diff options
| -rw-r--r-- | Annex/Content.hs | 4 | ||||
| -rw-r--r-- | Annex/LockFile.hs | 9 | ||||
| -rw-r--r-- | Annex/Ssh.hs | 1 | ||||
| -rw-r--r-- | Annex/Transfer.hs | 1 | ||||
| -rw-r--r-- | Command/PreCommit.hs | 1 | ||||
| -rw-r--r-- | Remote/Helper/Hooks.hs | 1 | ||||
| -rw-r--r-- | Utility/WinLock.hs | 7 | ||||
| -rw-r--r-- | debian/changelog | 2 |
8 files changed, 23 insertions, 3 deletions
diff --git a/Annex/Content.hs b/Annex/Content.hs index b51e15827..2a05c2dac 100644 --- a/Annex/Content.hs +++ b/Annex/Content.hs @@ -192,7 +192,9 @@ lockContent key a = do v <- tryIO $ setLock fd (WriteLock, AbsoluteSeek, 0, 0) case v of Left _ -> alreadylocked - Right _ -> return $ Just fd + Right _ -> do + setFdOption fd CloseOnExec True + return $ Just fd unlock mlockfile mfd = do maybe noop cleanuplockfile mlockfile liftIO $ maybe noop closeFd mfd diff --git a/Annex/LockFile.hs b/Annex/LockFile.hs index dc4f82f98..7a5c4b0e1 100644 --- a/Annex/LockFile.hs +++ b/Annex/LockFile.hs @@ -37,6 +37,7 @@ lockFileShared file = go =<< fromLockPool file mode <- annexFileMode lockhandle <- liftIO $ noUmask mode $ openFd file ReadOnly (Just mode) defaultFileFlags + setFdOption lockhandle CloseOnExec True liftIO $ waitToSetLock lockhandle (ReadLock, AbsoluteSeek, 0, 0) #else lockhandle <- liftIO $ waitToLock $ lockShared file @@ -70,13 +71,19 @@ changeLockPool a = do withExclusiveLock :: (Git.Repo -> FilePath) -> Annex a -> Annex a withExclusiveLock getlockfile a = do lockfile <- fromRepo getlockfile + liftIO $ hPutStrLn stderr (show ("locking", lockfile)) + liftIO $ hFlush stderr createAnnexDirectory $ takeDirectory lockfile mode <- annexFileMode - bracketIO (lock lockfile mode) unlock (const a) + r <- bracketIO (lock lockfile mode) unlock (const a) + liftIO $ hPutStrLn stderr (show ("unlocked", lockfile)) + liftIO $ hFlush stderr + return r where #ifndef mingw32_HOST_OS lock lockfile mode = do l <- noUmask mode $ createFile lockfile mode + setFdOption l CloseOnExec True waitToSetLock l (WriteLock, AbsoluteSeek, 0, 0) return l unlock = closeFd diff --git a/Annex/Ssh.hs b/Annex/Ssh.hs index 246ac338d..238af0588 100644 --- a/Annex/Ssh.hs +++ b/Annex/Ssh.hs @@ -153,6 +153,7 @@ sshCleanup = mapM_ cleanup =<< enumSocketFiles mode <- annexFileMode fd <- liftIO $ noUmask mode $ openFd lockfile ReadWrite (Just mode) defaultFileFlags + setFdOption fd CloseOnExec True v <- liftIO $ tryIO $ setLock fd (WriteLock, AbsoluteSeek, 0, 0) case v of diff --git a/Annex/Transfer.hs b/Annex/Transfer.hs index 5e98a87d9..ec17609ea 100644 --- a/Annex/Transfer.hs +++ b/Annex/Transfer.hs @@ -81,6 +81,7 @@ runTransfer' ignorelock t file shouldretry a = do case mfd of Nothing -> return (Nothing, False) Just fd -> do + setFdOption fd CloseOnExec True locked <- catchMaybeIO $ setLock fd (WriteLock, AbsoluteSeek, 0, 0) if isNothing locked diff --git a/Command/PreCommit.hs b/Command/PreCommit.hs index 09ff042aa..61508ba9b 100644 --- a/Command/PreCommit.hs +++ b/Command/PreCommit.hs @@ -101,6 +101,7 @@ lockPreCommitHook a = do #ifndef mingw32_HOST_OS lock lockfile mode = do l <- liftIO $ noUmask mode $ createFile lockfile mode + setFdOption l CloseOnExec True liftIO $ waitToSetLock l (WriteLock, AbsoluteSeek, 0, 0) return l unlock = closeFd diff --git a/Remote/Helper/Hooks.hs b/Remote/Helper/Hooks.hs index 907400bd1..150e9efd2 100644 --- a/Remote/Helper/Hooks.hs +++ b/Remote/Helper/Hooks.hs @@ -86,6 +86,7 @@ runHooks r starthook stophook a = do mode <- annexFileMode fd <- liftIO $ noUmask mode $ openFd lck ReadWrite (Just mode) defaultFileFlags + setFdOption fd CloseOnExec True v <- liftIO $ tryIO $ setLock fd (WriteLock, AbsoluteSeek, 0, 0) case v of diff --git a/Utility/WinLock.hs b/Utility/WinLock.hs index 369da6782..fc7c8a8a9 100644 --- a/Utility/WinLock.hs +++ b/Utility/WinLock.hs @@ -44,15 +44,20 @@ lockExclusive = openLock fILE_SHARE_NONE - Note that createFile busy-waits to try to avoid failing when some other - process briefly has a file open. But that would make checking locks - much more expensive, so is not done here. Thus, the use of c_CreateFile. + - + - Also, passing Nothing for SECURITY_ATTRIBUTES ensures that the lock file + - is not inheerited by any child process. -} openLock :: ShareMode -> LockFile -> IO (Maybe LockHandle) openLock sharemode f = do h <- withTString f $ \c_f -> - c_CreateFile c_f gENERIC_READ sharemode (maybePtr Nothing) + c_CreateFile c_f gENERIC_READ sharemode security_attributes oPEN_ALWAYS fILE_ATTRIBUTE_NORMAL (maybePtr Nothing) return $ if h == iNVALID_HANDLE_VALUE then Nothing else Just h + where + security_attributes = maybePtr Nothing dropLock :: LockHandle -> IO () dropLock = closeHandle diff --git a/debian/changelog b/debian/changelog index dbb3ac8d5..2e2200696 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,6 +1,8 @@ git-annex (5.20140818) UNRELEASED; urgency=medium * Make --help work when not in a git repository. Closes: #758592 + * Ensure that all lock fds are close-on-exec, fixing various problems with + them being inherited by child processes such as git commands. -- Joey Hess <joeyh@debian.org> Tue, 19 Aug 2014 12:52:41 -0400 |