Joel Bastos bio photo

Joel Bastos

Automation engineer with a keen interest on devops culture, geek by definition and curious by nature

Email Twitter LinkedIn Github

After searching the interwebs for a method on obtaining server side logging capability on SVN over SSH with no success, I decided to do some reverse engineering on how SVN works hopping to get it logging every user action on each repository. 

What I've found is that every client SVN call to the server via SSH launches svnserve, and indeed there is a svnserve.conf config file on every repository, unfortunately with no log flag available. Nontheless the svnserve binary accepts the desired log flag, so let's get creative... 
[root@svn-server ~]# mkdir /var/log/svn/

[root@svn-server ~]# whereis svnserve
svnserve: /usr/bin/svnserve 


[root@svn-server ~]# mv /usr/bin/svnserve /usr/bin/svnserve.bin 

[root@svn-server ~]# vi /usr/bin/svnserve
/usr/bin/svnserve.bin --log-file /var/log/svn/svnserve_`id -u`.log $1 

[root@svn-server ~]# chmod +x  /usr/bin/svnserve
There, you got logging!

What some log rotating? Sure, here you go:
[root@svn-server ~]# cat /etc/logrotate.d/svn
/var/log/svn/svnserve*.log {
        daily
        rotate 365
        missingok
        notifempty
        lastaction
                /bin/chown root.root /var/log/svn/svnserve*.log.* > /dev/null &
                /bin/chmod 600 /var/log/svn/svnserve*.log.* > /dev/null &
        endscript
}