From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: Adam Milazzo <Adam.Milazzo@microsoft.com>
Cc: "git@vger.kernel.org" <git@vger.kernel.org>
Subject: Re: BUG: git clean -d cannot remove files from read-only directories
Date: Fri, 21 Feb 2020 01:45:35 +0000 [thread overview]
Message-ID: <20200221014535.GC6462@camp.crustytoothpaste.net> (raw)
In-Reply-To: <BL0PR2101MB10898F2F84B06B1A6B23228380130@BL0PR2101MB1089.namprd21.prod.outlook.com>
[-- Attachment #1: Type: text/plain, Size: 1988 bytes --]
On 2020-02-20 at 18:27:22, Adam Milazzo wrote:
> Repro steps:
> 1. git init
> 2. mkdir d
> 3. touch d/a
> 4. chmod -w d
> 5. git clean -fd
>
> Actual result:
> Git doesn't remove anything, saying "warning: failed to remove d/a".
>
> Expected result:
> Git should remove the subdirectory 'd' along with its contents. Note that git can remove a read-only file (touch b; chmod -w b; git clean -f) with no problem.
I don't believe git should depart from rm in this regard. I believe
that in general, Unix has stood the test of time, and when in doubt, we
should behave as Unix utilities do.
Note that other utilities (such as Perl) which have implemented
different behavior (usually for compatibility with Windows) have found
themselves with security vulnerabilities in that behavior. That seems
like a prudent reason not to replicate it.
> Why this is important:
> * This has a significant impact in real scenarios: the go language,
> when using modules, will download referenced modules and place them
> in read-only directories inside a cache directory, potentially
> inside the git repository. These cached modules can't be cleaned up
> by git clean. (Furthermore, git clean then returns a failure status
> code, which causes our build system to fail. I don't want to ignore
> the failure code.)
This sounds like the real problem. Why is Go placing data in cache
directories that are read-only? Cache directories are explicitly
ephemeral and should be able to be destroyed at any time. You'll
probably find more luck convincing the Go maintainers that their caches
should be temporary than you will us that git clean should be your
automatic destroyer of data. Rust, for example, doesn't do this.
You could also just move your cache directories into $TMPDIR/go-cache
and then do "chmod -R u+w $TMPDIR/go-cache/* && rm -fr $TMPDIR/go-cache/*".
--
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 868 bytes --]
next prev parent reply other threads:[~2020-02-21 1:45 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-20 18:27 BUG: git clean -d cannot remove files from read-only directories Adam Milazzo
2020-02-20 18:32 ` Junio C Hamano
2020-02-20 18:47 ` Junio C Hamano
2020-02-20 18:46 ` Daniel Knittl-Frank
2020-02-21 1:45 ` brian m. carlson [this message]
-- strict thread matches above, loose matches on Subject: below --
2020-02-20 18:55 Adam Milazzo
2020-02-20 19:45 ` Elijah Newren
2020-02-20 19:29 Adam Milazzo
2020-02-21 0:52 Adam Milazzo
2020-02-21 1:08 ` Elijah Newren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200221014535.GC6462@camp.crustytoothpaste.net \
--to=sandals@crustytoothpaste.net \
--cc=Adam.Milazzo@microsoft.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).