserve@.service
[Unit]
Description=SVN Per-Connection Server
[Service]
User=svn
Group=svn
ExecStart=-/usr/bin/svnserve -i -r /srv/repositories/svn/repositories
StandardInput=socket
Copy both files to /etc/systemd/system/
then
systemctl enable svnserve.socket
systemctl start svnserve.socket
systemctl status svnserve.socket
回答5:
(I'd make this a comment on @Yves Martin's answer, but this is a new account and I'm not allowed to comment. :-P )
With SELinux, this solution doesn't allow for an autostart of the daemon. I made a few changes to make it happy. The svnserve daemon does not have open rights in the /var/log tree. Placing the log in the svn account's domain resolves a security whine.
In /etc/systemd/system/svnserve.service:
ExecStart=/usr/bin/svnserve --daemon \
--pid-file /var/run/svnserve/svnserve.pid \
--root /project/svn/repos \
--log-file /project/svn/log/svnserve.log
In /etc/logrotate.d/svnserve:
/project/svn/log/*.log { # path changed
...
create 644 svn svn # corrected group and made world-readable
...
Finally, make the svn repos and log directory have the correct ownership and security type:
sudo mkdir /project/svn
sudo chmod 755 /project/svn
sudo mkdir /project/svn/repos /project/svn/log
sudo chown -R svn:svn /project/svn
sudo semanage fcontext --add --type svnserve_content_t "/project/svn(/.*)?"
sudo restorecon -Rv /project/svn
(Obviously, change /project/svn to wherever you have decided to put your repo structure. /var/svn is common and the rules already exist for that directory tree, making the last couple lines above unnecessary.)
来源:https://stackoverflow.com/questions/38197727/how-to-start-svnserve-with-systemctl-systemd