From: Junio C Hamano <gitster@pobox.com>
To: Matthieu Moy <Matthieu.Moy@grenoble-inp.fr>
Cc: git@vger.kernel.org
Subject: Re: [PATCH 4/4] Use git_mkstemp_mode and xmkstemp_mode in odb_mkstemp, not chmod later.
Date: Mon, 22 Feb 2010 12:33:01 -0800 [thread overview]
Message-ID: <7veikdau4i.fsf@alter.siamese.dyndns.org> (raw)
In-Reply-To: <vpqfx4tln64.fsf@bauges.imag.fr> (Matthieu Moy's message of "Mon\, 22 Feb 2010 08\:55\:31 +0100")
[-- Attachment #1: Type: text/plain, Size: 604 bytes --]
Matthieu Moy <Matthieu.Moy@grenoble-inp.fr> writes:
> That is strange, it does pass (or it's skipped if I don't have
> setfacl) for me.
>
> What system are you using? Do you have ACLs enabled on the filesystem
> where you run the tests? What permission do you get for packs with
> Git-without-my-patch (I used to get 0400)?
On my primary box (happens to be Debian 5 but that does not matter) I do
not even have setfacl and the tests are properly skipped.
On another box with FC11 (git.git directory is on an ext4 partition), here
is what "sh -x t1304-default.acl.sh -i -v" gives me when run in 'pu'.
[-- Attachment #2: sh -x t1304-default.acl.sh -i -v 2>&1 --]
[-- Type: text/plain, Size: 10245 bytes --]
+ test_description='Test repository with default ACL'
+ . ./test-lib.sh
++ case "$GIT_TEST_TEE_STARTED, $* " in
++ ORIGINAL_TERM=screen
++ LANG=C
++ LC_ALL=C
++ PAGER=cat
++ TZ=UTC
++ TERM=dumb
++ export LANG LC_ALL PAGER TERM TZ
++ EDITOR=:
++ unset VISUAL
++ unset GIT_EDITOR
++ unset AUTHOR_DATE
++ unset AUTHOR_EMAIL
++ unset AUTHOR_NAME
++ unset COMMIT_AUTHOR_EMAIL
++ unset COMMIT_AUTHOR_NAME
++ unset EMAIL
++ unset GIT_ALTERNATE_OBJECT_DIRECTORIES
++ unset GIT_AUTHOR_DATE
++ GIT_AUTHOR_EMAIL=author@example.com
++ GIT_AUTHOR_NAME='A U Thor'
++ unset GIT_COMMITTER_DATE
++ GIT_COMMITTER_EMAIL=committer@example.com
++ GIT_COMMITTER_NAME='C O Mitter'
++ unset GIT_DIFF_OPTS
++ unset GIT_DIR
++ unset GIT_WORK_TREE
++ unset GIT_EXTERNAL_DIFF
++ unset GIT_INDEX_FILE
++ unset GIT_OBJECT_DIRECTORY
++ unset GIT_CEILING_DIRECTORIES
++ unset SHA1_FILE_DIRECTORIES
++ unset SHA1_FILE_DIRECTORY
++ GIT_MERGE_VERBOSITY=5
++ export GIT_MERGE_VERBOSITY
++ export GIT_AUTHOR_EMAIL GIT_AUTHOR_NAME
++ export GIT_COMMITTER_EMAIL GIT_COMMITTER_NAME
++ export EDITOR
++ GIT_TEST_CMP='diff -u'
++ unset CDPATH
++ case $(echo $GIT_TRACE |tr "[A-Z]" "[a-z]") in
+++ echo
+++ tr '[A-Z]' '[a-z]'
++ _x05='[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]'
++ _x40='[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]'
++ '[' xscreen '!=' xdumb ']'
++ TERM=screen
++ export TERM
++ '[' -t 1 ']'
++ test 2 -ne 0
++ case "$1" in
++ immediate=t
++ shift
++ test 1 -ne 0
++ case "$1" in
++ verbose=t
++ shift
++ test 0 -ne 0
++ test -n ''
++ test 'Test repository with default ACL' '!=' ''
++ test '' = t
++ exec
++ test t = t
++ exec
++ test_failure=0
++ test_count=0
++ test_fixed=0
++ test_broken=0
++ test_success=0
++ GIT_EXIT_OK=
++ trap die EXIT
++ satisfied=' '
+++ pwd
++ TEST_DIRECTORY=/scratch/buildfarm/pu/t
++ test -n ''
++ test -n ''
++ git_bin_dir=/scratch/buildfarm/pu/t/../bin-wrappers
++ test -x /scratch/buildfarm/pu/t/../bin-wrappers/git
++ PATH=/scratch/buildfarm/pu/t/../bin-wrappers:/home/junio/g/Fedora-11-i686/git-active/bin:/home/junio/bin/common:/sbin:/usr/sbin:/usr/kerberos/bin:/usr/bin:/bin:/usr/local/sbin
++ GIT_EXEC_PATH=/scratch/buildfarm/pu/t/..
