[PATCH] blackbox: add logreadonlybyuser to restrict permission to log (issue5065)

liscju piotr.listkiewicz at gmail.com
Sun Mar 13 15:37:38 EDT 2016


# HG changeset patch
# User liscju <piotr.listkiewicz at gmail.com>
# Date 1457897554 -3600
#      Sun Mar 13 20:32:34 2016 +0100
# Node ID 1e6bd0d2f0533882d4c1e26197b31b4c1828f785
# Parent  1c658391b22fb4d98ccfb60c0e57315b55634117
blackbox: add logreadonlybyuser to restrict permission to log (issue5065)

So far log file .hg/blackbox.log was created with read permission
assigned to all.  This commit introduces logreadonlybyuser option
that restricts permission while creating log file making it
readable only by user.

This option doesn't change permission to created log file.

diff -r 1c658391b22f -r 1e6bd0d2f053 hgext/blackbox.py
--- a/hgext/blackbox.py	Tue Mar 08 00:20:08 2016 -0800
+++ b/hgext/blackbox.py	Sun Mar 13 20:32:34 2016 +0100
@@ -32,6 +32,8 @@ Examples::
   maxsize = 1.5 MB
   # rotate up to N log files when the current one gets too big
   maxfiles = 3
+  # log file is readable only by user
+  logreadonlybyuser =
 
 """
 
@@ -60,11 +62,14 @@ lastui = None
 
 filehandles = {}
 
-def _openlog(vfs):
+def _openlog(vfs, readonlybyuser):
     path = vfs.join('blackbox.log')
     if path in filehandles:
         return filehandles[path]
+    createslogfile = not vfs.exists('blackbox.log')
     filehandles[path] = fp = vfs('blackbox.log', 'a')
+    if createslogfile and readonlybyuser:
+        vfs.chmod('blackbox.log', 0o600)
     return fp
 
 def _closelog(vfs):
@@ -115,7 +120,8 @@ def wrapui(ui):
                         self.debug("warning: cannot rename '%s' to '%s': %s\n" %
                                    (newpath, oldpath, err.strerror))
 
-            fp = _openlog(self._bbvfs)
+            logreadonlybyuser = self.hasconfig('blackbox', 'logreadonlybyuser')
+            fp = _openlog(self._bbvfs, logreadonlybyuser)
             maxsize = self.configbytes('blackbox', 'maxsize', 1048576)
             if maxsize > 0:
                 st = self._bbvfs.fstat(fp)
@@ -128,7 +134,7 @@ def wrapui(ui):
                                newpath='%s.%d' % (path, i))
                     rotate(oldpath=path,
                            newpath=maxfiles > 0 and path + '.1')
-                    fp = _openlog(self._bbvfs)
+                    fp = _openlog(self._bbvfs, logreadonlybyuser)
             return fp
 
         def _bbwrite(self, fmt, *args):
diff -r 1c658391b22f -r 1e6bd0d2f053 tests/test-blackbox.t
--- a/tests/test-blackbox.t	Tue Mar 08 00:20:08 2016 -0800
+++ b/tests/test-blackbox.t	Sun Mar 13 20:32:34 2016 +0100
@@ -191,5 +191,21 @@ log rotation
   1970/01/01 00:00:00 bob @45589e459b2edfbf3dbde7e01f611d2c1e7453d7 (5000)> log -r tip exited 0 after * seconds (glob)
   1970/01/01 00:00:00 bob @45589e459b2edfbf3dbde7e01f611d2c1e7453d7 (5000)> blackbox
 
+We expect that logreadonlybyuser option will create log file with read
+permission assigned only to user.
+
+  $ ls -al .hg/blackbox.log
+  -rw-r--r-- * .hg/blackbox.log (glob)
+  $ rm .hg/blackbox.log
+  $ cat >> $HGRCPATH <<EOF
+  > [extensions]
+  > blackbox=
+  > [blackbox]
+  > logreadonlybyuser =
+  > EOF
+  $ hg status
+  $ ls -al .hg/blackbox.log
+  -rw------- * .hg/blackbox.log (glob)
+
 cleanup
   $ cd ..


More information about the Mercurial-devel mailing list