summaryrefslogtreecommitdiff
path: root/t/t1301-shared-repo.sh
AgeCommit message (Collapse)AuthorFilesLines
2015-01-06update-server-info: create info/* with mode 0666Libravatar Jeff King1-0/+10
Prior to d38379e (make update-server-info more robust, 2014-09-13), we used a straight "fopen" to create the info/refs and objects/info/packs files, which creates the file using mode 0666 (less the default umask). In d38379e, we switched to creating the file with mkstemp to get a unique filename. But mkstemp also uses the more restrictive 0600 mode to create the file. This was an unintended side effect that we did not want, and causes problems when the repository is served by a different user than the one running update-server-info (it is not readable by a dumb http server running as `www`, for example). We can fix this by using git_mkstemp_mode and specifying 0666 to make sure that the umask is honored. Note that we could also say "just use core.sharedrepository", as we do call adjust_shared_perm on the result before renaming it into place. But that should not be necessary as long as everybody involved is using permissive umask to allow HTTP server to read necessary files. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-01-06t1301: set umask in reflog sharedrepository=group testLibravatar Jeff King1-0/+1
The t1301 script sets the umask globally before many of the tests. Most of the tests that care about the umask then set it explicitly at the start of the test. However, one test does not, and relies on the 077 umask setting from earlier tests. This is fragile and can break if another test is added in between. Let's be more explicit. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-04-12Mark t1301 permission test to depend on POSIXPERMLibravatar Junio C Hamano1-6/+6
This prepares the topic for inclusion to master.
2009-04-12t1301-shared-repo: fix forced modes testLibravatar Johannes Sixt1-4/+8
This test was added recently (5a688fe, "core.sharedrepository = 0mode" should set, not loosen; 2009-03-28). It checked the result of a sed invocation for emptyness, but in some cases it forgot to print anything at all, so that those checks would never be false. Due to this mistake, it went unnoticed that the files in objects/info are not necessarily 0440, but can also be 0660. Because the 0mode setting tries to guarantee that the files are accessible only to the people they are meant to be used by, we should only make sure that they are readable by the user and the group when the configuration is set to 0660. It is a separate matter from the core.shredrepository settings that w-bit from immutable object files under objects/[0-9a-f][0-9a-f] directories should be dropped. COMMIT_EDITMSG is still world-readable, but it (and any transient files that are meant for repositories with a work tree) does not matter. If you are working on a shared machine and on a sekrit stuff, the root of the work tree would be with mode 0700 (or 0750 to allow peeking by other people in the group), and that would mean that .git/COMMIT_EDITMSG in such a repository would not be readable by the strangers anyway. Also, in the real-world use case, .git/COMMIT_EDITMSG will be given to an arbitrary editor the user happens to use, and we have no guarantee what it does (e.g. it may create a new file with umask and replace, it may rewrite in place, it may leave an editor backup file but use umask to create it, etc.), and the protection of the file lies majorly on the protection of the root of the work tree. This test cannot be run on Windows; it requires POSIXPERM when merged to 'master'. Signed-off-by: Johannes Sixt <j6t@kdbg.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-04-06Merge branch 'jc/shared-literally'Libravatar Junio C Hamano1-0/+37
* jc/shared-literally: t1301: loosen test for forced modes set_shared_perm(): sometimes we know what the final mode bits should look like move_temp_to_file(): do not forget to chmod() in "Coda hack" codepath Move chmod(foo, 0444) into move_temp_to_file() "core.sharedrepository = 0mode" should set, not loosen
2009-04-01t1301: loosen test for forced modesLibravatar Jeff King1-2/+2
One of the aspects of the test checked explicitly for the g+s bit to be set on created directories. However, this is only the means to an end (the "end" being having the correct group set). And in fact, on systems where DIR_HAS_BSD_GROUP_SEMANTICS is set, we do not even need to use this "means" at all, causing the test to fail. This patch removes that part of the test. In an ideal world it would be replaced by a test to check that the group was properly assigned, but that is difficult to automate because it requires the user running the test suite be a member of multiple groups. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-03-27"core.sharedrepository = 0mode" should set, not loosenLibravatar Junio C Hamano1-0/+37
