Ensure execute bit is set on directories when core.sharedrepsitory is set.

2013-11-18 18:05:37 -04:00 · 2013-11-18 18:05:37 -04:00 · 310c549b5a
commit 310c549b5a
parent 0d0e21ea57
4 changed files with 25 additions and 13 deletions
--- a/Annex/Branch.hs
+++ b/Annex/Branch.hs
@ -386,7 +386,7 @@ setIndexSha :: Git.Ref -> Annex ()
 setIndexSha ref = do
 	f <- fromRepo gitAnnexIndexStatus
 	liftIO $ writeFile f $ show ref ++ "\n"
-	setAnnexPerm f
+	setAnnexFilePerm f

 {- Stages the journal into the index and returns an action that will
 - clean up the staged journal files, which should only be run once
--- a/Annex/Perms.hs
+++ b/Annex/Perms.hs
@ -6,7 +6,8 @@
 -}

 module Annex.Perms (
-	setAnnexPerm,
+	setAnnexFilePerm,
+	setAnnexDirPerm,
 	annexFileMode,
 	createAnnexDirectory,
 	noUmask,
@ -33,17 +34,27 @@ withShared a = maybe startup a =<< Annex.getState Annex.shared
 		Annex.changeState $ \s -> s { Annex.shared = Just shared }
 		a shared

+setAnnexFilePerm :: FilePath -> Annex ()
+setAnnexFilePerm = setAnnexPerm False
+
+setAnnexDirPerm :: FilePath -> Annex ()
+setAnnexDirPerm = setAnnexPerm True
+
 {- Sets appropriate file mode for a file or directory in the annex,
 - other than the content files and content directory. Normally,
 - use the default mode, but with core.sharedRepository set,
 - allow the group to write, etc. -}
-setAnnexPerm :: FilePath -> Annex ()
-setAnnexPerm file = unlessM crippledFileSystem $
+setAnnexPerm :: Bool -> FilePath -> Annex ()
+setAnnexPerm isdir file = unlessM crippledFileSystem $
 	withShared $ liftIO . go
  where
-	go GroupShared = groupWriteRead file
+	go GroupShared = modifyFileMode file $ addModes $
+		groupSharedModes ++
+		if isdir then [ ownerExecuteMode, groupExecuteMode ] else []
 	go AllShared = modifyFileMode file $ addModes $
-		[ ownerWriteMode, groupWriteMode ] ++ readModes
+		readModes ++
+		[ ownerWriteMode, groupWriteMode ] ++
+		if isdir then executeModes else []
 	go _ = noop

 {- Gets the appropriate mode to use for creating a file in the annex
@ -54,10 +65,7 @@ annexFileMode = withShared $ return . go
 	go GroupShared = sharedmode
 	go AllShared = combineModes (sharedmode:readModes)
 	go _ = stdFileMode
-	sharedmode = combineModes
-		[ ownerWriteMode, groupWriteMode
-		, ownerReadMode, groupReadMode
-		]
+	sharedmode = combineModes groupSharedModes

 {- Creates a directory inside the gitAnnexDir, including any parent
 - directories. Makes directories with appropriate permissions. -}
@ -74,7 +82,7 @@ createAnnexDirectory dir = traverse dir [] =<< top
 	  where
 		done = forM_ below $ \p -> do
 			liftIO $ createDirectoryIfMissing True p
-			setAnnexPerm p
+			setAnnexDirPerm p

 {- Blocks writing to the directory an annexed file is in, to prevent the
 - file accidentially being deleted. However, if core.sharedRepository
--- a/Utility/FileMode.hs
+++ b/Utility/FileMode.hs
@ -65,12 +65,15 @@ allowWrite :: FilePath -> IO ()
 allowWrite f = modifyFileMode f $ addModes [ownerWriteMode]

 {- Allows owner and group to read and write to a file. -}
-groupWriteRead :: FilePath -> IO ()
-groupWriteRead f = modifyFileMode f $ addModes
+groupSharedModes :: [FileMode]
+groupSharedModes =
 	[ ownerWriteMode, groupWriteMode
 	, ownerReadMode, groupReadMode
 	]

+groupWriteRead :: FilePath -> IO ()
+groupWriteRead f = modifyFileMode f $ addModes groupSharedModes
+
 checkMode :: FileMode -> FileMode -> Bool
 checkMode checkfor mode = checkfor `intersectFileModes` mode == checkfor

--- a/debian/changelog
+++ b/debian/changelog
@ -2,6 +2,7 @@ git-annex (5.20131119) UNRELEASED; urgency=low

  * dropunused, addunused: Allow "all" instead of a range to
    act on all unused data.
+  * Ensure execute bit is set on directories when core.sharedrepsitory is set.

 -- Joey Hess <joeyh@debian.org>  Mon, 18 Nov 2013 17:09:21 -0400