summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJunio C Hamano <junkio@cox.net>2006-06-09 23:09:49 -0700
committerJunio C Hamano <junkio@cox.net>2006-06-10 01:31:31 -0700
commit94df2506edd76a886a1044376f8c99349b2f226e (patch)
tree08bd44a53885e963bc6e7915c2e8c95df6db7d37
parent5e3a620cd5f7baaf27198192a614271c6145ec3b (diff)
downloadgit-94df2506edd76a886a1044376f8c99349b2f226e.tar.gz
shared repository: optionally allow reading to "others".
This enhances core.sharedrepository to have additionally specify that read and exec permissions to be given to others as well. It is useful when serving a repository via gitweb and git-daemon that runs as a user outside the project group. The configuration item can take the following values: [core] sharedrepository ; the same as "group" sharedrepository = true ; ditto sharedrepository = 1 ; ditto sharedrepository = group ; allow rwx to group sharedrepository = all ; allow rwx to group, allow rx to other sharedrepository = umask ; not shared - use umask It also extends "git init-db" to take "--shared=all" and friends from the command line. Signed-off-by: Junio C Hamano <junkio@cox.net>
-rw-r--r--builtin-init-db.c15
-rw-r--r--cache.h6
-rw-r--r--environment.c2
-rw-r--r--path.c14
-rw-r--r--setup.c17
5 files changed, 47 insertions, 7 deletions
diff --git a/builtin-init-db.c b/builtin-init-db.c
index 6a24e9bcab..7fdd2fa9f9 100644
--- a/builtin-init-db.c
+++ b/builtin-init-db.c
@@ -263,7 +263,9 @@ int cmd_init_db(int argc, const char **argv, char **envp)
if (!strncmp(arg, "--template=", 11))
template_dir = arg+11;
else if (!strcmp(arg, "--shared"))
- shared_repository = 1;
+ shared_repository = PERM_GROUP;
+ else if (!strncmp(arg, "--shared=", 9))
+ shared_repository = git_config_perm("arg", arg+9);
else
die(init_db_usage);
}
@@ -301,8 +303,15 @@ int cmd_init_db(int argc, const char **argv, char **envp)
strcpy(path+len, "/info");
safe_create_dir(path, 1);
- if (shared_repository)
- git_config_set("core.sharedrepository", "true");
+ if (shared_repository) {
+ char buf[10];
+ /* We do not spell "group" and such, so that
+ * the configuration can be read by older version
+ * of git.
+ */
+ sprintf(buf, "%d", shared_repository);
+ git_config_set("core.sharedrepository", buf);
+ }
return 0;
}
diff --git a/cache.h b/cache.h
index d5d7fe4f8c..1b8e053f28 100644
--- a/cache.h
+++ b/cache.h
@@ -208,6 +208,12 @@ extern const unsigned char null_sha1[20];
int git_mkstemp(char *path, size_t n, const char *template);
+enum sharedrepo {
+ PERM_UMASK = 0,
+ PERM_GROUP,
+ PERM_EVERYBODY
+};
+int git_config_perm(const char *var, const char *value);
int adjust_shared_perm(const char *path);
int safe_create_leading_directories(char *path);
char *safe_strncpy(char *, const char *, size_t);
diff --git a/environment.c b/environment.c
index 2e79eab18d..3de8eb3b2a 100644
--- a/environment.c
+++ b/environment.c
@@ -18,7 +18,7 @@ int log_all_ref_updates = 0;
int warn_ambiguous_refs = 1;
int repository_format_version = 0;
char git_commit_encoding[MAX_ENCODING_LENGTH] = "utf-8";
-int shared_repository = 0;
+int shared_repository = PERM_UMASK;
const char *apply_default_whitespace = NULL;
static char *git_dir, *git_object_dir, *git_index_file, *git_refs_dir,
diff --git a/path.c b/path.c
index 5168b5f17d..5d82503b6b 100644
--- a/path.c
+++ b/path.c
@@ -262,11 +262,21 @@ int adjust_shared_perm(const char *path)
return -1;
mode = st.st_mode;
if (mode & S_IRUSR)
- mode |= S_IRGRP;
+ mode |= (shared_repository == PERM_GROUP
+ ? S_IRGRP
+ : (shared_repository == PERM_EVERYBODY
+ ? (S_IRGRP|S_IROTH)
+ : 0));
+
if (mode & S_IWUSR)
mode |= S_IWGRP;
+
if (mode & S_IXUSR)
- mode |= S_IXGRP;
+ mode |= (shared_repository == PERM_GROUP
+ ? S_IXGRP
+ : (shared_repository == PERM_EVERYBODY
+ ? (S_IXGRP|S_IXOTH)
+ : 0));
if (S_ISDIR(mode))
mode |= S_ISGID;
if (chmod(path, mode) < 0)
diff --git a/setup.c b/setup.c
index fe7f884696..4612f110ee 100644
--- a/setup.c
+++ b/setup.c
@@ -219,12 +219,27 @@ const char *setup_git_directory_gently(int *nongit_ok)
return cwd + offset;
}
+int git_config_perm(const char *var, const char *value)
+{
+ if (value) {
+ if (!strcmp(value, "umask"))
+ return PERM_UMASK;
+ if (!strcmp(value, "group"))
+ return PERM_GROUP;
+ if (!strcmp(value, "all") ||
+ !strcmp(value, "world") ||
+ !strcmp(value, "everybody"))
+ return PERM_EVERYBODY;
+ }
+ return git_config_bool(var, value);
+}
+
int check_repository_format_version(const char *var, const char *value)
{
if (strcmp(var, "core.repositoryformatversion") == 0)
repository_format_version = git_config_int(var, value);
else if (strcmp(var, "core.sharedrepository") == 0)
- shared_repository = git_config_bool(var, value);
+ shared_repository = git_config_perm(var, value);
return 0;
}