git-annex/Utility/FileMode.hs

{- File mode utilities.
 -
 - Copyright 2010-2023 Joey Hess <id@joeyh.name>
 -
 - License: BSD-2-clause
 -}

{-# LANGUAGE CPP #-}
{-# OPTIONS_GHC -fno-warn-tabs #-}

module Utility.FileMode (
	module Utility.FileMode,
	FileMode,
) where

import System.IO
import Control.Monad
import System.PosixCompat.Types
import System.PosixCompat.Files (unionFileModes, intersectFileModes, stdFileMode, nullFileMode, groupReadMode, ownerReadMode, ownerWriteMode, ownerExecuteMode, groupWriteMode, groupExecuteMode, otherReadMode, otherWriteMode, otherExecuteMode, fileMode)
#ifndef mingw32_HOST_OS
import System.PosixCompat.Files (setFileCreationMask)
#endif
import Control.Monad.IO.Class
import Foreign (complement)
import Control.Monad.Catch

import Utility.Exception
import Utility.FileSystemEncoding
import qualified Utility.RawFilePath as R

{- Applies a conversion function to a file's mode. -}
modifyFileMode :: RawFilePath -> (FileMode -> FileMode) -> IO ()
modifyFileMode f convert = void $ modifyFileMode' f convert

modifyFileMode' :: RawFilePath -> (FileMode -> FileMode) -> IO FileMode
modifyFileMode' f convert = do
	s <- R.getFileStatus f
	let old = fileMode s
	let new = convert old
	when (new /= old) $
		R.setFileMode f new
	return old

{- Runs an action after changing a file's mode, then restores the old mode. -}
withModifiedFileMode :: RawFilePath -> (FileMode -> FileMode) -> IO a -> IO a
withModifiedFileMode file convert a = bracket setup cleanup go
  where
	setup = modifyFileMode' file convert
	cleanup oldmode = modifyFileMode file (const oldmode)
	go _ = a

{- Adds the specified FileModes to the input mode, leaving the rest
 - unchanged. -}
addModes :: [FileMode] -> FileMode -> FileMode
addModes ms m = combineModes (m:ms)

{- Removes the specified FileModes from the input mode. -}
removeModes :: [FileMode] -> FileMode -> FileMode
removeModes ms m = m `intersectFileModes` complement (combineModes ms)

writeModes :: [FileMode]
writeModes = [ownerWriteMode, groupWriteMode, otherWriteMode]

readModes :: [FileMode]
readModes = [ownerReadMode, groupReadMode, otherReadMode]

executeModes :: [FileMode]
executeModes = [ownerExecuteMode, groupExecuteMode, otherExecuteMode]

otherGroupModes :: [FileMode]
otherGroupModes = 
	[ groupReadMode, otherReadMode
	, groupWriteMode, otherWriteMode
	, groupExecuteMode, otherExecuteMode
	]

{- Removes the write bits from a file. -}
preventWrite :: RawFilePath -> IO ()
preventWrite f = modifyFileMode f $ removeModes writeModes

{- Turns a file's owner write bit back on. -}
allowWrite :: RawFilePath -> IO ()
allowWrite f = modifyFileMode f $ addModes [ownerWriteMode]

{- Turns a file's owner read bit back on. -}
allowRead :: RawFilePath -> IO ()
allowRead f = modifyFileMode f $ addModes [ownerReadMode]

{- Allows owner and group to read and write to a file. -}
groupSharedModes :: [FileMode]
groupSharedModes =
	[ ownerWriteMode, groupWriteMode
	, ownerReadMode, groupReadMode
	]

groupWriteRead :: RawFilePath -> IO ()
groupWriteRead f = modifyFileMode f $ addModes groupSharedModes

checkMode :: FileMode -> FileMode -> Bool
checkMode checkfor mode = checkfor `intersectFileModes` mode == checkfor

{- Checks if a file has any executable bits set. -}
isExecutable :: FileMode -> Bool
isExecutable mode = combineModes executeModes `intersectFileModes` mode /= 0

data ModeSetter = ModeSetter FileMode (RawFilePath -> IO ())

