|
|
|
#!/usr/bin/perl
|
|
|
|
#
|
|
|
|
# Copyright (c) 2006 Josh England
|
|
|
|
#
|
|
|
|
# This script can be used to save/restore full permissions and ownership data
|
|
|
|
# within a git working tree.
|
|
|
|
#
|
|
|
|
# To save permissions/ownership data, place this script in your .git/hooks
|
|
|
|
# directory and enable a `pre-commit` hook with the following lines:
|
|
|
|
# #!/bin/sh
|
|
|
|
# SUBDIRECTORY_OK=1 . git-sh-setup
|
|
|
|
# $GIT_DIR/hooks/setgitperms.perl -r
|
|
|
|
#
|
|
|
|
# To restore permissions/ownership data, place this script in your .git/hooks
|
|
|
|
# directory and enable a `post-merge` and `post-checkout` hook with the
|
|
|
|
# following lines:
|
|
|
|
# #!/bin/sh
|
|
|
|
# SUBDIRECTORY_OK=1 . git-sh-setup
|
|
|
|
# $GIT_DIR/hooks/setgitperms.perl -w
|
|
|
|
#
|
|
|
|
use strict;
|
|
|
|
use Getopt::Long;
|
|
|
|
use File::Find;
|
|
|
|
use File::Basename;
|
|
|
|
|
|
|
|
my $usage =
|
|
|
|
"usage: setgitperms.perl [OPTION]... <--read|--write>
|
|
|
|
This program uses a file `.gitmeta` to store/restore permissions and uid/gid
|
|
|
|
info for all files/dirs tracked by git in the repository.
|
|
|
|
|
|
|
|
---------------------------------Read Mode-------------------------------------
|
|
|
|
-r, --read Reads perms/etc from working dir into a .gitmeta file
|
|
|
|
-s, --stdout Output to stdout instead of .gitmeta
|
|
|
|
-d, --diff Show unified diff of perms file (XOR with --stdout)
|
|
|
|
|
|
|
|
---------------------------------Write Mode------------------------------------
|
|
|
|
-w, --write Modify perms/etc in working dir to match the .gitmeta file
|
|
|
|
-v, --verbose Be verbose
|
|
|
|
|
|
|
|
\n";
|
|
|
|
|
|
|
|
my ($stdout, $showdiff, $verbose, $read_mode, $write_mode);
|
|
|
|
|
|
|
|
if ((@ARGV < 0) || !GetOptions(
|
|
|
|
"stdout", \$stdout,
|
|
|
|
"diff", \$showdiff,
|
|
|
|
"read", \$read_mode,
|
|
|
|
"write", \$write_mode,
|
|
|
|
"verbose", \$verbose,
|
|
|
|
)) { die $usage; }
|
|
|
|
die $usage unless ($read_mode xor $write_mode);
|
|
|
|
|
|
|
|
my $topdir = `git rev-parse --show-cdup` or die "\n"; chomp $topdir;
|
|
|
|
my $gitdir = $topdir . '.git';
|
|
|
|
my $gitmeta = $topdir . '.gitmeta';
|
|
|
|
|
|
|
|
if ($write_mode) {
|
|
|
|
# Update the working dir permissions/ownership based on data from .gitmeta
|
|
|
|
open (IN, "<$gitmeta") or die "Could not open $gitmeta for reading: $!\n";
|
|
|
|
while (defined ($_ = <IN>)) {
|
|
|
|
chomp;
|
|
|
|
if (/^(.*) mode=(\S+)\s+uid=(\d+)\s+gid=(\d+)/) {
|
|
|
|
# Compare recorded perms to actual perms in the working dir
|
|
|
|
my ($path, $mode, $uid, $gid) = ($1, $2, $3, $4);
|
|
|
|
my $fullpath = $topdir . $path;
|
|
|
|
my (undef,undef,$wmode,undef,$wuid,$wgid) = lstat($fullpath);
|
|
|
|
$wmode = sprintf "%04o", $wmode & 07777;
|
|
|
|
if ($mode ne $wmode) {
|
|
|
|
$verbose && print "Updating permissions on $path: old=$wmode, new=$mode\n";
|
|
|
|
chmod oct($mode), $fullpath;
|
|
|
|
}
|
|
|
|
if ($uid != $wuid || $gid != $wgid) {
|
|
|
|
if ($verbose) {
|
|
|
|
# Print out user/group names instead of uid/gid
|
|
|
|
my $pwname = getpwuid($uid);
|
|
|
|
my $grpname = getgrgid($gid);
|
|
|
|
my $wpwname = getpwuid($wuid);
|
|
|
|
my $wgrpname = getgrgid($wgid);
|
|
|
|
$pwname = $uid if !defined $pwname;
|
|
|
|
$grpname = $gid if !defined $grpname;
|
|
|
|
$wpwname = $wuid if !defined $wpwname;
|
|
|
|
$wgrpname = $wgid if !defined $wgrpname;
|
|
|
|
|
|
|
|
print "Updating uid/gid on $path: old=$wpwname/$wgrpname, new=$pwname/$grpname\n";
|
|
|
|
}
|
|
|
|
chown $uid, $gid, $fullpath;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
warn "Invalid input format in $gitmeta:\n\t$_\n";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
close IN;
|
|
|
|
}
|
|
|
|
elsif ($read_mode) {
|
|
|
|
# Handle merge conflicts in the .gitperms file
|
|
|
|
if (-e "$gitdir/MERGE_MSG") {
|
|
|
|
if (`grep ====== $gitmeta`) {
|
|
|
|
# Conflict not resolved -- abort the commit
|
|
|
|
print "PERMISSIONS/OWNERSHIP CONFLICT\n";
|
|
|
|
print " Resolve the conflict in the $gitmeta file and then run\n";
|
|
|
|
print " `.git/hooks/setgitperms.perl --write` to reconcile.\n";
|
|
|
|
exit 1;
