Make db directory g+s by default?

[Greg Hudson <gh...@MIT.EDU>]

In the interest of moving towards working better out of the box, I'd
like to propose that we set the g+s bit on the repository db
directory, in both back ends.  Arguments in favor:

  * g+s semantics are essentially never the wrong thing, particularly
    for a self-contained unit like a repository.  On *BSD systems, g+s
    is a no-op.

  * With the FSFS back end, this makes Subversion much closer to
    working out of the box for multi-uid access.  Even with the BDB
    back end, you could win naively if your umasks happen to be set
    liberally, and it's one fewer step on the checklist.

  * If we accept at least the --group part of John Peacock's proposal
    from http://www.contactor.se/~dast/svn/archive-2003-09/0467.shtml,
    then setting up a group-accessible FSFS repository (or BDB
    repository if umasks are liberal) could be done with no manual
    tweaking whatsoever.  We'd take the existence of a --group option
    to mean that the initial structure should be set g+rw[x] and owned
    by the specified group.

A more focused, though in my mind less desirable, alternative would be
to make FSFS chgrp new rev and rev-prop files to match the group owner
of the previous rev.  That effectively simulates the g+s option.

CVS doesn't do this, but I have no idea why not, since it seems to
defeat most of the purpose of umask-bashing.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Make db directory g+s by default?

[Branko Čibej <br...@xbc.nu>]

Greg Hudson wrote:

>On Tue, 2004-06-22 at 14:34, Branko Čibej wrote:
>  
>
>>CVS sets the umask internally, I believe. But it doesn't set the sticky 
>>bit, right.
>>    
>>
>The sticky bit is something else.  (It's the bit you set on /tmp so that
>people can't unlink other people's files even though they have write
>permission on the directory.)
>  
>
<pedantic>All right, setgid bit.</pedantic>

>>Anyway. I have no objections, as long as it's understood that this is a 
>>Unix-specific change.
>>    
>>
>Of course.  APR doesn't appear to have any access to the g+s bit, so
>we'd have to add Unix-specific code for now.
>
That's fine.

-- Brane


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Make db directory g+s by default?

[Greg Hudson <gh...@MIT.EDU>]

On Tue, 2004-06-22 at 14:34, Branko Čibej wrote:
> Greg Hudson wrote:
> >  * With the FSFS back end, this makes Subversion much closer to
> >    working out of the box for multi-uid access.  Even with the BDB
> >    back end, you could win naively if your umasks happen to be set
> >    liberally, and it's one fewer step on the checklist.

> I'd have thought you need g+rwx on directories for FSFS, too?

Yes... but people are much more likely to figure out that part for
themselves.  Or, as I noted, we could provide a --group option during
repository creation.

> >CVS doesn't do this, but I have no idea why not, since it seems to
> >defeat most of the purpose of umask-bashing.

> CVS sets the umask internally, I believe. But it doesn't set the sticky 
> bit, right.

The sticky bit is something else.  (It's the bit you set on /tmp so that
people can't unlink other people's files even though they have write
permission on the directory.)

> Anyway. I have no objections, as long as it's understood that this is a 
> Unix-specific change.

Of course.  APR doesn't appear to have any access to the g+s bit, so
we'd have to add Unix-specific code for now.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Re: Make db directory g+s by default?

[Branko Čibej <br...@xbc.nu>]

Greg Hudson wrote:

>  * With the FSFS back end, this makes Subversion much closer to
>    working out of the box for multi-uid access.  Even with the BDB
>    back end, you could win naively if your umasks happen to be set
>    liberally, and it's one fewer step on the checklist.
>  
>
I'd have thought you need g+rwx on directories for FSFS, too?

>CVS doesn't do this, but I have no idea why not, since it seems to
>defeat most of the purpose of umask-bashing.
>  
>
CVS sets the umask internally, I believe. But it doesn't set the sticky 
bit, right.

Anyway. I have no objections, as long as it's understood that this is a 
Unix-specific change. (Windows doesn't have those problems, heh, being a 
far more advanced system with ACLs and such. :-)

-- Brane


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org