After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 748959 - mirror repo .filez objects are 0600
mirror repo .filez objects are 0600
Status: RESOLVED FIXED
Product: ostree
Classification: Infrastructure
Component: general
unspecified
Other Linux
: Normal normal
: ---
Assigned To: OSTree maintainer(s)
OSTree maintainer(s)
Depends on:
Blocks:
 
 
Reported: 2015-05-05 14:58 UTC by Colin Walters
Modified: 2015-08-27 15:37 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
tests: Build test-lzma with LZMA flags (1.11 KB, patch)
2015-08-26 17:05 UTC, Dan Nicholson
committed Details | Review
pull: Set file mode properly when mirroring (1.87 KB, patch)
2015-08-26 17:05 UTC, Dan Nicholson
none Details | Review
0001-fetcher-Use-0666-umask-for-temporary-files.patch (2.29 KB, patch)
2015-08-26 20:01 UTC, Colin Walters
none Details | Review

Description Colin Walters 2015-05-05 14:58:54 UTC
Saw this while doing something else, in a newly created mirror .filez objects at least are mode 0600 which is a regression.
Comment 1 Dan Nicholson 2015-08-26 17:05:50 UTC
Created attachment 310050 [details] [review]
tests: Build test-lzma with LZMA flags

test-lzma builds a copy of the compressor and decompressor directly, so
the compiler needs access to the LZMA headers and the linker needs to
link the program with liblzma.
Comment 2 Dan Nicholson 2015-08-26 17:05:53 UTC
Created attachment 310051 [details] [review]
pull: Set file mode properly when mirroring

The pull mirror mode bypasses decompressing the archive-z2 file objects,
instead moving the downloaded temporary object directly into the real
object store. Since the temporary objects are created without group or
world read permissions, the repo commits will only be readable by the
user owning the repo.

Change the mode of the temporary objects to 0644 before moving them to
the real object store.
Comment 3 Colin Walters 2015-08-26 20:01:53 UTC
Created attachment 310061 [details] [review]
0001-fetcher-Use-0666-umask-for-temporary-files.patch

How about this instead?
Comment 4 Dan Nicholson 2015-08-26 20:37:21 UTC
Yeah, that should work. I thought maybe there was a good reason they were created 0600, but I agree that there's no real reason. Also, thanks for adding the test - I was planning to do that but forgot.

Let me do a quick test, but I think that's fine.
Comment 5 Dan Nicholson 2015-08-26 20:43:25 UTC
Looks good to me.
Comment 6 Dan Nicholson 2015-08-27 15:25:11 UTC
Did you mean to merge this or are you still testing it?
Comment 7 Colin Walters 2015-08-27 15:37:12 UTC
(In reply to Dan Nicholson from comment #6)
> Did you mean to merge this or are you still testing it?

Oops, I had meant to before 2015.8.  Pushed now, thanks.