'[Issue 3437] rep-cache.db created without group write bit'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       subversion-issues
Subject:    [Issue 3437]  rep-cache.db created without group write bit
From:       cmpilato () tigris ! org
Date:       2010-12-21 16:00:19
Message-ID: 20101221160019.E4922540081 () sc157-tigr ! sjc ! collab ! net
[Download RAW message or body]

http://subversion.tigris.org/issues/show_bug.cgi?id=3437






------- Additional comments from cmpilato@tigris.org Tue Dec 21 08:00:18 -0800 2010 -------
If I understand correctly, sqlite should be creating the files with mode 0666,
and allowing the umask to clear any permission bits that should be cleared. 
This appears to be what Subversion is doing for its own files (despite what
Hyrum says above):

   $ strace svnadmin create repo 2>&1 | grep 'open(.*repo/'
   open("repo/locks/db.lock", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, \
   0666) = 3
   open("repo/locks/db-logs.lock", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOE\
   XEC, 0666) = 3
   open("repo/hooks/start-commit.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O\
   _CLOEXEC, 0666) = 3
   open("repo/hooks/pre-commit.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_C\
   LOEXEC, 0666) = 3
   open("repo/hooks/pre-revprop-change.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGE\
   FILE|O_CLOEXEC, 0666) = 3
   open("repo/hooks/pre-lock.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLO\
   EXEC, 0666) = 3
   open("repo/hooks/pre-unlock.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_C\
   LOEXEC, 0666) = 3
   open("repo/hooks/post-commit.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_\
   CLOEXEC, 0666) = 3
   open("repo/hooks/post-lock.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CL\
   OEXEC, 0666) = 3
   open("repo/hooks/post-unlock.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_\
   CLOEXEC, 0666) = 3
   open("repo/hooks/post-revprop-change.tmpl", O_WRONLY|O_CREAT|O_EXCL|O_LARG\
   EFILE|O_CLOEXEC, 0666) = 3
   open("repo/conf/svnserve.conf", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOE\
   XEC, 0666) = 3
   open("repo/conf/passwd", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 06\
   66) = 3
   open("repo/conf/authz", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 066\
   6) = 3
   open("repo/README.txt", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 066\
   6) = 3
   open("repo/db/fs-type", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE|O_CLOEXEC, 06\
   66) = 3
   open("repo/db/min-unpacked-revprop", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O\
   _CLOEXEC, 0666) = 3
   open("/home/cmpilato/tests/repo/db/revprops/revprops.db", O_RDWR|O_CREAT|O\
   _LARGEFILE, 0644) = 3
   open("/home/cmpilato/tests/repo/db/revprops/revprops.db-journal", O_RDWR|O\
   _CREAT|O_LARGEFILE, 0644) = 4
   open("/home/cmpilato/tests/repo/db/revprops", O_RDONLY|O_LARGEFILE) = 5
   open("/home/cmpilato/tests/repo/db/revprops/revprops.db-journal", O_RDWR|O\
   _CREAT|O_LARGEFILE, 0644) = 4
   open("/home/cmpilato/tests/repo/db/revprops", O_RDONLY|O_LARGEFILE) = 5
   open("/home/cmpilato/tests/repo/db/revprops/revprops.db-journal", O_RDWR|O\
   _CREAT|O_LARGEFILE, 0644) = 4
   open("/home/cmpilato/tests/repo/db/revprops", O_RDONLY|O_LARGEFILE) = 5
   open("/home/cmpilato/tests/repo/db/revprops/revprops.db-journal", O_RDWR|O\
   _CREAT|O_LARGEFILE, 0644) = 4
   open("/home/cmpilato/tests/repo/db/revprops", O_RDONLY|O_LARGEFILE) = 5
   open("repo/db/current", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 066\
   6) = 4
   open("repo/db/write-lock", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, \
   0666) = 4
   open("repo/db/svn-7jHcMt", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = 4
   open("repo/db", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 4
   open("repo/db/revs/0/0", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 06\
   66) = 4
   open("repo/db/revprops/0/svn-zPhhTc", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0\
   600) = 4
   open("repo/db/revprops/0", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 4
   open("repo/db/fsfs.conf", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 0\
   666) = 4
   open("repo/db/fsfs.conf", O_RDONLY|O_LARGEFILE|O_CLOEXEC) = 4
   open("repo/db/min-unpacked-rev", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLO\
   EXEC, 0666) = 4
   open("repo/db/txn-current", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC,\
    0666) = 4
   open("repo/db/txn-current-lock", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLO\
   EXEC, 0666) = 4
   open("repo/db/format", O_WRONLY|O_CREAT|O_EXCL|O_LARGEFILE|O_CLOEXEC, 0666\
   ) = 4
   open("repo/svn-8Mzztz", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 0600) = 4
   $

...with the notable exception of the sqlite file creation, which is (as was
reported) done with mode 0644.

I do note that the sqlite source code allows you to override the default file
permissions used at compile time (with -DSQLITE_DEFAULT_FILE_PERMISSIONS=0666,
for example), and we could certainly do so for our in-place builds, I guess.  It
won't help folks compiling against a preinstalled sqlite library, though.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=463&dsMessageId=2692431

To unsubscribe from this discussion, e-mail: [issues-unsubscribe@subversion.tigris.org].
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic