From: Nico Williams <nico@cryptonector.com>
To: kusmabite@gmail.com
Cc: "Eric Wong" <normalperson@yhbt.net>,
"Torsten Bögershausen" <tboegi@web.de>,
"Ramsay Jones" <ramsay@ramsay1.demon.co.uk>,
"Jens Lehmann" <Jens.Lehmann@web.de>,
"Junio C Hamano" <gitster@pobox.com>,
"Git Mailing List" <git@vger.kernel.org>
Subject: Re: No fchmod() under msygit - Was: Re: [PATCH 00/14] Add submodule test harness
Date: Mon, 14 Jul 2014 08:55:29 -0500 [thread overview]
Message-ID: <CAK3OfOjoqOsL5GnJAC251gqRoQo_4qwKMicLSod=7ZA69SL68w@mail.gmail.com> (raw)
In-Reply-To: <CABPQNSY5x_JOsxyKn7xZ9nc5TJ0yHdNvam0htyX01U58bvV7vg@mail.gmail.com>
On Mon, Jul 14, 2014 at 6:31 AM, Erik Faye-Lund <kusmabite@gmail.com> wrote:
> On Wed, Jul 9, 2014 at 10:00 PM, Eric Wong <normalperson@yhbt.net> wrote:
>> Torsten Bögershausen <tboegi@web.de> wrote:
>>
>
> You're saying this as if Windows is a single-user system. It's not,
> but it uses ACLs rather than POSIX permissions to manage file-system
> permissions. So far we've opted to ignore ACLs in Git for Windows,
> though.
The clever thing to do (that some versions of ZFS do nowadays) is to
use the new mask to "edit" the ACL as follows:
- leave any DENY ACEs as-is; for all others continue
- remove (reset) from any ACEs for Everyone (and/or Authenticated
Users) any bits corresponding to zero'ed bits in the new mask's other
bits
- remove from any other ACEs that are not for the owner (@OWNER in
NFSv4 speak) any bits corresponding to zero'ed bits in the new mask's
group bits
- remove from the owner's ACEs any bits corresponding to zero'ed bits
in the new mask's owner bits, but with some exceptions, in particular
the owner must retain the right to edit the ACL
- add (set) to the Everyone (and/or Authenticated Users) ACEs a set
of bits corresponding to the set bits in the new mask's other bits
- add (set) either only to the ACE for the file's group
(alternatively, to all non-owner, non-Everyone/Authenticated Users
ACEs) a set of bits corresponding to the set bits in the new mask's
group bits
...
I.e., use the chmod mask to decrease/increase access without changing
the "shape" of the ACL.
Determining a file's mode_t from an ACL is similar, though it must
take DENY entries into account: make a set of users/groups referred to
by any ACEs in the ACL, divide them into owner, other (Everyone and/or
Authenticated Users), and group (all others), find the maximal access
granted.
Still, git might like to know what ACLs to apply to files at checkout
time. That would be a vast new feature, I think, and probably not
worth it, particularly since that would require dealing with the
different types of ACLs: NTFS/NFSv4/ZFS on the one hand, POSIX Draft
on the other, plus AFS and who knows what else -- ETOOMUCH IMO.