{- Runs an action which should create the file, passing it the desired
 - initial file mode. Then runs the ModeSetter's action on the file, which
 - can adjust the initial mode if umask prevented the file from being
 - created with the right mode. -}
applyModeSetter :: Maybe ModeSetter -> RawFilePath -> (Maybe FileMode -> IO a) -> IO a
applyModeSetter (Just (ModeSetter mode modeaction)) file a = do
	r <- a (Just mode)
	void $ tryIO $ modeaction file
	return r
applyModeSetter Nothing _ a = 
	a Nothing

withUmask :: (MonadIO m, MonadMask m) => FileMode -> m a -> m a
#ifndef mingw32_HOST_OS
withUmask umask a = bracket setup cleanup go
  where
	setup = liftIO $ setFileCreationMask umask
	cleanup = liftIO . setFileCreationMask
	go _ = a
#else
withUmask _ a = a
#endif

getUmask :: IO FileMode
#ifndef mingw32_HOST_OS
getUmask = bracket setup cleanup return
  where
	setup = setFileCreationMask nullFileMode
	cleanup = setFileCreationMask
#else
getUmask = return nullFileMode
#endif

defaultFileMode :: IO FileMode
defaultFileMode = do
	umask <- getUmask
	return $ intersectFileModes (complement umask) stdFileMode

combineModes :: [FileMode] -> FileMode
combineModes [] = 0
combineModes [m] = m
combineModes (m:ms) = foldl unionFileModes m ms

isSticky :: FileMode -> Bool
#ifdef mingw32_HOST_OS
isSticky _ = False
#else
isSticky = checkMode stickyMode

stickyMode :: FileMode
stickyMode = 512

setSticky :: RawFilePath -> IO ()
setSticky f = modifyFileMode f $ addModes [stickyMode]
#endif

{- Writes a file, ensuring that its modes do not allow it to be read
 - or written by anyone other than the current user,
 - before any content is written.
 -
 - When possible, this is done using the umask.
 -
 - On a filesystem that does not support file permissions, this is the same
 - as writeFile.
 -}
writeFileProtected :: RawFilePath -> String -> IO ()
writeFileProtected file content = writeFileProtected' file 
	(\h -> hPutStr h content)

writeFileProtected' :: RawFilePath -> (Handle -> IO ()) -> IO ()
writeFileProtected' file writer = bracket setup cleanup writer
  where
	setup = do
		h <- protectedOutput $ openFile (fromRawFilePath file) WriteMode
		void $ tryIO $ modifyFileMode file $ removeModes otherGroupModes
		return h
	cleanup = hClose

protectedOutput :: IO a -> IO a
protectedOutput = withUmask 0o0077
refactor 2011-09-23 22:13:24 +00:00			`{- File mode utilities.`
			`-`
avoid annexFileMode special case This makes annexFileMode be just an application of setAnnexPerm', which avoids having 2 functions that do different versions of the same thing. Fixes some buggy behavior for some combinations of core.sharedRepository and umask. Sponsored-by: Jack Hill on Patreon 2023-04-27 19:57:50 +00:00			`- Copyright 2010-2023 Joey Hess <id@joeyh.name>`
refactor 2011-09-23 22:13:24 +00:00			`-`
relicense general utility library code to BSD Omitted a couple of files what have had significant contributions from others. 2014-05-10 14:01:27 +00:00			`- License: BSD-2-clause`
refactor 2011-09-23 22:13:24 +00:00			`-}`