This fixes the behaviour of octal notation to how it is defined in the documentation, while keeping the traditional "loosen only" semantics intact for "group" and "everybody". Three main points of this patch are: - For an explicit octal notation, the internal shared_repository variable is set to a negative value, so that we can tell "group" (which is to "OR" in 0660) and 0660 (which is to "SET" to 0660); - git-init did not set shared_repository variable early enough to affect the initial creation of many files, notably copied templates and the configuration. We set it very early when a command-line option specifies a custom value. - Many codepaths create files inside $GIT_DIR by various ways that all involve mkstemp(), and then call move_temp_to_file() to rename it to its final destination. We can add adjust_shared_perm() call here; for the traditional "loosen-only", this would be a no-op for many codepaths because the mode is already loose enough, but with the new behaviour it makes a difference. Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-03-22Skip tests that require a filesystem that obeys POSIX permissionsLibravatar Johannes Sixt1-5/+5
Signed-off-by: Johannes Sixt <j6t@kdbg.org>
2008-10-19Fix testcase failure when extended attributes are in useLibravatar Junio C Hamano1-4/+6
06cbe855 (Make core.sharedRepository more generic, 2008-04-16) made several testcases in t1301-shared-repo.sh which fail if on a system which creates files with extended attributes (e.g. SELinux), since ls appends a '+' sign to the permission set in such cases. In fact, POSIX.1 allows ls to add a single printable character after the usual 3x3 permission bits to show that an optional alternate/additional access method is associated with the path. This fixes the testcase to strip any such sign prior to verifying the permission set. Signed-off-by: Junio C Hamano <gitster@pobox.com> Tested-by: Deskin Miller <deskinm@umich.edu>
2008-10-16t1301-shared-repo.sh: don't let a default ACL interfere with the testLibravatar Matt McCutchen1-0/+3
This test creates files with several different umasks and expects their permissions to be initialized according to the umask, so a default ACL on the trash directory (which overrides the umask for files created in that directory) causes the test to fail. To avoid that, remove the default ACL if possible with setfacl(1). Signed-off-by: Matt McCutchen <matt@mattmccutchen.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-07-11Fix backwards-incompatible handling of core.sharedRepositoryLibravatar Petr Baudis1-0/+23
06cbe85 (Make core.sharedRepository more generic, 2008-04-16) broke the traditional setting of core.sharedRepository to true, which was to make the repository group writable: with umask 022, it would clear the permission bits for 'other'. (umask 002 did not exhibit this behaviour since pre-chmod() check in adjust_shared_perm() fails in that case.) The call to adjust_shared_perm() should only loosen the permission. If the user has umask like 022 or 002 that allow others to read, the resulting files should be made readable and writable by group, without restricting the readability by others. This patch fixes the adjust_shared_perm() mode tweak based on Junio's suggestion and adds the appropriate tests to t/t1301-shared-repo.sh. Cc: Heikki Orsila <heikki.orsila@iki.fi> Signed-off-by: Petr Baudis <pasky@suse.cz> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-06-15Make git reflog expire honour core.sharedRepository.Libravatar Pierre Habouzit1-0/+15
Signed-off-by: Pierre Habouzit <madcoder@debian.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-04-16Make core.sharedRepository more genericLibravatar Heikki Orsila1-0/+50
git init --shared=0xxx, where '0xxx' is an octal number, will create a repository with file modes set to '0xxx'. Users with a safe umask value (0077) can use this option to force file modes. For example, '0640' is a group-readable but not group-writable regardless of user's umask value. Values compatible with old Git versions are written as they were before, for compatibility reasons. That is, "1" for "group" and "2" for "everybody". "git config core.sharedRepository 0xxx" is also handled. Signed-off-by: Heikki Orsila <heikki.orsila@iki.fi> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-08-16t1301-shared-repo.sh: fix 'stat' portability issueLibravatar Arjen Laarhoven1-1/+10
The t1301-shared-repo.sh testscript uses /usr/bin/stat to get the file mode, which isn't portable. Implement the test in shell using 'ls' as shown by Junio. Signed-off-by: Arjen Laarhoven <arjen@yaph.org> Signed-off-by: Junio C Hamano <gitster@pobox.com>
2007-07-11Fix core.sharedRepository = 2Libravatar Johannes Schindelin1-0/+27
For compatibility reasons, "git init --shared=all" does not write "all" into the config, but a number. In the shared setup, you really have to support even older clients on the _same_ repository. But git_config_perm() did not pick up on it. Also, "git update-server-info" failed to pick up on the shared permissions. This patch fixes both issues, and adds a test to prove it. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> Tested-by: martin f krafft <madduck@madduck.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>