++ test -n ''
+++ pwd
++ GIT_TEMPLATE_DIR=/scratch/buildfarm/pu/t/../templates/blt
++ unset GIT_CONFIG
++ GIT_CONFIG_NOSYSTEM=1
++ GIT_CONFIG_NOGLOBAL=1
++ export PATH GIT_EXEC_PATH GIT_TEMPLATE_DIR GIT_CONFIG_NOSYSTEM GIT_CONFIG_NOGLOBAL
++ . ../GIT-BUILD-OPTIONS
+++ SHELL_PATH=/bin/sh
+++ PERL_PATH=/usr/bin/perl
+++ TAR=tar
+++ NO_CURL=
+++ NO_PERL=
+++ NO_PYTHON=
+++ pwd
+++ pwd
++ GITPERLLIB=/scratch/buildfarm/pu/t/../perl/blib/lib:/scratch/buildfarm/pu/t/../perl/blib/arch/auto/Git
++ export GITPERLLIB
++ test -d ../templates/blt
++ test -z ''
++ test -z ''
+++ pwd
++ GITPYTHONLIB=/scratch/buildfarm/pu/t/../git_remote_helpers/build/lib
++ export GITPYTHONLIB
++ test -d ../git_remote_helpers/build
++ test -x ../test-chmtime
+++ basename t1304-default-acl.sh .sh
++ test='trash directory.t1304-default-acl'
++ test -n ''
++ case "$test" in
++ TRASH_DIRECTORY='/scratch/buildfarm/pu/t/trash directory.t1304-default-acl'
++ test '!' -z ''
++ remove_trash='/scratch/buildfarm/pu/t/trash directory.t1304-default-acl'
++ rm -fr 'trash directory.t1304-default-acl'
++ test_create_repo 'trash directory.t1304-default-acl'
++ test 1 = 1
+++ pwd
++ owd=/scratch/buildfarm/pu/t
++ repo='trash directory.t1304-default-acl'
++ mkdir -p 'trash directory.t1304-default-acl'
++ cd 'trash directory.t1304-default-acl'
++ /scratch/buildfarm/pu/t/../git-init --template=/scratch/buildfarm/pu/t/../templates/blt/
Initialized empty Git repository in /scratch/buildfarm/pu/t/trash directory.t1304-default-acl/.git/
++ mv .git/hooks .git/hooks-disabled
++ cd /scratch/buildfarm/pu/t
++ cd -P 'trash directory.t1304-default-acl'
++ this_test=t1304-default-acl.sh
++ this_test=t1304
++ case $(uname -s) in
+++ uname -s
++ test_set_prereq POSIXPERM
++ satisfied=' POSIXPERM '
++ test_set_prereq BSLASHPSPEC
++ satisfied=' POSIXPERM BSLASHPSPEC '
++ test_set_prereq EXECKEEPSPID
++ satisfied=' POSIXPERM BSLASHPSPEC EXECKEEPSPID '
++ test -z ''
++ test_set_prereq PERL
++ satisfied=' POSIXPERM BSLASHPSPEC EXECKEEPSPID PERL '
++ test -z ''
++ test_set_prereq PYTHON
++ satisfied=' POSIXPERM BSLASHPSPEC EXECKEEPSPID PERL PYTHON '
++ ln -s x y
++ test -h y
++ test_set_prereq SYMLINKS
++ satisfied=' POSIXPERM BSLASHPSPEC EXECKEEPSPID PERL PYTHON SYMLINKS '
++ rm -f y
+ setfacl -Rm u:root:rwx .
+ setfacl -Rm d:u:junio:rwx .
+ setfacl -Rm d:u:root:rwx .
