Re: Aw: Re: linux git init/clone on Netapp NTFS security style volumes

["brian m. carlson" <sandals@crustytoothpaste.net>]

[-- Attachment #1: Type: text/plain, Size: 2460 bytes --]

On 2024-07-08 at 16:50:58, github@online.ms wrote:
> The feature is very specific to Netapp. The (Netapp) volume is mounted using NFSv4, but chmod operations are not allowed as permissions have to be managed using Windows.
> Currently, OS is ubuntu 22.04. I'm confident that the distribution does not make a difference.

Okay, then I think the answer is that your NFS server is considered to
be broken, and there are a variety of NFS breakages that violate POSIX
that we don't work around, including the very common one where
open(file, O_RDWR, 0444) doesn't work.

I will tell you that this configuration will break a lot of other tools,
not just Git.  Git LFS and its testsuite will be broken; the Perl,
Python, and Ruby testsuites will also be broken; and there's various
other software I know of that simply will not work on such a file system
(and a simple search turns up yet more). chmod is a really fundamental
piece of Unix functionality, and even if you patch this in Git, you're
going to see a bunch of breakage and most upstreams and distros won't
care.

> Following section of the code should be skipped for given case.
> https://github.com/git/git/blob/master/config.c#L3434-L3438
> 
> 		if (chmod(get_lock_file_path(&lock), st.st_mode & 07777) < 0) {
> 			error_errno(_("chmod on %s failed"), get_lock_file_path(&lock));
> 			ret = CONFIG_NO_WRITE;
> 			goto out_free;
> 		}
> 
> I'm looking for some advice how to best skip or catch this section.

We have core.filemode, but according to the documentation, that only
takes into consideration the executable bit.  So I suppose you could add
a third option, "none" (or "broken"), that is the equivalent of false
but also means that chmod is broken altogether and shouldn't be used.
The documentation would need to be updated as well.

Someone else might prefer a different option for this altogether, but
you may not get that feedback until you send a patch.

> In addition, I came across this Netapp setting which might just ignore the chmod operations without Client side failure. I haven't tested it yet.
> https://kb.netapp.com/on-prem/ontap/da/NAS/NAS-KBs/Can_I_set_UNIX_style_permissions_from_an_NFS_mount_on_an_NTFS_qtree

That might be also be a viable approach.  I don't see an option to
disable this functionality in the Linux NFS client, which is where I
would have looked.
-- 
brian m. carlson (they/them or he/him)
Toronto, Ontario, CA

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 262 bytes --]