You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Greg Hudson <gh...@MIT.EDU> on 2004/06/22 17:51:42 UTC
Make db directory g+s by default?
In the interest of moving towards working better out of the box, I'd
like to propose that we set the g+s bit on the repository db
directory, in both back ends. Arguments in favor:
* g+s semantics are essentially never the wrong thing, particularly
for a self-contained unit like a repository. On *BSD systems, g+s
is a no-op.
* With the FSFS back end, this makes Subversion much closer to
working out of the box for multi-uid access. Even with the BDB
back end, you could win naively if your umasks happen to be set
liberally, and it's one fewer step on the checklist.
* If we accept at least the --group part of John Peacock's proposal
from http://www.contactor.se/~dast/svn/archive-2003-09/0467.shtml,
then setting up a group-accessible FSFS repository (or BDB
repository if umasks are liberal) could be done with no manual
tweaking whatsoever. We'd take the existence of a --group option
to mean that the initial structure should be set g+rw[x] and owned
by the specified group.
A more focused, though in my mind less desirable, alternative would be
to make FSFS chgrp new rev and rev-prop files to match the group owner
of the previous rev. That effectively simulates the g+s option.
CVS doesn't do this, but I have no idea why not, since it seems to
defeat most of the purpose of umask-bashing.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Make db directory g+s by default?
Posted by Branko Čibej <br...@xbc.nu>.
Greg Hudson wrote:
>On Tue, 2004-06-22 at 14:34, Branko Čibej wrote:
>
>
>>CVS sets the umask internally, I believe. But it doesn't set the sticky
>>bit, right.
>>
>>
>The sticky bit is something else. (It's the bit you set on /tmp so that
>people can't unlink other people's files even though they have write
>permission on the directory.)
>
>
<pedantic>All right, setgid bit.</pedantic>
>>Anyway. I have no objections, as long as it's understood that this is a
>>Unix-specific change.
>>
>>
>Of course. APR doesn't appear to have any access to the g+s bit, so
>we'd have to add Unix-specific code for now.
>
That's fine.
-- Brane
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Make db directory g+s by default?
Posted by Greg Hudson <gh...@MIT.EDU>.
On Tue, 2004-06-22 at 14:34, Branko Čibej wrote:
> Greg Hudson wrote:
> > * With the FSFS back end, this makes Subversion much closer to
> > working out of the box for multi-uid access. Even with the BDB
> > back end, you could win naively if your umasks happen to be set
> > liberally, and it's one fewer step on the checklist.
> I'd have thought you need g+rwx on directories for FSFS, too?
Yes... but people are much more likely to figure out that part for
themselves. Or, as I noted, we could provide a --group option during
repository creation.
> >CVS doesn't do this, but I have no idea why not, since it seems to
> >defeat most of the purpose of umask-bashing.
> CVS sets the umask internally, I believe. But it doesn't set the sticky
> bit, right.
The sticky bit is something else. (It's the bit you set on /tmp so that
people can't unlink other people's files even though they have write
permission on the directory.)
> Anyway. I have no objections, as long as it's understood that this is a
> Unix-specific change.
Of course. APR doesn't appear to have any access to the g+s bit, so
we'd have to add Unix-specific code for now.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Make db directory g+s by default?
Posted by Branko Čibej <br...@xbc.nu>.
Greg Hudson wrote:
> * With the FSFS back end, this makes Subversion much closer to
> working out of the box for multi-uid access. Even with the BDB
> back end, you could win naively if your umasks happen to be set
> liberally, and it's one fewer step on the checklist.
>
>
I'd have thought you need g+rwx on directories for FSFS, too?
>CVS doesn't do this, but I have no idea why not, since it seems to
>defeat most of the purpose of umask-bashing.
>
>
CVS sets the umask internally, I believe. But it doesn't set the sticky
bit, right.
Anyway. I have no objections, as long as it's understood that this is a
Unix-specific change. (Windows doesn't have those problems, heh, being a
far more advanced system with ACLs and such. :-)
-- Brane
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org