From: Junio C Hamano <junkio@cox.net>
To: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Cc: git@vger.kernel.org
Subject: Re: git /objects directory created 755 by default?
Date: Thu, 22 Dec 2005 12:15:32 -0800 [thread overview]
Message-ID: <7v3bkkkhwb.fsf@assigned-by-dhcp.cox.net> (raw)
In-Reply-To: <Pine.LNX.4.63.0512222022510.31591@wbgn013.biozentrum.uni-wuerzburg.de> (Johannes Schindelin's message of "Thu, 22 Dec 2005 20:28:45 +0100 (CET)")
Johannes Schindelin <Johannes.Schindelin@gmx.de> writes:
> And then somebody comes along and allows world access by chmod(0775) and
> does not realize that *everybody* can delete packs, objects and what-nots
> in GIT_DIR.
That somebody has to be somebody who owns .git directory not
just a group member, so that is not a serious objection either,
but you need to realize I was joking with 0777 -- a saner
default would obviously be 0775. Otherwise you would not be
able to server it from gitweb safely -- http server is typically
not a group member.
> Given the complexity we are talking about, and the needs which are not at
> all that complicated, why not just go with core.umask until somebody
> *needs* core.repositoryumask?
I am afraid that is going backwards. Nobody *needs* core.umask
either, but we are still talking about this. That is because
you wanted to make things easier for people, and I agree with
you that it would be nicer if we did not require people set
umask to sane values suitable for group work themselves, but
somehow we did that automatically for them. The longer I think
about it, however, the more I feel this is a lost cause.
Earlier, I suggested git-shell one-liner, only because I thought
git-shell users (or administrators that support git-shell users)
may not have any way to set the umask to sane values themselves,
but I think that should also be doable by telling sshd what the
initial umask of the users should be. And that was where this
umask discussion was started, but I think not touching umask at
all is the right direction.
Your core.umask would make sure the .git/objects/ directory
would be suitable for other members, but git is not the only
tool the people would use in the working tree. To work well
with an editor that does not overwrite an existing file but does
creat/rename upon saving would require you to have a sane umask
if the user adopts your "shared working tree writable by all
members" workflow. Running "make" in the working tree would
leave object files, worse yet in a temporary build directory
make created, with permission bits masked with your umask,
making it imposible to run "make clean" for other members.
Regardless of where and how people come from to work in the
working tree, they need to set umask appropriately anyway.
The only possible issue is one umask might not be sufficient,
but unfortunately you can have only one umask at a time. The
example of "receiption branches" is not a shared repository for
me in the strict sense, but allows for you to push into. I
cannot work with umask 022 in such a repository even if I wanted
to have files in the working tree honor tighter umask. To deal
also with such cases, not mucking with umask but solving the
problem in a more direct way may make more sense -- namely we
should be able to say "such and such things under .git/ in this
repository must be ug+rw regardless of user's umask".
next prev parent reply other threads:[~2005-12-22 20:15 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-20 23:25 git /objects directory created 755 by default? Martin Langhoff
2005-12-20 23:43 ` Junio C Hamano
2005-12-21 1:37 ` Junio C Hamano
2005-12-21 2:28 ` Martin Langhoff
2005-12-21 4:53 ` Junio C Hamano
2005-12-21 5:10 ` Martin Langhoff
2005-12-21 5:03 ` Junio C Hamano
2005-12-21 5:15 ` Martin Langhoff
2005-12-21 5:17 ` Junio C Hamano
2005-12-21 5:23 ` Martin Langhoff
2005-12-22 3:46 ` Ben Clifford
2005-12-21 15:35 ` Johannes Schindelin
2005-12-21 22:10 ` Junio C Hamano
2005-12-21 22:20 ` Johannes Schindelin
2005-12-22 9:45 ` Andreas Ericsson
2005-12-22 11:27 ` Johannes Schindelin
2005-12-22 12:28 ` Andreas Ericsson
2005-12-22 14:37 ` Johannes Schindelin
2005-12-22 15:53 ` Andreas Ericsson
2005-12-22 16:03 ` Johannes Schindelin
2005-12-22 16:52 ` Andreas Ericsson
2005-12-22 17:31 ` Johannes Schindelin
2005-12-22 19:14 ` Junio C Hamano
2005-12-22 19:28 ` Johannes Schindelin
2005-12-22 20:15 ` Junio C Hamano [this message]
2005-12-22 20:27 ` Johannes Schindelin
2005-12-23 4:19 ` Junio C Hamano
2005-12-23 12:07 ` Andreas Ericsson
2005-12-22 10:11 ` Alex Riesen
2005-12-22 11:35 ` Johannes Schindelin
2005-12-22 14:38 ` Alex Riesen
2005-12-22 15:09 ` Johannes Schindelin
2005-12-22 15:14 ` Alex Riesen
2005-12-22 15:52 ` Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7v3bkkkhwb.fsf@assigned-by-dhcp.cox.net \
--to=junkio@cox.net \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).