aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWolfgang Müller2024-09-21 13:36:26 +0200
committerWolfgang Müller2024-09-21 13:36:26 +0200
commitd1ad594caadf4c951b2efd67429c4fa9508622a5 (patch)
treecc3c74359f3b37c41d12996bc9fb69f2bc5cb89f
parent92ba675e4bffaca19af1d354783c33b0d9dca069 (diff)
downloadgit-helpers-trunk.tar.gz
git-init-acl: Set ACL mask to rwXHEADtrunk
The ACL mask denotes the maximum access rights that can be granted by ACL entries. Not recalculating it means that we end up with an incorrect mask of r--, denying write permission for users other than the owner even though ACL entries exist for them. Explicitly set the mask and default directory mask to rwX such that we end up with rw- on files and rwx on directories.
-rwxr-xr-xgit-init-acl7
1 files changed, 4 insertions, 3 deletions
diff --git a/git-init-acl b/git-init-acl
index 50950b5..1a40dff 100755
--- a/git-init-acl
+++ b/git-init-acl
@@ -16,9 +16,10 @@ acl_mask() {
add_to_acl() {
# Recursively apply all necessary ACL settings as we may be reinitializing
# the git repository with additional authorised users.
- # Take care *not* to recalculate the ACL mask (-n), since rwX translates to
- # a mask of rwx even on non-directory files.
- setfacl -Rnm "d:u:$2:rwX,u:$2:rwX" "$1"
+ # Take care to specify the ACL mask explicitly to make sure it is set to
+ # rw- on files and rwx on directories (automatic recalculation ends up
+ # setting rwx even on non-directory files)
+ setfacl -Rm "d:u:$2:rwX,u:$2:rwX,d:m:rwX,m:rwX" "$1"
}
test $# -ge 1 || usage