stub out POSIX stuff 2013-05-10 21:29:59 +00:00			`{-# LANGUAGE CPP #-}`
avoid build warning 2020-09-07 19:10:09 +00:00			`{-# OPTIONS_GHC -fno-warn-tabs #-}`
stub out POSIX stuff 2013-05-10 21:29:59 +00:00
export FileMode type 2015-10-08 18:26:21 +00:00			`module Utility.FileMode (`
fix export list to work on windows 2015-10-12 19:08:17 +00:00			`module Utility.FileMode,`
export FileMode type 2015-10-08 18:26:21 +00:00			`FileMode,`
			`) where`
refactor 2011-09-23 22:13:24 +00:00
avoid importing Common it caused a loop when reusing this in propellor 2014-03-30 22:43:05 +00:00			`import System.IO`
			`import Control.Monad`
use unix-compat, removed a lot of stubs in Utility.FileMode 2013-05-11 16:16:47 +00:00			`import System.PosixCompat.Types`
fix build warning on windows 2023-03-27 16:17:55 +00:00			`import System.PosixCompat.Files (unionFileModes, intersectFileModes, stdFileMode, nullFileMode, groupReadMode, ownerReadMode, ownerWriteMode, ownerExecuteMode, groupWriteMode, groupExecuteMode, otherReadMode, otherWriteMode, otherExecuteMode, fileMode)`
fix build warnings on windows 2023-03-21 22:22:41 +00:00			`#ifndef mingw32_HOST_OS`
			`import System.PosixCompat.Files (setFileCreationMask)`
			`#endif`
remove unused isSymLink That made Utility.FileMode depend on unix, but Utility.Tmp now depends on it, and is used by Setup, which does not. So it was easiest to remove this, especially since it's not used. 2020-09-02 18:59:35 +00:00			`import Control.Monad.IO.Class`
refactor 2011-09-23 22:13:24 +00:00			`import Foreign (complement)`
generalize to MonadIO 2015-11-12 22:03:49 +00:00			`import Control.Monad.Catch`
refactor 2011-09-23 22:13:24 +00:00
avoid importing Common it caused a loop when reusing this in propellor 2014-03-30 22:43:05 +00:00			`import Utility.Exception`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`import Utility.FileSystemEncoding`
			`import qualified Utility.RawFilePath as R`
avoid importing Common it caused a loop when reusing this in propellor 2014-03-30 22:43:05 +00:00
Support git's core.sharedRepository configuration This is incomplete, it does not honor it yet for hash directories and other annex bookkeeping files. Some of that is not needed for a bare repo; some of it may be. 2012-04-21 18:06:36 +00:00			`{- Applies a conversion function to a file's mode. -}`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`modifyFileMode :: RawFilePath -> (FileMode -> FileMode) -> IO ()`
bring back some deleted functions that git-repair uses 2015-12-16 00:42:35 +00:00			`modifyFileMode f convert = void $ modifyFileMode' f convert`

more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`modifyFileMode' :: RawFilePath -> (FileMode -> FileMode) -> IO FileMode`
bring back some deleted functions that git-repair uses 2015-12-16 00:42:35 +00:00			`modifyFileMode' f convert = do`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`s <- R.getFileStatus f`
Support git's core.sharedRepository configuration This is incomplete, it does not honor it yet for hash directories and other annex bookkeeping files. Some of that is not needed for a bare repo; some of it may be. 2012-04-21 18:06:36 +00:00			`let old = fileMode s`
			`let new = convert old`
			`when (new /= old) $`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`R.setFileMode f new`
bring back some deleted functions that git-repair uses 2015-12-16 00:42:35 +00:00			`return old`

			`{- Runs an action after changing a file's mode, then restores the old mode. -}`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`withModifiedFileMode :: RawFilePath -> (FileMode -> FileMode) -> IO a -> IO a`
bring back some deleted functions that git-repair uses 2015-12-16 00:42:35 +00:00			`withModifiedFileMode file convert a = bracket setup cleanup go`
			`where`
			`setup = modifyFileMode' file convert`
			`cleanup oldmode = modifyFileMode file (const oldmode)`
			`go _ = a`
Support git's core.sharedRepository configuration This is incomplete, it does not honor it yet for hash directories and other annex bookkeeping files. Some of that is not needed for a bare repo; some of it may be. 2012-04-21 18:06:36 +00:00
better file mode setting code 2012-04-21 20:01:56 +00:00			`{- Adds the specified FileModes to the input mode, leaving the rest`
			`- unchanged. -}`
			`addModes :: [FileMode] -> FileMode -> FileMode`
			`addModes ms m = combineModes (m:ms)`

			`{- Removes the specified FileModes from the input mode. -}`
			`removeModes :: [FileMode] -> FileMode -> FileMode`
			removeModes ms m = m `intersectFileModes` complement (combineModes ms)

			`writeModes :: [FileMode]`
			`writeModes = [ownerWriteMode, groupWriteMode, otherWriteMode]`

