Bug#729757: Does not set permissions on .git/annex according to core.sharedRepository

[martin f krafft]

also sprach Joey Hess <jo...@debian.org> [2014-04-06 20:02 +0200]:
> > It seems that git-annex (or something called by git-annex) creates a file
> Surely if you have an strace, you know which it is?
> I don't know, because you have not told me how to reproduce the problem.

Yes, it's in the bug log, but here's a simplified example (sorry!):

% GIT_DIR=shared.git git --bare init --shared=group
Initialized empty shared Git repository in 
/home/madduck/.tmp/cdt.Mv2qRz/shared.git/

% chgrp -R pm shared.git && find shared.git -type d -exec chmod g+s {} +

% setfacl -R -m mask::rwX,group:pm:rwX shared.git

% setfacl -R -d -m mask::rwX,group:pm:rwX shared.git

% cd shared.git

% git annex init shared
init shared ok
(Recording state in git...)

% ls -ld annex/
drwxrws---+ 4 madduck pm 4096 Apr  6 20:21 annex/

% getfacl !$
getfacl annex/
# file: annex/
# owner: madduck
# group: pm
# flags: -s-
user::rwx
group::rwx
group:pm:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:pm:rwx
default:mask::rwx
default:other::---


% cd ..

% git clone --no-hardlinks shared.git client
Cloning into 'client'...
done.
warning: remote HEAD refers to nonexistent ref, unable to checkout.

% cd client

% git annex init client
init client ok
(Recording state in git...)

% date > a; git annex add a; git commit -m'add a'
add a ok
(Recording state in git...)
[master (root-commit) 185f614] add a
 1 file changed, 1 insertion(+)
 create mode 120000 a

% ls -l a
lrwxrwxrwx 1 madduck madduck 180 Apr  6 20:23 a -> 
.git/annex/objects/70/kx/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c

% ls -lL a
-r-------- 1 madduck madduck 30 Apr  6 20:23 a

% git annex sync --content
(merging origin/git-annex into git-annex...)
(Recording state in git...)
commit  ok
pull origin
ok
copy a copy a (to origin...) ok
pull origin
ok
(Recording state in git...)
push origin
Counting objects: 23, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (16/16), done.
Writing objects: 100% (21/21), 1.80 KiB | 0 bytes/s, done.
Total 21 (delta 3), reused 0 (delta 0)
To /home/madduck/.tmp/cdt.Mv2qRz/shared.git
 * [new branch]      git-annex -> synced/git-annex
 * [new branch]      master -> synced/master
ok

% cd ../shared.git

% ls -ld annex/tmp annex/objects
drwxrws---+ 3 madduck pm 4096 Apr  6 20:23 annex/objects
drwxrws---+ 2 madduck pm 4096 Apr  6 20:23 annex/tmp

% getfacl !$
getfacl annex/objects
# file: annex/objects
# owner: madduck
# group: pm
# flags: -s-
user::rwx
group::rwx
group:pm:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:pm:rwx
default:mask::rwx
default:other::---

% ls -la 
annex/objects/c0d/138/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c
     
total 12
drwxrws---+ 2 madduck pm      4096 Apr  6 20:23 .
drwxrws---+ 3 madduck pm      4096 Apr  6 20:23 ..
-r--r-----  1 madduck madduck   30 Apr  6 20:23 
SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c

% getfacl !$
getfacl 
annex/objects/c0d/138/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c
# file: 
annex/objects/c0d/138/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c
# owner: madduck
# group: pm
# flags: -s-
user::rwx
group::rwx
group:pm:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:pm:rwx
default:mask::rwx
default:other::---

% getfacl 
annex/objects/c0d/138/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c
 
# file: 
annex/objects/c0d/138/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c/SHA256E-s30--fb21ce6b3e7af372add0691cfbf01f4cdda15af1e03948826539e160098d052c
# owner: madduck
# group: madduck
user::r--
group::r--
other::---


As you can see, the file has not inherited group ("pm"), nor the
ACLs. And it should have, even if created within annex/tmp, because
annex/tmp has +s and the same default ACLs.

The problem is that something copies the group from the source file
and strips the created file of all ACLs. And no, I do not know what
that is, it happens within the same PID as "git annex sync".

-- 
 .''`.   martin f. krafft <madduck@d.o>      Related projects:
: :'  :  proud Debian developer               http://debiansystem.info
`. `'`   http://people.debian.org/~madduck    http://vcs-pkg.org
  `-  Debian - when you have better things to do than fixing systems
 
a farmer is a man outstanding in his field.

digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)