Nico
--
next prev parent reply other threads:[~2014-07-14 13:55 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-15 16:56 [PATCH 00/14] Add submodule test harness Jens Lehmann
2014-06-15 16:57 ` [PATCH 01/14] test-lib: add test_dir_is_empty() Jens Lehmann
2014-06-16 22:05 ` Junio C Hamano
2014-06-17 16:47 ` Jens Lehmann
2014-06-19 20:12 ` [PATCH v2 " Jens Lehmann
2014-06-15 16:58 ` [PATCH 02/14] submodules: Add the lib-submodule-update.sh test library Jens Lehmann
2014-06-16 22:49 ` Junio C Hamano
2014-06-17 17:33 ` Jens Lehmann
2014-06-17 18:44 ` Junio C Hamano
2014-06-17 20:46 ` Jens Lehmann
2014-06-17 21:05 ` Junio C Hamano
2014-06-19 20:12 ` [PATCH v2 " Jens Lehmann
2014-06-20 17:31 ` Junio C Hamano
2014-07-01 21:24 ` [PATCH v3 " Jens Lehmann
2014-06-15 16:58 ` [PATCH 03/14] checkout: call the new submodule update test framework Jens Lehmann
2014-06-15 16:59 ` [PATCH 04/14] apply: add t4137 for submodule updates Jens Lehmann
2014-06-15 16:59 ` [PATCH 05/14] read-tree: add t1013 " Jens Lehmann
2014-06-15 17:00 ` [PATCH 06/14] reset: add t7112 " Jens Lehmann
2014-06-15 17:01 ` [PATCH 07/14] bisect: add t6041 " Jens Lehmann
2014-06-19 20:12 ` [PATCH v2 " Jens Lehmann
2014-06-15 17:01 ` [PATCH 08/14] merge: add t7613 " Jens Lehmann
2014-06-15 17:02 ` [PATCH 09/14] rebase: add t3426 " Jens Lehmann
2014-06-16 9:57 ` Eric Sunshine
2014-06-17 17:41 ` Jens Lehmann
2014-06-19 20:12 ` [PATCH v2 " Jens Lehmann
2014-06-15 17:02 ` [PATCH 10/14] pull: add t5572 " Jens Lehmann
2014-06-15 17:03 ` [PATCH 11/14] cherry-pick: add t3512 " Jens Lehmann
2014-06-15 17:03 ` [PATCH 12/14] am: add t4255 " Jens Lehmann
2014-06-15 17:04 ` [PATCH 13/14] stash: add t3906 " Jens Lehmann
2014-06-19 20:12 ` [PATCH v2 " Jens Lehmann
2014-06-15 17:04 ` [PATCH 14/14] revert: add t3513 " Jens Lehmann
2014-06-19 20:12 ` [PATCH v2 " Jens Lehmann
2014-07-02 14:54 ` [PATCH 00/14] Add submodule test harness Torsten Bögershausen
2014-07-02 19:57 ` Jens Lehmann
2014-07-03 5:56 ` Torsten Bögershausen
2014-07-03 21:14 ` Jens Lehmann
2014-07-07 17:05 ` Junio C Hamano
2014-07-07 19:40 ` Torsten Bögershausen
2014-07-08 19:34 ` Jens Lehmann
2014-07-08 20:25 ` Ramsay Jones
2014-07-08 21:03 ` Ramsay Jones
2014-07-09 6:39 ` No fchmod() under msygit - Was: " Torsten Bögershausen
2014-07-09 20:00 ` Eric Wong
2014-07-14 11:31 ` Erik Faye-Lund
2014-07-14 13:55 ` Nico Williams [this message]
2014-07-14 14:02 ` Nico Williams
2014-07-14 19:30 ` Karsten Blees
2014-07-14 21:18 ` Junio C Hamano
2014-07-09 6:14 ` Torsten Bögershausen
2014-07-09 15:20 ` Junio C Hamano
2014-07-09 18:19 ` Jens Lehmann
2014-07-09 19:31 ` Junio C Hamano
2014-07-10 20:52 ` Junio C Hamano
2014-07-12 18:23 ` Jens Lehmann
2014-07-14 1:01 ` Junio C Hamano
2014-07-14 18:22 ` Jens Lehmann
2014-07-14 21:18 ` Junio C Hamano
2014-07-09 17:21 ` Johannes Sixt
2014-07-09 19:22 ` Junio C Hamano
2014-07-09 19:56 ` Eric Wong
2014-07-09 21:57 ` Junio C Hamano
2014-07-10 6:22 ` No fchmd. was: " Torsten Bögershausen
2014-07-10 19:49 ` Junio C Hamano
2014-07-10 20:55 ` Torsten Bögershausen
2014-07-10 21:43 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAK3OfOjoqOsL5GnJAC251gqRoQo_4qwKMicLSod=7ZA69SL68w@mail.gmail.com' \
--to=nico@cryptonector.com \
--cc=Jens.Lehmann@web.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=kusmabite@gmail.com \
--cc=normalperson@yhbt.net \
--cc=ramsay@ramsay1.demon.co.uk \
--cc=tboegi@web.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).