			`readModes :: [FileMode]`
			`readModes = [ownerReadMode, groupReadMode, otherReadMode]`
refactor 2011-09-23 22:13:24 +00:00
use xmpp::user@host for xmpp remotes Inject the required git-remote-xmpp into PATH when running xmpp git push. Rest of the time it will not be in PATH, and git won't be able to talk to xmpp remotes. 2012-11-09 16:51:54 +00:00			`executeModes :: [FileMode]`
			`executeModes = [ownerExecuteMode, groupExecuteMode, otherExecuteMode]`

refactor 2014-04-01 00:15:16 +00:00			`otherGroupModes :: [FileMode]`
			`otherGroupModes =`
			`[ groupReadMode, otherReadMode`
			`, groupWriteMode, otherWriteMode`
Make test suite work better when the temp directory is on NFS. Deleting directories is one of the great unsolved problems of CS, thanks to abominations like NFS lock files and Windows and races with other processes cleaning up after themselves in the background. The gpg test harness sometimes failed to delete its temp directory on NFS. Avoid the problem class by not deleting it at all, and putting it inside the tmp repo being tested. The test suite's more robust (and/or nonsensical) workarounds for deleting its test dir will thus be used, hopefully avoiding the problem until an OS finds a new way to violate POSIX and the laws of nature. Note that this means that the .gnupg directory will be on whatever filesystem the test suite is being run on, which may be a lesser quality filesystem than gpg is really expecting. Gpg does not seem to need to write sockets etc to there so this seems ok. The only known problem is that if the filesystem forces a directory mode like 777, gpg will warn about unsafe home directory perms, but it still works. 2018-12-19 15:56:39 +00:00			`, groupExecuteMode, otherExecuteMode`
refactor 2014-04-01 00:15:16 +00:00			`]`

refactor 2011-09-23 22:13:24 +00:00			`{- Removes the write bits from a file. -}`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`preventWrite :: RawFilePath -> IO ()`
better file mode setting code 2012-04-21 20:01:56 +00:00			`preventWrite f = modifyFileMode f $ removeModes writeModes`
refactor 2011-09-23 22:13:24 +00:00
better file mode setting code 2012-04-21 20:01:56 +00:00			`{- Turns a file's owner write bit back on. -}`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`allowWrite :: RawFilePath -> IO ()`
better file mode setting code 2012-04-21 20:01:56 +00:00			`allowWrite f = modifyFileMode f $ addModes [ownerWriteMode]`
make unused check branches and tags too needs time and space optimisation 2011-09-28 20:43:10 +00:00
add allowRead 2013-11-20 17:42:13 +00:00			`{- Turns a file's owner read bit back on. -}`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`allowRead :: RawFilePath -> IO ()`
add allowRead 2013-11-20 17:42:13 +00:00			`allowRead f = modifyFileMode f $ addModes [ownerReadMode]`

Support git's core.sharedRepository configuration This is incomplete, it does not honor it yet for hash directories and other annex bookkeeping files. Some of that is not needed for a bare repo; some of it may be. 2012-04-21 18:06:36 +00:00			`{- Allows owner and group to read and write to a file. -}`
Ensure execute bit is set on directories when core.sharedrepsitory is set. 2013-11-18 22:05:37 +00:00			`groupSharedModes :: [FileMode]`
			`groupSharedModes =`
better file mode setting code 2012-04-21 20:01:56 +00:00			`[ ownerWriteMode, groupWriteMode`
Support git's core.sharedRepository configuration This is incomplete, it does not honor it yet for hash directories and other annex bookkeeping files. Some of that is not needed for a bare repo; some of it may be. 2012-04-21 18:06:36 +00:00			`, ownerReadMode, groupReadMode`
			`]`

more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`groupWriteRead :: RawFilePath -> IO ()`
Ensure execute bit is set on directories when core.sharedrepsitory is set. 2013-11-18 22:05:37 +00:00			`groupWriteRead f = modifyFileMode f $ addModes groupSharedModes`

move sticky bit code into Utility.FileMode Simplified it using existing functions. I doubt setSticky needs to return the FileMode; if it does for some reason, it can be changed to use modifyFileMode' Converted isSticky to a pure function for consistency with isSymlink. Note that the sticky bit of a file can be tested thus: isSticky . fileMode <$> getFileStatus file 2012-09-25 17:30:32 +00:00			`checkMode :: FileMode -> FileMode -> Bool`
			checkMode checkfor mode = checkfor `intersectFileModes` mode == checkfor

