I am trying to setup svn over ssh on an OS X server. In order to do so, I read that I need a wrapper to set umask and - in my case - to set the repository root. A quick and dirty way to do that is to rename /usr/bin/svnserve
and place a wrapper script at that location. However SIP protects that location from any changes, and I would prefer a cleaner solution anyway.
So I created a wrapper script at /usr/local/bin/svnserve
and created /etc/ssh/sshrc
with
PATH=/usr/local/bin:$PATH
I have verified that this file gets executed when initiating a remote ssh command from my client by writing to a log file. However, the modified PATH does not seem to get passed to the command environment:
ssh hostname 'echo $PATH'
Password:
/usr/bin:/bin:/usr/sbin:/sbin
Am I overlooking something? Or is /etc/ssh/sshrc
the wrong place to set a path? If so, what's the right place?
Other places I've tried: /etc/profile
and /etc/bashrc
, but none of these seem to get executed in connection with an ssh command.
Note: It is not an option to change the client behavior (like, for example, adding the desired path to the command).
/etc/sshrc
does not run in the same shell instance with the remotely-issued command, so the PATH update does not persist through.
Some of the available options:
AcceptEnv PATH
on the server to configure it to accept a PATH sent by the remote system, and SendEnv PATH
on the client (in ~/.ssh/config
, or as an argument to ssh passed with -o
, or in /etc/ssh/ssh_config
)./etc/ssh/sshd_config
on the server, you can set the option PermitUserEnvironment
to yes
; with that done, the variable and value can be added to ~/.ssh/environment
in the individual user's account on the server.ForceCommand
to override the remotely requested command, either with something like /usr/bin/env PATH=/usr/local/bin:/usr/bin:/bin svnserve
or simply /usr/local/bin/svnserve