* hooks scripts and noexec partition
@ 2014-01-14 15:41 krzf83@gmail.com
2014-01-15 9:16 ` Jeff King
0 siblings, 1 reply; 4+ messages in thread
From: krzf83@gmail.com @ 2014-01-14 15:41 UTC (permalink / raw)
To: git
git can't execute hooks no partitions mounted with noexec - even if
those are just scripts with shebang line and they actualy work by
hooks/./post-comit (because I use small patch on kernel that allows
running scripts that way on noexec partition)
fs/exec.c
// error = -EACCES;
// if (file->f_path.mnt->mnt_flags & MNT_NOEXEC)
// goto exit;
...
// if (file->f_path.mnt->mnt_flags & MNT_NOEXEC)
// goto exit;
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: hooks scripts and noexec partition
2014-01-14 15:41 hooks scripts and noexec partition krzf83@gmail.com
@ 2014-01-15 9:16 ` Jeff King
2014-12-14 1:44 ` krzf83@gmail.com
0 siblings, 1 reply; 4+ messages in thread
From: Jeff King @ 2014-01-15 9:16 UTC (permalink / raw)
To: krzf83@gmail.com ; +Cc: git
On Tue, Jan 14, 2014 at 04:41:03PM +0100, krzf83@gmail.com wrote:
> git can't execute hooks no partitions mounted with noexec - even if
> those are just scripts with shebang line
Right. Git does not know that they are shell (or other) scripts; they
could be anything, and the advertised interface is that git will run
exec on them (and it is explicitly OK for them to exist but not be
executable, and git takes this as a sign that they are inactive).
> and they actualy work by
> hooks/./post-comit (because I use small patch on kernel that allows
> running scripts that way on noexec partition)
If you are suggesting that git always execute them as "hooks/./$hook",
that might make sense if such behavior is widespread. But it sounds like
you are running a custom kernel patch to get around the noexec setting.
Here is the custom git patch to match it. :)
diff --git a/run-command.c b/run-command.c
index 3914d9c..ae84e87 100644
--- a/run-command.c
+++ b/run-command.c
@@ -753,7 +753,7 @@ int finish_async(struct async *async)
char *find_hook(const char *name)
{
- char *path = git_path("hooks/%s", name);
+ char *path = git_path("hooks/./%s", name);
if (access(path, X_OK) < 0)
path = NULL;
-Peff
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: hooks scripts and noexec partition
2014-01-15 9:16 ` Jeff King
@ 2014-12-14 1:44 ` krzf83@gmail.com
2014-12-17 3:03 ` Jeff King
0 siblings, 1 reply; 4+ messages in thread
From: krzf83@gmail.com @ 2014-12-14 1:44 UTC (permalink / raw)
To: Jeff King; +Cc: git
Thanks for the patch, however it is not working (no change, hooks
still dont work on noexec partition). Since I see that you are fluent
in git code and C can you by any chance tell me how to modify
run-command.c to make git run hooks as: /bin/sh <hook_path> ?
2014-01-15 10:16 GMT+01:00 Jeff King <peff@peff.net>:
> On Tue, Jan 14, 2014 at 04:41:03PM +0100, krzf83@gmail.com wrote:
>
>> git can't execute hooks no partitions mounted with noexec - even if
>> those are just scripts with shebang line
>
> Right. Git does not know that they are shell (or other) scripts; they
> could be anything, and the advertised interface is that git will run
> exec on them (and it is explicitly OK for them to exist but not be
> executable, and git takes this as a sign that they are inactive).
>
>> and they actualy work by
>> hooks/./post-comit (because I use small patch on kernel that allows
>> running scripts that way on noexec partition)
>
> If you are suggesting that git always execute them as "hooks/./$hook",
> that might make sense if such behavior is widespread. But it sounds like
> you are running a custom kernel patch to get around the noexec setting.
> Here is the custom git patch to match it. :)
>
> diff --git a/run-command.c b/run-command.c
> index 3914d9c..ae84e87 100644
> --- a/run-command.c
> +++ b/run-command.c
> @@ -753,7 +753,7 @@ int finish_async(struct async *async)
>
> char *find_hook(const char *name)
> {
> - char *path = git_path("hooks/%s", name);
> + char *path = git_path("hooks/./%s", name);
> if (access(path, X_OK) < 0)
> path = NULL;
>
>
> -Peff
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: hooks scripts and noexec partition
2014-12-14 1:44 ` krzf83@gmail.com
@ 2014-12-17 3:03 ` Jeff King
0 siblings, 0 replies; 4+ messages in thread
From: Jeff King @ 2014-12-17 3:03 UTC (permalink / raw)
To: krzf83@gmail.com ; +Cc: git
On Sun, Dec 14, 2014 at 02:44:35AM +0100, krzf83@gmail.com wrote:
> Thanks for the patch, however it is not working (no change, hooks
> still dont work on noexec partition). Since I see that you are fluent
> in git code and C can you by any chance tell me how to modify
> run-command.c to make git run hooks as: /bin/sh <hook_path> ?
I do not think that is a smart thing to do in general, as there is no
guarantee that the hook is in fact a shell script (and not a binary, or
some other scripting language). But if you want do a one-off patch for
yourself, knowing that you will only use shell scripts, it is probably
something like:
diff --git a/run-command.c b/run-command.c
index a476999..ccfccf0 100644
--- a/run-command.c
+++ b/run-command.c
@@ -812,6 +812,7 @@ int run_hook_ve(const char *const *env, const char *name, va_list args)
if (!p)
return 0;
+ argv_array_push(&hook.args, "/bin/sh");
argv_array_push(&hook.args, p);
while ((p = va_arg(args, const char *)))
argv_array_push(&hook.args, p);
-Peff
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-12-17 3:03 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-01-14 15:41 hooks scripts and noexec partition krzf83@gmail.com
2014-01-15 9:16 ` Jeff King
2014-12-14 1:44 ` krzf83@gmail.com
2014-12-17 3:03 ` Jeff King
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).