check hook executability 2012-03-14 16:17:38 +00:00			`{- Checks if a file has any executable bits set. -}`
			`isExecutable :: FileMode -> Bool`
use xmpp::user@host for xmpp remotes Inject the required git-remote-xmpp into PATH when running xmpp git push. Rest of the time it will not be in PATH, and git won't be able to talk to xmpp remotes. 2012-11-09 16:51:54 +00:00			isExecutable mode = combineModes executeModes `intersectFileModes` mode /= 0
better file mode setting code 2012-04-21 20:01:56 +00:00
avoid annexFileMode special case This makes annexFileMode be just an application of setAnnexPerm', which avoids having 2 functions that do different versions of the same thing. Fixes some buggy behavior for some combinations of core.sharedRepository and umask. Sponsored-by: Jack Hill on Patreon 2023-04-27 19:57:50 +00:00			`data ModeSetter = ModeSetter FileMode (RawFilePath -> IO ())`

			`{- Runs an action which should create the file, passing it the desired`
			`- initial file mode. Then runs the ModeSetter's action on the file, which`
			`- can adjust the initial mode if umask prevented the file from being`
			`- created with the right mode. -}`
			`applyModeSetter :: Maybe ModeSetter -> RawFilePath -> (Maybe FileMode -> IO a) -> IO a`
			`applyModeSetter (Just (ModeSetter mode modeaction)) file a = do`
			`r <- a (Just mode)`
			`void $ tryIO $ modeaction file`
			`return r`
			`applyModeSetter Nothing _ a =`
			`a Nothing`
Better workaround for problem umasks when eg, setting up ssh keys. 2014-03-14 17:37:58 +00:00
generalize to MonadIO 2015-11-12 22:03:49 +00:00			`withUmask :: (MonadIO m, MonadMask m) => FileMode -> m a -> m a`
Better workaround for problem umasks when eg, setting up ssh keys. 2014-03-14 17:37:58 +00:00			`#ifndef mingw32_HOST_OS`
			`withUmask umask a = bracket setup cleanup go`
finished where indentation changes 2012-12-13 04:24:19 +00:00			`where`
generalize to MonadIO 2015-11-12 22:03:49 +00:00			`setup = liftIO $ setFileCreationMask umask`
			`cleanup = liftIO . setFileCreationMask`
finished where indentation changes 2012-12-13 04:24:19 +00:00			`go _ = a`
stub out POSIX stuff 2013-05-10 21:29:59 +00:00			`#else`
Better workaround for problem umasks when eg, setting up ssh keys. 2014-03-14 17:37:58 +00:00			`withUmask _ a = a`
stub out POSIX stuff 2013-05-10 21:29:59 +00:00			`#endif`
honor core.sharedRepository when making all the other files in the annex Lock files, directories, etc. 2012-04-21 20:59:49 +00:00
Work around sqlite's incorrect handling of umask when creating databases. Refactored some common code into initDb. This only deals with the problem when creating new databases. If a repo got bad permissions into it, it's up to the user to deal with it. This commit was sponsored by Ole-Morten Duesund on Patreon. 2017-02-13 21:30:28 +00:00			`getUmask :: IO FileMode`
			`#ifndef mingw32_HOST_OS`
			`getUmask = bracket setup cleanup return`
			`where`
			`setup = setFileCreationMask nullFileMode`
			`cleanup = setFileCreationMask`
			`#else`
			`getUmask = return nullFileMode`
			`#endif`

			`defaultFileMode :: IO FileMode`
			`defaultFileMode = do`
			`umask <- getUmask`
			`return $ intersectFileModes (complement umask) stdFileMode`