|
|
|
|
}
|
|
|
|
elsif (`grep $gitmeta $gitdir/MERGE_MSG`) {
|
|
|
|
# A conflict in .gitmeta has been manually resolved. Verify that
|
|
|
|
# the working dir perms matches the current .gitmeta perms for
|
|
|
|
# each file/dir that conflicted.
|
|
|
|
# This is here because a `setgitperms.perl --write` was not
|
|
|
|
# performed due to a merge conflict, so permissions/ownership
|
|
|
|
# may not be consistent with the manually merged .gitmeta file.
|
|
|
|
my @conflict_diff = `git show \$(cat $gitdir/MERGE_HEAD)`;
|
|
|
|
my @conflict_files;
|
|
|
|
my $metadiff = 0;
|
|
|
|
|
|
|
|
# Build a list of files that conflicted from the .gitmeta diff
|
|
|
|
foreach my $line (@conflict_diff) {
|
|
|
|
if ($line =~ m|^diff --git a/$gitmeta b/$gitmeta|) {
|
|
|
|
$metadiff = 1;
|
|
|
|
}
|
|
|
|
elsif ($line =~ /^diff --git/) {
|
|
|
|
$metadiff = 0;
|
|
|
|
}
|
|
|
|
elsif ($metadiff && $line =~ /^\+(.*) mode=/) {
|
|
|
|
push @conflict_files, $1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# Verify that each conflict file now has permissions consistent
|
|
|
|
# with the .gitmeta file
|
|
|
|
foreach my $file (@conflict_files) {
|
|
|
|
my $absfile = $topdir . $file;
|
|
|
|
my $gm_entry = `grep "^$file mode=" $gitmeta`;
|
|
|
|
if ($gm_entry =~ /mode=(\d+) uid=(\d+) gid=(\d+)/) {
|
|
|
|
my ($gm_mode, $gm_uid, $gm_gid) = ($1, $2, $3);
|
|
|
|
my (undef,undef,$mode,undef,$uid,$gid) = lstat("$absfile");
|
|
|
|
$mode = sprintf("%04o", $mode & 07777);
|
|
|
|
if (($gm_mode ne $mode) || ($gm_uid != $uid)
|
|
|
|
|| ($gm_gid != $gid)) {
|
|
|
|
print "PERMISSIONS/OWNERSHIP CONFLICT\n";
|
|
|
|
print " Mismatch found for file: $file\n";
|
|
|
|
print " Run `.git/hooks/setgitperms.perl --write` to reconcile.\n";
|
|
|
|
exit 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
print "Warning! Permissions/ownership no longer being tracked for file: $file\n";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
# No merge conflicts -- write out perms/ownership data to .gitmeta file
|
|
|
|
unless ($stdout) {
|
|
|
|
open (OUT, ">$gitmeta.tmp") or die "Could not open $gitmeta.tmp for writing: $!\n";
|
|
|
|
}
|
|
|
|
|
|
|
|
my @files = `git ls-files`;
|
|
|
|
my %dirs;
|
|
|
|
|
|
|
|
foreach my $path (@files) {
|
|
|
|
chomp $path;
|
|
|
|
# We have to manually add stats for parent directories
|
|
|
|
my $parent = dirname($path);
|
|
|
|
while (!exists $dirs{$parent}) {
|
|
|
|
$dirs{$parent} = 1;
|
|
|
|
next if $parent eq '.';
|
|
|
|
printstats($parent);
|
|
|
|
$parent = dirname($parent);
|
|
|
|
}
|
|
|
|
# Now the git-tracked file
|
|
|
|
printstats($path);
|
|
|
|
}
|
|
|
|
|
|
|
|
# diff the temporary metadata file to see if anything has changed
|
|
|
|
# If no metadata has changed, don't overwrite the real file
|
|
|
|
# This is just so `git commit -a` doesn't try to commit a bogus update
|
|
|
|
unless ($stdout) {
|
|
|
|
if (! -e $gitmeta) {
|
|
|
|
rename "$gitmeta.tmp", $gitmeta;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
my $diff = `diff -U 0 $gitmeta $gitmeta.tmp`;
|
|
|
|
if ($diff ne '') {
|
|
|
|
rename "$gitmeta.tmp", $gitmeta;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
unlink "$gitmeta.tmp";
|
|
|
|
}
|
|
|
|
if ($showdiff) {
|
|
|
|
print $diff;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
close OUT;
|
|
|
|
}
|
|
|
|
# Make sure the .gitmeta file is tracked
|
|
|
|
system("git add $gitmeta");
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
sub printstats {
|
|
|
|
my $path = $_[0];
|
|
|
|
$path =~ s/@/\@/g;
|
|
|
|
my (undef,undef,$mode,undef,$uid,$gid) = lstat($path);
|
|
|
|
$path =~ s/%/\%/g;
|
|
|
|
if ($stdout) {
|
|
|
|
print $path;
|
|
|
|
printf " mode=%04o uid=$uid gid=$gid\n", $mode & 07777;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
print OUT $path;
|
|
|
|
printf OUT " mode=%04o uid=$uid gid=$gid\n", $mode & 07777;
|
|
|
|
}
|
|
|
|
}
|