+ touch file.txt
+ git add file.txt
+ git commit -m init
[master (root-commit) 956f7d1] init
Author: A U Thor <author@example.com>
0 files changed, 0 insertions(+), 0 deletions(-)
create mode 100644 file.txt
+ test_expect_success 'git gc does not break ACLs with restrictive umask' '
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
+ test 2 = 3
+ prereq=
+ test 2 = 2
+ test_skip 'git gc does not break ACLs with restrictive umask' '
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
+ test_count=1
+ to_skip=
+ test -z ''
+ test -n ''
+ case "$to_skip" in
+ false
+ say 'expecting success:
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
+ say_color info 'expecting success:
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
+ test -z info
+ shift
+ echo '* expecting success:
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
* expecting success:
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
+ test_run_ '
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
+ eval '
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
++ umask 077
++ git gc
+++ modebits .git/objects/pack/pack-9a3c3444a7e8660480c6ea70aa526e8299f7cfd6.pack
+++ ls -l .git/objects/pack/pack-9a3c3444a7e8660480c6ea70aa526e8299f7cfd6.pack
+++ sed -e 's|^\(..........\).*|\1|'
++ actual=-r--r--r--
++ case "$actual" in
++ echo 'expected 440, got -r--r--r--'
expected 440, got -r--r--r--
++ false
+ eval_ret=1
+ return 0
+ '[' 0 = 0 -a 1 = 0 ']'
+ test_failure_ 'git gc does not break ACLs with restrictive umask' '
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
+ test_failure=1
+ say_color error 'FAIL 1: git gc does not break ACLs with restrictive umask'
+ test -z error
+ shift
+ echo '* FAIL 1: git gc does not break ACLs with restrictive umask'
* FAIL 1: git gc does not break ACLs with restrictive umask
+ shift
+ echo '
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
'
+ sed -e 's/^/ /'
umask 077 &&
git gc &&
actual=$(modebits .git/objects/pack/*.pack) &&
case "$actual" in
-r--r-----*)
: happy
;;
*)
echo "expected 440, got $actual"; false
;;
esac &&
getfacl .git/objects/pack/*.pack > actual &&
grep -q "user:root:rwx" actual &&
grep -q "user:${LOGNAME}:rwx" actual &&
grep -q "mask::r--" actual &&
grep -q "group::---" actual
+ test t = ''
+ GIT_EXIT_OK=t
+ exit 1
+ die
+ code=1
+ test -n t
+ exit 1
next prev parent reply other threads:[~2010-02-22 20:33 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-19 16:33 [PATCH 0/4] Allow Git repositories to be shared using POSIX ACLs Matthieu Moy
2010-02-19 16:33 ` [PATCH 1/4] Add a testcase for ACL with restrictive umask Matthieu Moy
2010-02-19 16:33 ` [PATCH 2/4] Move gitmkstemps to path.c Matthieu Moy
2010-02-19 16:33 ` [PATCH 3/4] git_mkstemp_mode, xmkstemp_mode: variants of gitmkstemps with mode argument Matthieu Moy
2010-02-19 16:33 ` [PATCH 4/4] Use git_mkstemp_mode and xmkstemp_mode in odb_mkstemp, not chmod later Matthieu Moy
2010-02-19 23:19 ` Matthieu Moy
2010-02-19 23:21 ` [PATCH 1/6] Add a testcase for ACL with restrictive umask Matthieu Moy
2010-02-19 23:21 ` [PATCH 2/6] Move gitmkstemps to path.c Matthieu Moy
2010-02-19 23:21 ` [PATCH 3/6] git_mkstemp_mode, xmkstemp_mode: variants of gitmkstemps with mode argument Matthieu Moy
2010-02-20 19:22 ` Junio C Hamano
2010-02-19 23:21 ` [PATCH 4/6 v2] Use git_mkstemp_mode and xmkstemp_mode in odb_mkstemp, not chmod later Matthieu Moy
2010-02-19 23:21 ` [PATCH 5/6] git_mkstemps_mode: don't set errno to EINVAL for any error Matthieu Moy
2010-02-20 18:13 ` Junio C Hamano
2010-02-22 7:36 ` Matthieu Moy
2010-02-22 19:56 ` Junio C Hamano
2010-02-19 23:21 ` [PATCH 6/6] Use git_mkstemp_mode instead of plain mkstemp to create object files Matthieu Moy
2010-02-20 20:01 ` [PATCH 4/4] Use git_mkstemp_mode and xmkstemp_mode in odb_mkstemp, not chmod later Junio C Hamano
2010-02-22 7:55 ` Matthieu Moy
2010-02-22 20:33 ` Junio C Hamano [this message]
2010-02-22 20:36 ` Junio C Hamano
2010-02-22 22:11 ` Matthieu Moy
2010-02-19 17:52 ` [PATCH 0/4] Allow Git repositories to be shared using POSIX ACLs Junio C Hamano
2010-02-22 22:32 ` [PATCH 0/6 v3] " Matthieu Moy
2010-02-22 22:32 ` [PATCH 1/6] Add a testcase for ACL with restrictive umask Matthieu Moy
2010-02-22 22:32 ` [PATCH 2/6] Move gitmkstemps to path.c Matthieu Moy
2010-02-22 22:32 ` [PATCH 3/6] git_mkstemp_mode, xmkstemp_mode: variants of gitmkstemps with mode argument Matthieu Moy
2010-02-22 22:32 ` [PATCH 4/6] Use git_mkstemp_mode and xmkstemp_mode in odb_mkstemp, not chmod later Matthieu Moy
2010-02-22 22:32 ` [PATCH 5/6] git_mkstemps_mode: don't set errno to EINVAL on exit Matthieu Moy
2010-02-22 22:32 ` [PATCH 6/6] Use git_mkstemp_mode instead of plain mkstemp to create object files Matthieu Moy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7veikdau4i.fsf@alter.siamese.dyndns.org \
--to=gitster@pobox.com \
--cc=Matthieu.Moy@grenoble-inp.fr \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).