GFileInfo *file_info,
GFileInfo **out_modified_info)
{
+ gboolean canonicalize_perms = FALSE;
+ gboolean has_filter = FALSE;
OstreeRepoCommitFilterResult result = OSTREE_REPO_COMMIT_FILTER_ALLOW;
GFileInfo *modified_info;
- if (modifier == NULL ||
- (modifier->filter == NULL &&
- (modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS) == 0))
+ /* Auto-detect bare-user-only repo, force canonical permissions. */
+ if (self->mode == OSTREE_REPO_MODE_BARE_USER_ONLY)
+ canonicalize_perms = TRUE;
+
+ if (modifier != NULL)
+ {
+ if ((modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS) != 0)
+ canonicalize_perms = TRUE;
+ if (modifier->filter != NULL)
+ has_filter = TRUE;
+ }
+
+ if (!(canonicalize_perms || has_filter))
{
*out_modified_info = g_object_ref (file_info);
- return OSTREE_REPO_COMMIT_FILTER_ALLOW;
+ return OSTREE_REPO_COMMIT_FILTER_ALLOW; /* Note: early return (no actions needed) */
}
modified_info = g_file_info_dup (file_info);
- if (modifier->filter)
+
+ if (has_filter)
result = modifier->filter (self, path, modified_info, modifier->user_data);
- if ((modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS) != 0)
+ if (canonicalize_perms)
{
guint mode = g_file_info_get_attribute_uint32 (modified_info, "unix::mode");
switch (g_file_info_get_file_type (file_info))
/* Load flags into boolean constants for ease of readability (we also need to
* NULL-check modifier)
*/
- const gboolean canonical_permissions = modifier &&
- (modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS);
+ const gboolean canonical_permissions = self->mode == OSTREE_REPO_MODE_BARE_USER_ONLY ||
+ (modifier && (modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS));
const gboolean devino_canonical = modifier &&
(modifier->flags & OSTREE_REPO_COMMIT_MODIFIER_FLAGS_DEVINO_CANONICAL);
/* We currently only honor the CONSUME flag in the dfd_iter case to avoid even
* @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_NONE: No special flags
* @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_SKIP_XATTRS: Do not process extended attributes
* @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_GENERATE_SIZES: Generate size information.
- * @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS: Canonicalize permissions for bare-user-only mode.
+ * @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS: Canonicalize permissions.
* @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_ERROR_ON_UNLABELED: Emit an error if configured SELinux policy does not provide a label
* @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CONSUME: Delete added files/directories after commit; Since: 2017.13
* @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_DEVINO_CANONICAL: If a devino cache hit is found, skip modifier filters (non-directories only); Since: 2017.14
+ *
+ * Flags modifying commit behavior. In bare-user-only mode, @OSTREE_REPO_COMMIT_MODIFIER_FLAGS_CANONICAL_PERMISSIONS
+ * is automatically enabled.
+ *
*/
typedef enum {
OSTREE_REPO_COMMIT_MODIFIER_FLAGS_NONE = 0,
# In bare-user-only repos we can only represent files with uid/gid 0, no
# xattrs and canonical permissions, so we need to commit them as such, or
# we end up with repos that don't pass fsck
- COMMIT_ARGS="--canonical-permissions --no-xattrs"
+ COMMIT_ARGS="--no-xattrs"
DIFF_ARGS="--owner-uid=0 --owner-gid=0 --no-xattrs"
# Also, since we can't check out uid=0 files we need to check out in user mode
CHECKOUT_U_ARG="-U"
mode="bare-user-only"
setup_test_repository "$mode"
-extra_basic_tests=6
+extra_basic_tests=7
. $(dirname $0)/basic-test.sh
$CMD_PREFIX ostree --version > version.yaml
$OSTREE checkout ${CHECKOUT_H_ARGS} --union-identical perms out
$OSTREE fsck
echo "ok checkout checksum with canonical perms"
+
+cd ${test_tmpdir}
+rm repo -rf
+ostree_repo_init repo init --mode=bare-user-only
+rm files -rf && mkdir files
+echo afile > files/afile
+$OSTREE commit ${COMMIT_ARGS} -b perms files
+rm out -rf
+$OSTREE checkout --force-copy perms out
+$OSTREE checkout ${CHECKOUT_H_ARGS} --union-identical perms out
+$OSTREE fsck
+echo "ok automatic canonical perms for bare-user-only"
projects / ostree.git / commitdiff