Bug 3740 - repo on a root-owned directory (many permission failures)
Summary: repo on a root-owned directory (many permission failures)
Status: RESOLVED FIXED
Alias: None
Product: Mercurial
Classification: Unclassified
Component: Mercurial (show other bugs)
Version: earlier
Hardware: PC Linux
: normal bug
Assignee: Bugzilla
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-12-20 14:33 UTC by brau
Modified: 2017-11-01 18:05 UTC (History)
4 users (show)

See Also:
Python Version: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description brau 2012-12-20 14:33 UTC
* I use knoppix live usb and it mounts my pendrive as
a root:root owned directory.

When i try to create a new repository
$ ls . -ld
drwxrwxrwx 2 root root 8192 dic 20 16:10 .
$ hg init
abort: Operation not permitted: /mnt-system/x/.hg/requires


* And when using a another repository in the usb (root:root):
$ hg st
abort: Operation not permitted: /mnt-system/ultimosproy/bomber.hgrepo/lila/.hg/.dirstate-fOU3Ix

* But... i have all rights inside the current directory as you can see
in the listing of directories below:

$ hg st --debug --trace
Traceback (most recent call last):
  File "/home/knoppix/bin/mercurial-2.4/mercurial/dispatch.py", line 88, in _runcatch
    return _dispatch(req)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/dispatch.py", line 741, in _dispatch
    cmdpats, cmdoptions)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/dispatch.py", line 514, in runcommand
    ret = _runcommand(ui, options, cmd, d)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/extensions.py", line 189, in wrap
    return wrapper(origfn, *args, **kwargs)
  File "/home/knoppix/bin/mercurial-2.4/hgext/pager.py", line 130, in pagecmd
    return orig(ui, options, cmd, cmdfunc)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/dispatch.py", line 831, in _runcommand
    return checkargs()
  File "/home/knoppix/bin/mercurial-2.4/mercurial/dispatch.py", line 802, in checkargs
    return cmdfunc()
  File "/home/knoppix/bin/mercurial-2.4/mercurial/dispatch.py", line 738, in <lambda>
    d = lambda: util.checksignature(func)(ui, *args, **cmdoptions)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/util.py", line 472, in check
    return func(*args, **kwargs)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/commands.py", line 5422, in status
    opts.get('subrepos'))
  File "/home/knoppix/bin/mercurial-2.4/mercurial/localrepo.py", line 1600, in status
    wlock.release()
  File "/home/knoppix/bin/mercurial-2.4/mercurial/lock.py", line 137, in release
    self.releasefn()
  File "/home/knoppix/bin/mercurial-2.4/mercurial/localrepo.py", line 1136, in unlock
    self.dirstate.write()
  File "/home/knoppix/bin/mercurial-2.4/mercurial/dirstate.py", line 494, in write
    st = self._opener("dirstate", "w", atomictemp=True)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/scmutil.py", line 289, in __call__
    return util.atomictempfile(f, mode, self.createmode)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/util.py", line 814, in __init__
    createmode=createmode)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/util.py", line 779, in mktempcopy
    copymode(name, temp, createmode)
  File "/home/knoppix/bin/mercurial-2.4/mercurial/posix.py", line 110, in copymode
    os.chmod(dst, st_mode)
OSError: [Errno 1] Operation not permitted: '/mnt-system/ultimosproy/bomber.hgrepo/lila/.hg/.dirstate-s38j2u'
abort: Operation not permitted: /mnt-system/ultimosproy/bomber.hgrepo/lila/.hg/.dirstate-s38j2u
$ ls . -ld
drwxrwxrwx 7 root root 8192 dic 20 16:05 .
$ find -type d -ls
   217    8 drwxrwxrwx   7 root     root         8192 dic 20 16:05 .
   279    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./GUIA
   280    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./rc
   281    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./serverside
   282    8 drwxrwxrwx   5 root     root         8192 dic 20 16:05 ./.hg
   285    8 drwxrwxrwx   3 root     root         8192 dic 20 15:52 ./.hg/store
   303    8 drwxrwxrwx   5 root     root         8192 dic 20 15:51 ./.hg/store/data
   307    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./.hg/store/data/_g_u_i_a
   333    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./.hg/store/data/rc
   335    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./.hg/store/data/serverside
   411    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./.hg/cache
   416    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./.hg/strip-backup
   283    8 drwxrwxrwx   2 root     root         8192 dic 20 15:51 ./logs
Comment 1 Kevin Bullock 2012-12-20 14:57 UTC
Even if you have full rwx permissions on a file, chmod will not work if you aren't the owner of the file. Since every file in your listing is mode 777, owned by root.root, I'm guessing it's a filesystem that doesn't support POSIX permissions (e.g. FAT of some bit-width).

Try convincing Knoppix to mount your pen drive as your user account.
Comment 2 brau 2012-12-20 16:07 UTC
thanks for the instantaneos reply. Yes, i think I'll have to 
modify the knoppix initrd...

I understand hg (and any program) does some system modifications 
because security is a concert, like chmoding the system touched files, 
but is it vital to the role of the program? How feasible is to put
a flag like --dont-chmod-repo to hg?
Comment 3 Kevin Bullock 2012-12-20 16:33 UTC
To preserve access to shared repos, Mercurial takes the permissions for new files from the existing .hg/store (see http://mercurial.selenic.com/wiki/MultipleCommitters).

I suspect that you don't actually have _any_ kind of write access to your pendrive, though, since even `hg init` doesn't work. Even though the permission bits _say_ it's o+rwx, for security reasons, Linux is probably preventing you from writing to a volume that is mounted as root and doesn't support POSIX ownership.
Comment 4 Matt Mackall 2012-12-20 17:02 UTC
This is indeed broken:

$ mount
/home/mpm/fat-image on /media/fat type vfat (rw,relatime,fmask=0000,dmask=0000,allow_utime=0022,codepage=cp437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro)
$ cd /media/fat
$ ls -ld .
drwxrwxrwx 7 root root 16384 Dec 20 15:27 ./
$ hg init foo
abort: Operation not permitted: /media/fat/foo/.hg/requires

Here, we're trying to change the mode from 0777 to 0666.. for no useful reason, as the underlying fs doesn't really support exec bits. And we already check for exec bit support in lots of other places. So perhaps we want something like this:

diff -r 29a2a97d76e1 mercurial/scmutil.py
--- a/mercurial/scmutil.py	Tue Dec 04 00:41:29 2012 +0100
+++ b/mercurial/scmutil.py	Thu Dec 20 15:44:48 2012 -0600
@@ -262,8 +262,12 @@
     def _cansymlink(self):
         return util.checklink(self.base)
 
+    @util.propertycache
+    def _chmod(self):
+        return util.checkexec(self.base)
+
     def _fixfilemode(self, name):
-        if self.createmode is None:
+        if self.createmode is None or not self._chmod:
             return
         os.chmod(name, self.createmode & 0666)
Comment 5 HG Bot 2013-01-02 01:49 UTC
Fixed by http://selenic.com/repo/hg/rev/f9a89bdd64a6
Matt Mackall <mpm@selenic.com>
scmutil: don't try to match modes on filesystems without modes (issue3740)

(please test the fix)