From 6e9a4f50f37cedd18f85117c25a564bfe7af82f4 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Wed, 2 Sep 2020 14:54:07 -0400 Subject: [PATCH] make viaTmp honor umask Fixed several cases where files were created without file mode bits that the umask would usually set. This included exports to the directory special remote, torrent files used by the bittorrent special remote, hooks written by git-annex init, and some log files in .git/annex/ Audited all calls, looking for ones that didn't want the umask bits to be set. All such turned out to already set the specific restrictive file mode they wanted. --- CHANGELOG | 4 ++++ Utility/Tmp.hs | 12 +++++++++++- .../directory_special_remote_export_file_mode.mdwn | 2 ++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index 7c35ade15f..f11f4e0ce4 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -8,6 +8,10 @@ git-annex (8.20200815) UNRELEASED; urgency=medium started, when that is more efficient. * Display warning when external special remote does not start up properly, or is not usable. + * Fixed several cases where files were created without file mode bits + that the umask would usually set. This included exports to the + directory special remote, torrent files used by the bittorrent special + remote, hooks written by git-annex init, and some log files in .git/annex/ * stack.yaml: Updated to lts-16.10. * Fix reversion in 7.20190322 that made addurl --file not be honored when youtube-dl was used to download media. diff --git a/Utility/Tmp.hs b/Utility/Tmp.hs index c4c16f429a..97a4926a6d 100644 --- a/Utility/Tmp.hs +++ b/Utility/Tmp.hs @@ -1,6 +1,6 @@ {- Temporary files. - - - Copyright 2010-2013 Joey Hess + - Copyright 2010-2020 Joey Hess - - License: BSD-2-clause -} @@ -24,12 +24,17 @@ import System.PosixCompat.Files import Utility.Exception import Utility.FileSystemEncoding +import Utility.FileMode type Template = String {- Runs an action like writeFile, writing to a temp file first and - then moving it into place. The temp file is stored in the same - directory as the final file to avoid cross-device renames. + - + - While this uses a temp file, the file will end up with the same + - mode as it would when using writeFile, unless the writer action changes + - it. -} viaTmp :: (MonadMask m, MonadIO m) => (FilePath -> v -> m ()) -> FilePath -> v -> m () viaTmp a file content = bracketIO setup cleanup use @@ -43,6 +48,11 @@ viaTmp a file content = bracketIO setup cleanup use _ <- tryIO $ hClose h tryIO $ removeFile tmpfile use (tmpfile, h) = do + -- Make mode the same as if the file were created usually, + -- not as a temp file. (This may fail on some filesystems + -- that don't support file modes well, so ignore + -- exceptions.) + void $ tryIO $ setFileMode tmpfile =<< defaultFileMode liftIO $ hClose h a tmpfile content liftIO $ rename tmpfile file diff --git a/doc/bugs/directory_special_remote_export_file_mode.mdwn b/doc/bugs/directory_special_remote_export_file_mode.mdwn index 2afc8575e1..8f1f150d1b 100644 --- a/doc/bugs/directory_special_remote_export_file_mode.mdwn +++ b/doc/bugs/directory_special_remote_export_file_mode.mdwn @@ -8,6 +8,8 @@ umask perms, or all callers that don't explicitly set perms should. This also affects some other things, eg hook files written by git-annex init, and some stuff in ~/.config/git-annex like autostart. +> [[fixed|done]] --[[Joey]] + `withTmpFileIn` also uses openTempFile, and probably its callers do need to adjust perms if desired since it could be used with a real temp directory.