Prior to d38379e (make update-server-info more robust, 2014-09-13), we used a straight "fopen" to create the info/refs and objects/info/packs files, which creates the file using mode 0666 (less the default umask). In d38379e, we switched to creating the file with mkstemp to get a unique filename. But mkstemp also uses the more restrictive 0600 mode to create the file. This was an unintended side effect that we did not want, and causes problems when the repository is served by a different user than the one running update-server-info (it is no longer readable by a dumb http server running as `www`, for example). We can fix this by using git_mkstemp_mode and specifying 0666. Note that we could also say "just use core.sharedrepository", as we do call adjust_shared_perm on the result before renaming it into place. But that is not very friendly. The shared-repo config is usually about making things _writable_ for other users. Until d38379e, there was no explicit config needed to serve an otherwise readable repository, and we should consider it a regression. Signed-off-by: Jeff King <peff@xxxxxxxx> --- server-info.c | 2 +- t/t1301-shared-repo.sh | 10 ++++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/server-info.c b/server-info.c index 31f4a74..34b0253 100644 --- a/server-info.c +++ b/server-info.c @@ -17,7 +17,7 @@ static int update_info_file(char *path, int (*generate)(FILE *)) FILE *fp = NULL; safe_create_leading_directories(path); - fd = mkstemp(tmp); + fd = git_mkstemp_mode(tmp, 0666); if (fd < 0) goto out; fp = fdopen(fd, "w"); diff --git a/t/t1301-shared-repo.sh b/t/t1301-shared-repo.sh index 86ed901..feff55e 100755 --- a/t/t1301-shared-repo.sh +++ b/t/t1301-shared-repo.sh @@ -111,6 +111,16 @@ do done +test_expect_success POSIXPERM 'info/refs is readable in unshared repo' ' + rm -f .git/info/refs && + test_unconfig core.sharedrepository && + umask 002 && + git update-server-info && + echo "-rw-rw-r--" >expect && + modebits .git/info/refs >actual && + test_cmp expect actual +' + test_expect_success POSIXPERM 'git reflog expire honors core.sharedRepository' ' umask 077 && git config core.sharedRepository group && -- 2.2.1.425.g441bb3c -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html