Re: FORCE_DIR_SET_GID denied inside nix's build sandbox

[Junio C Hamano <gitster@pobox.com>]

Julien Moutinho <julm+git@sourcephile.fr> writes:

> While running public-inbox's tests inside nix's build sandbox
> I've noticed that when core.sharedRepository is set to 0600
> git still tries in adjust_shared_perm()
> to set the g+s bit on directories.
> https://github.com/git/git/blob/1fc3c0ad407008c2f71dd9ae1241d8b75f8ef886/path.c#L901-L905
> ...
> So, on meta@public-inbox.org we were wondering whether
> git should maybe strip S_ISGID and retry to chmod() if it hits EPERM?

But that can leave the repository unusable when the files and
directories has to be owned by the same group as its containing
directory.

It does sound like we are bit too aggressive when setting the g+s
bit.

Is g+s only necessary if the directory is group writable?  Not
necessarily.  When I am the only writer (and owner) with memberships
in multiple groups, a shared repository that I intend to give read
(but not write) permission bit to members of a specific group must
be owned by that group, and setting g+s is how we ensure it.  So it
is insufficient to give when new_mode says it is group writable.  We
also should do g+s if it is readable by the group.

But if you use 0600, then the group ownership should not matter, so

    /* Copy read bits to execute bits */
    new_mode |= (new_mode & 0444) >> 2;
    if (new_mode & 060)
	new_mode |= FORCE_DIR_SET_GID;

might be what you want?