diff options
| author |  Joey Hess <joey@kitenet.net> | 2013-11-15 14:52:03 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2013-11-15 14:52:03 -0400 |
| commit | 454c990ce49af450d3177f2ea9c6132681959078 (patch) | |
| tree | 9c11d10ccac85d646f7c85a1e51b71efc0a7c28a /Command | |
| parent | a4ea1393cef234518bfa8dcaeb522259a485b414 (diff) | |
Direct mode .git/annex/objects directories are no longer left writable
Because that allowed writing to symlinks of files that are not present,
which followed the link and put bad content in an object location.
fsck: Fix up .git/annex/object directory permissions.
This commit was sponsored by an anonymous bitcoin donor.
Diffstat (limited to 'Command')
| -rw-r--r-- | Command/Fsck.hs | 5 | ||||
| -rw-r--r-- | Command/Indirect.hs | 13 |
2 files changed, 8 insertions, 10 deletions
diff --git a/Command/Fsck.hs b/Command/Fsck.hs index 3b89c550c..a8e52af98 100644 --- a/Command/Fsck.hs +++ b/Command/Fsck.hs @@ -218,9 +218,10 @@ verifyLocationLog key desc = do {- Since we're checking that a key's file is present, throw - in a permission fixup here too. -} - when (present && not direct) $ do - file <- calcRepo $ gitAnnexLocation key + file <- calcRepo $ gitAnnexLocation key + when (present && not direct) $ freezeContent file + whenM (liftIO $ doesDirectoryExist $ parentDir file) $ freezeContentDir file {- In direct mode, modified files will show up as not present, diff --git a/Command/Indirect.hs b/Command/Indirect.hs index a2512ea96..8b857e2f6 100644 --- a/Command/Indirect.hs +++ b/Command/Indirect.hs @@ -20,9 +20,9 @@ import Config import qualified Annex import Annex.Direct import Annex.Content +import Annex.Content.Direct import Annex.CatFile import Annex.Version -import Annex.Perms import Annex.Exception import Init import qualified Command.Add @@ -77,7 +77,8 @@ perform = do Just s | isSymbolicLink s -> void $ flip whenAnnexed f $ \_ (k, _) -> do - cleandirect k + removeInodeCache k + removeAssociatedFiles k return Nothing | otherwise -> maybe noop (fromdirect f) @@ -87,8 +88,8 @@ perform = do fromdirect f k = do showStart "indirect" f - thawContentDir =<< calcRepo (gitAnnexLocation k) - cleandirect k -- clean before content directory gets frozen + removeInodeCache k + removeAssociatedFiles k whenM (liftIO $ not . isSymbolicLink <$> getSymbolicLinkStatus f) $ do v <-tryAnnexIO (moveAnnex k f) case v of @@ -103,10 +104,6 @@ perform = do warnlocked e = do warning $ show e warning "leaving this file as-is; correct this problem and run git annex add on it" - - cleandirect k = do - liftIO . nukeFile =<< calcRepo (gitAnnexInodeCache k) - liftIO . nukeFile =<< calcRepo (gitAnnexMapping k) cleanup :: CommandCleanup cleanup = do |