Web lists-archives.com

Re: [PATCH v2] read-cache: write all indexes with the same permissions




On Fri, Nov 16, 2018 at 7:03 PM Duy Nguyen <pclouds@xxxxxxxxx> wrote:
>
> On Fri, Nov 16, 2018 at 6:31 PM Christian Couder
> <christian.couder@xxxxxxxxx> wrote:
> > diff --git a/read-cache.c b/read-cache.c
> > index 8c924506dd..ea80600bff 100644
> > --- a/read-cache.c
> > +++ b/read-cache.c
> > @@ -3165,7 +3165,8 @@ int write_locked_index(struct index_state *istate, struct lock_file *lock,
> >                 struct tempfile *temp;
> >                 int saved_errno;
> >
> > -               temp = mks_tempfile(git_path("sharedindex_XXXXXX"));
> > +               /* Same permissions as the main .git/index file */
>
> If the permission is already correct from the beginning (of this temp
> file), should df801f3f9f be reverted since we don't need to adjust
> permission anymore?

df801f3f9f (read-cache: use shared perms when writing shared index,
2017-06-25) was fixing the bug that permissions of the shared index
file did not take into account the shared permissions (which are about
core.sharedRepository; "shared" has a different meaning in "shared
index file" and in "shared permissions").

This fix only changes permissions before the shared permissions are
taken into account (so before adjust_shared_perm() is called).

> Or does $GIT_DIR/index go through the same adjust_shared_perm() anyway
> in the end, which means df801f3f9f must stay?

Yeah, $GIT_DIR/index goes through adjust_shared_perm() too because
create_tempfile() calls adjust_shared_perm(). So indeed df801f3f9f
must stay.

> If so, perhaps clarify
> that in the commit message.

There is already the following about df801f3f9f:

---
A bug related to this was spotted, fixed and tested for in df801f3f9f
("read-cache: use shared perms when writing shared index", 2017-06-25)
and 3ee83f48e5 ("t1700: make sure split-index respects
core.sharedrepository", 2017-06-25).

However, as noted in those commits we'd still create the file as 0600,
and would just re-chmod it depending on the setting of
core.sharedRepository.
---

So I would think that df801f3f9f should perhaps have explained that
create_tempfile() calls adjust_shared_perm(), but I don't think that
it is very relevant in this commit message. We are already talking
about df801f3f9f which should be enough to explain the issue
df801f3f9f fixed, and I think we should not need to explain in more
details why df801f3f9f did a good job. It's not as if we are reverting
it. We are just complementing it with another fix related to what
happens before adjust_shared_perm() is called.

I think rewording the comment a bit might help though, for example maybe:

/* Same initial permissions as the main .git/index file */

instead of:

/* Same permissions as the main .git/index file */

Thanks,
Christian.