shared repository - add a few missing calls to adjust_shared_perm().

There were a few calls to adjust_shared_perm() that were
missing:

- init-db creates refs, refs/heads, and refs/tags before
reading from templates that could specify sharedrepository in
the config file;

- updating config file created it under user's umask without
adjusting;

- updating refs created it under user's umask without
adjusting;

- switching branches created .git/HEAD under user's umask
without adjusting.

This moves adjust_shared_perm() from sha1_file.c to path.c,
since a few SIMPLE_PROGRAM need to call repository configuration
functions which in turn need to call adjust_shared_perm().
sha1_file.c needs to link with SHA1 computation library which
is usually not linked to SIMPLE_PROGRAM.

Signed-off-by: Junio C Hamano <junkio@cox.net>

diff --git a/builtin-init-db.c b/builtin-init-db.c
index 88b39a47eba51f709895d9460d16eacf6cee152f..6a24e9bcab4a7b364b69f9ccf2ae822c40873895 100644 (file)
--- a/builtin-init-db.c
+++ b/builtin-init-db.c
@@ -198,6 +198,21 @@ static void create_default_files(const char *git_dir, const char *template_path)
 
        git_config(git_default_config);
 
+       /*
+        * We would have created the above under user's umask -- under
+        * shared-repository settings, we would need to fix them up.
+        */
+       if (shared_repository) {
+               path[len] = 0;
+               adjust_shared_perm(path);
+               strcpy(path + len, "refs");
+               adjust_shared_perm(path);
+               strcpy(path + len, "refs/heads");
+               adjust_shared_perm(path);
+               strcpy(path + len, "refs/tags");
+               adjust_shared_perm(path);
+       }
+
        /*
         * Create the default symlink from ".git/HEAD" to the "master"
         * branch, if it does not exist yet.

diff --git a/config.c b/config.c
index 2ae6153e5ee29ca88f52241d1ece79069d8c5875..c47497001e172060abdcd08e4a606bec89303232 100644 (file)
--- a/config.c
+++ b/config.c
@@ -536,7 +536,7 @@ int git_config_set_multivar(const char* key, const char* value,
         * contents of .git/config will be written into it.
         */
        fd = open(lock_file, O_WRONLY | O_CREAT | O_EXCL, 0666);
-       if (fd < 0) {
+       if (fd < 0 || adjust_shared_perm(lock_file)) {
                fprintf(stderr, "could not lock config file\n");
                free(store.key);
                ret = -1;

diff --git a/lockfile.c b/lockfile.c
index 9bc60837aa12fbe2e659ff6fb5b52e862fbe03c3..2346e0e9ef0dbd247daf9d77c373029b491068c4 100644 (file)
--- a/lockfile.c
+++ b/lockfile.c
@@ -27,11 +27,16 @@ int hold_lock_file_for_update(struct lock_file *lk, const char *path)
        int fd;
        sprintf(lk->filename, "%s.lock", path);
        fd = open(lk->filename, O_RDWR | O_CREAT | O_EXCL, 0666);
-       if (fd >=0 && !lk->next) {
-               lk->next = lock_file_list;
-               lock_file_list = lk;
-               signal(SIGINT, remove_lock_file_on_signal);
-               atexit(remove_lock_file);
+       if (0 <= fd) {
+               if (!lk->next) {
+                       lk->next = lock_file_list;
+                       lock_file_list = lk;
+                       signal(SIGINT, remove_lock_file_on_signal);
+                       atexit(remove_lock_file);
+               }
+               if (adjust_shared_perm(lk->filename))
+                       return error("cannot fix permission bits on %s",
+                                    lk->filename);
        }
        return fd;
 }

diff --git a/path.c b/path.c
index 334b2bd195f56ac6aaf9f9b8a36fe59115cd758c..5168b5f17dfc63bfaf5386e779806fba052edf49 100644 (file)
--- a/path.c
+++ b/path.c
@@ -250,3 +250,26 @@ char *enter_repo(char *path, int strict)
 
        return NULL;
 }
+
+int adjust_shared_perm(const char *path)
+{
+       struct stat st;
+       int mode;
+
+       if (!shared_repository)
+               return 0;
+       if (lstat(path, &st) < 0)
+               return -1;
+       mode = st.st_mode;
+       if (mode & S_IRUSR)
+               mode |= S_IRGRP;
+       if (mode & S_IWUSR)
+               mode |= S_IWGRP;
+       if (mode & S_IXUSR)
+               mode |= S_IXGRP;
+       if (S_ISDIR(mode))
+               mode |= S_ISGID;
+       if (chmod(path, mode) < 0)
+               return -2;
+       return 0;
+}

diff --git a/refs.c b/refs.c
index f91b7716dc623b655fb56b359998b691d2ab6af6..713ca467368e24f6112663b7b96921f9d1bbc145 100644 (file)
--- a/refs.c
+++ b/refs.c
@@ -104,6 +104,11 @@ int create_symref(const char *git_HEAD, const char *refs_heads_master)
                error("Unable to create %s", git_HEAD);
                return -3;
        }
+       if (adjust_shared_perm(git_HEAD)) {
+               unlink(lockpath);
+               error("Unable to fix permissions on %s", lockpath);
+               return -4;
+       }
        return 0;
 }
 

diff --git a/sha1_file.c b/sha1_file.c
index aea0f40d57a134a2a853136cd0815e5c743a115d..b4ff233bad3c15692610f93549b25cd0cf042392 100644 (file)
--- a/sha1_file.c
+++ b/sha1_file.c
@@ -50,29 +50,6 @@ int get_sha1_hex(const char *hex, unsigned char *sha1)
        return 0;
 }
 
-int adjust_shared_perm(const char *path)
-{
-       struct stat st;
-       int mode;
-
-       if (!shared_repository)
-               return 0;
-       if (lstat(path, &st) < 0)
-               return -1;
-       mode = st.st_mode;
-       if (mode & S_IRUSR)
-               mode |= S_IRGRP;
-       if (mode & S_IWUSR)
-               mode |= S_IWGRP;
-       if (mode & S_IXUSR)
-               mode |= S_IXGRP;
-       if (S_ISDIR(mode))
-               mode |= S_ISGID;
-       if (chmod(path, mode) < 0)
-               return -2;
-       return 0;
-}
-
 int safe_create_leading_directories(char *path)
 {
        char *pos = path;