better file mode setting code 2012-04-21 20:01:56 +00:00			`combineModes :: [FileMode] -> FileMode`
revert reversion merged from propellor 2015-04-29 18:15:08 +00:00			`combineModes [] = 0`
better file mode setting code 2012-04-21 20:01:56 +00:00			`combineModes [m] = m`
			`combineModes (m:ms) = foldl unionFileModes m ms`
use unix-compat, removed a lot of stubs in Utility.FileMode 2013-05-11 16:16:47 +00:00
			`isSticky :: FileMode -> Bool`
get rid of __WINDOWS__, use mingw32_HOST_OS The latter is harder for me to remember, but avoids build failures in code used by the configure program. 2013-08-02 16:27:32 +00:00			`#ifdef mingw32_HOST_OS`
use unix-compat, removed a lot of stubs in Utility.FileMode 2013-05-11 16:16:47 +00:00			`isSticky _ = False`
stub out POSIX stuff 2013-05-10 21:29:59 +00:00			`#else`
use unix-compat, removed a lot of stubs in Utility.FileMode 2013-05-11 16:16:47 +00:00			`isSticky = checkMode stickyMode`
move sticky bit code into Utility.FileMode Simplified it using existing functions. I doubt setSticky needs to return the FileMode; if it does for some reason, it can be changed to use modifyFileMode' Converted isSticky to a pure function for consistency with isSymlink. Note that the sticky bit of a file can be tested thus: isSticky . fileMode <$> getFileStatus file 2012-09-25 17:30:32 +00:00
			`stickyMode :: FileMode`
			`stickyMode = 512`

more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`setSticky :: RawFilePath -> IO ()`
move sticky bit code into Utility.FileMode Simplified it using existing functions. I doubt setSticky needs to return the FileMode; if it does for some reason, it can be changed to use modifyFileMode' Converted isSticky to a pure function for consistency with isSymlink. Note that the sticky bit of a file can be tested thus: isSticky . fileMode <$> getFileStatus file 2012-09-25 17:30:32 +00:00			`setSticky f = modifyFileMode f $ addModes [stickyMode]`
git-annex now builds on Windows (doesn't work) 2013-05-11 20:03:00 +00:00			`#endif`
restart UI Browser behavior is not ideal; a new tab is opened on restart. Browsers won't let me redirect to a file:// so I cannot use the old tab. 2013-01-03 22:50:30 +00:00
			`{- Writes a file, ensuring that its modes do not allow it to be read`
Better workaround for problem umasks when eg, setting up ssh keys. 2014-03-14 17:37:58 +00:00			`- or written by anyone other than the current user,`
			`- before any content is written.`
			`-`
			`- When possible, this is done using the umask.`
avoid crashing on Android when file mode of .git/annex/url cannot be set Presumably, if the filesystem doesn't support file permissions, it's not much of a multiuser system. 2013-05-03 03:34:58 +00:00			`-`
			`- On a filesystem that does not support file permissions, this is the same`
			`- as writeFile.`
			`-}`
more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`writeFileProtected :: RawFilePath -> String -> IO ()`
merge generalization of writeFileProtected from propellor 2015-04-28 18:58:29 +00:00			`writeFileProtected file content = writeFileProtected' file`
			`(\h -> hPutStr h content)`

more RawFilePath conversion Converted file mode setting to it, and follow-on changes. Compiles up through 369/646. This commit was sponsored by Ethan Aubin. 2020-11-05 22:45:37 +00:00			`writeFileProtected' :: RawFilePath -> (Handle -> IO ()) -> IO ()`
Fix crash of enableremote when the special remote has embedcreds=yes The crash occurred because writeCreds got called twice, and writeFileProtected neglected to close its file handle, so the file was open for write when written the second time. It seems unncessary and suboptimal that writeCreds gets called twice. One call is from getRemoteCredPair and the other from setRemoteCredPair'. What happens is that in the enableremote case, code that also runs at initremote does unncessary work. Might be possible to improve that, but I've gone for the simple fix. Sponsored-by: k0ld on Patreon 2023-10-20 17:19:12 +00:00			`writeFileProtected' file writer = bracket setup cleanup writer`
			`where`
			`setup = do`
			`h <- protectedOutput $ openFile (fromRawFilePath file) WriteMode`
			`void $ tryIO $ modifyFileMode file $ removeModes otherGroupModes`
			`return h`
			`cleanup = hClose`
multicast: New command, uses uftp to multicast annexed files, for eg a classroom setting. This commit was supported by the NSF-funded DataLad project. 2017-03-30 23:32:58 +00:00
			`protectedOutput :: IO a -> IO a`
			`protectedOutput = withUmask 0o0077`