On Wednesday 25 March 2009, Junio C Hamano wrote:
> Johan Herland <johan@xxxxxxxxxxx> writes:
> > On Wednesday 25 March 2009, Junio C Hamano wrote:
> >> You might like to try a patch like this (untested).
> >>
> >> path.c | 17 +++++------------
> >> 1 files changed, 5 insertions(+), 12 deletions(-)
> >
> > Thanks!
> >
> > This works much better :)
> >
> > However, there are still some questions/issues:
> >
> > - t1301-shared-repo.sh fails:
> > Oops, .git/HEAD is not 0664 but -rw-rw---- [...]
> > * FAIL 3: shared=1 does not clear bits preset by umask 022
> > (I guess this is expected, as your patch changes the assumptions)
>
> I'd rather say the patch breaks people's expectations.
I thought some more about the current semantics, and came up with this
patch series, which replaces your original suggestion.
In short, I leave the core.sharedRepository semantics as is (i.e. it is
only used to _loosen_ repository permissions), and introduce a new
variable - core.restrictedRepository - that takes care of _tightening_
repository permissions. Its value is a permission mask that is applied
to the file mode in adjust_shared_perm()
The patch series is based on recent 'next', and the testsuite passes
after each individual patch.
Here is a short rundown of the individual patches:
1. Clarify existing documentation to reflect the current semantics of
core.sharedRepository and "git init --shared". Even if the rest of
the series is rejected, I hope this can make it in some form.
2. Minor cleanup in path.c:adjust_shared_perm(). This is pretty much
your original patch with any functional changes removed.
3. Introduce core.restrictedRepository. Adds git_config_perm_mask()
for parsing the config value, and changes adjust_shared_perm() to
apply the permission mask. Includes documentation of the new config
variable.
4. Add "--restricted" to "git init". Heavily modeled on the existing
"--shared" option. Includes documentation of the new option.
5. Add tests for the functionality introduced in #3 and #4.
6. Apply adjusted repository permissions in "git init" when copying
templates into the new repo.
7. Apply restricted permissions to loose objects and pack files. This
ensures that loose objects and pack files do not get permissions
that are more liberal than the rest of the repository.
Have fun!
...Johan
Johan Herland (7):
Clarify documentation on permissions in shared repositories
Cleanup: Remove unnecessary if-else clause
Introduce core.restrictedRepository for restricting repository
permissions
git-init: Introduce --restricted for restricting repository access
Add tests for "core.restrictedRepository" and "git init --restricted"
git-init: Apply correct mode bits to template files in
shared/restricted repo
Apply restricted permissions to loose objects and pack files
Documentation/config.txt | 41 ++++++++++++-
Documentation/git-init.txt | 50 +++++++++++++++--
builtin-init-db.c | 31 +++++++++-
cache.h | 8 +++
environment.c | 1 +
fast-import.c | 4 +-
http-push.c | 2 +-
http-walker.c | 2 +-
index-pack.c | 4 +-
path.c | 22 +++----
setup.c | 36 ++++++++++++
sha1_file.c | 2 +-
t/t0001-init.sh | 24 +++++++-
t/t1304-restricted-repo.sh | 132 ++++++++++++++++++++++++++++++++++++++++++++
14 files changed, 323 insertions(+), 36 deletions(-)
create mode 100755 t/t1304-restricted-repo.sh
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
