Re: [PATCH v4 2/2] interpret-trailers: add option for in-place editing

From: Junio C Hamano <gitster@pobox.com>
To: Eric Sunshine <sunshine@sunshineco.com>
Cc: Tobias Klauser <tklauser@distanz.ch>,
	Christian Couder <chriscool@tuxfamily.org>,
	Matthieu Moy <Matthieu.Moy@grenoble-inp.fr>,
	Git List <git@vger.kernel.org>
Subject: Re: [PATCH v4 2/2] interpret-trailers: add option for in-place editing
Date: Tue, 19 Jan 2016 14:09:37 -0800	[thread overview]
Message-ID: <xmqqvb6p8bmm.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <CAPig+cRHTs9q4k=CqtY2j=ZtTYMU6_SPeCHkQe4m5AGXOjg_Ww@mail.gmail.com> (Eric Sunshine's message of "Tue, 19 Jan 2016 16:45:15 -0500")

Eric Sunshine <sunshine@sunshineco.com> writes:

> You suspect correctly. It was exactly the comment added by f400e51c
> that misled me. (t/README does, on the other hand, mention "root", as
> I noticed after reading your previous response.)
>
> Thanks for spelling all this out. Hopefully, others reading your reply
> (now and later) will be less confused than I.

It is not too late to fix that, though.

-- >8 --
Subject: test-lib: clarify and tighten SANITY

f400e51c (test-lib.sh: set prerequisite SANITY by testing what we
really need, 2015-01-27) improved the way SANITY prerequisite was
determined, but made the resulting code (incorrectly) imply that
SANITY is all about effects of permission bits of the containing
directory has on the files contained in it by the comment it added,
its log message and the actual tests.

By the way, while we are on the subject, POSIXPERM is more about "if
we do chmod, does filesystem remember it so that ls -l reports the
same?"  Output from "git grep POSIXPERM t" shows that some users of
it also assume that it requires "we can make something executable by
doing chmod +x and unexecutable by doing chmod -x" (and that is
fine--running tests as root would not make an unexecutable file
executable).  The tests that require POSIXPERM but not SANITY can be
run by root (I am not saying that running tests as root is safe or
sane, though) and are expected to produce the same result as they
were run by a non-root user.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 t/test-lib.sh | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/t/test-lib.sh b/t/test-lib.sh
index 446d8d5..68c31ae 100644
--- a/t/test-lib.sh
+++ b/t/test-lib.sh
@@ -997,20 +997,28 @@ test_lazy_prereq NOT_ROOT '
 	test "$uid" != 0
 '
 
-# On a filesystem that lacks SANITY, a file can be deleted even if
-# the containing directory doesn't have write permissions, or a file
-# can be accessed even if the containing directory doesn't have read
-# or execute permissions, causing our tests that validate that Git
-# works sensibly in such situations.
+# SANITY is about "can you correctly predict what the filesystem would
+# do by only looking at the permission bits of the files and
+# directories?"  A typical example of !SANITY is running the test
+# suite as root, where a test may expect "chmod -r file && cat file"
+# to fail because file is supposed to be unreadable after a successful
+# chmod.  In an environment (i.e. combination of what filesystem is
+# being used and who is running the tests) that lacks SANITY, you may
+# be able to delete or create a file when the containing directory
+# doesn't have write permissions, or access a file even if the
+# containing directory doesn't have read or execute permissions.
+
 test_lazy_prereq SANITY '
 	mkdir SANETESTD.1 SANETESTD.2 &&
 
 	chmod +w SANETESTD.1 SANETESTD.2 &&
 	>SANETESTD.1/x 2>SANETESTD.2/x &&
 	chmod -w SANETESTD.1 &&
+	chmod -r SANETESTD.1/x &&
 	chmod -rx SANETESTD.2 ||
 	error "bug in test sript: cannot prepare SANETESTD"
 
+	! test -r SANETESTD.1/x &&
 	! rm SANETESTD.1/x && ! test -f SANETESTD.2/x
 	status=$?
 
