darcs

Issue 1959 whatsnew shouldn't need write access (opening of '_darcs/index' failed)

Title whatsnew shouldn't need write access (opening of '_darcs/index' failed)
Priority bug Status needs-diagnosis/design
Milestone Resolved in
Superseder Nosy List dmitry.kurochkin, mornfall, wferi
Assigned To
Topics Hashed

Created on 2010-09-23.11:43:14 by igloo, last changed 2018-11-16.18:45:14 by bf.

Files
File name Uploaded Type Edit Remove
resolve-issue1959_-catch-permission-errors-when-accessing-the-index.dpatch bf, 2018-10-02.23:12:02 application/octet-stream
Messages
msg12602 (view) Author: igloo Date: 2010-09-23.11:43:13
$ darcs --version  
2.4.3 (release)
$ darcs init                
$ echo foo > foo
$ darcs rec -la -m foo
Finished recording patch 'foo'
$ chmod a-w _darcs/index
$ darcs what
darcs: opening of '_darcs/index' failed: permission denied (Permission
denied)
$ 

whatsnew shouldn't need write access.
msg12606 (view) Author: kowey Date: 2010-09-24.08:40:25
I agree.  What do you think, Petr?

Would it be easy for Darcs to know when it can afford not to write the 
index?
msg20262 (view) Author: bf Date: 2018-08-25.17:28:52
I recently stumbled over this issue at work. The darcsweb cgi script
cannot display any diffs if the web server has no write access to the
repo. I managed to work around this by making darcsweb use a copy of the
darcs binary with the setuid bit set, but this has obvious disadvantages.

The least we should do is to fall back to not using the index in case we
have no write access.
msg20348 (view) Author: wferi Date: 2018-10-01.21:53:52
This manifests as a DarcsWeb CGI regression upgrading from Debian jessie
to stretch:

$ darcs diff --match "hash bc576ad6f30675cca83d1b75a75"

works fine without write access with Darcs 2.8.5, but fails with

darcs: _darcs/index: opening of '_darcs/index' failed: permission denied
(Permission denied)

under Darcs 2.12.4. Rather than flipping the setuid bit, I'm considering
building a darcs_ro binary, if I can identify the responsible source line...

Is the needs-reproduction status still valid? Reproduction should be
straightforward.
msg20350 (view) Author: bf Date: 2018-10-02.23:11:18
Thanks wferi, shifting the status accordingly.

I have pushed a partial fix that at least solves the whatsnew problem. (It is 
partial because e.g. 'darcs diff' still fails with an obscure error if _darcs 
is not writable.)

The patch is attached, incase you want to play with it. It will apply cleanly 
only to screened, I fear, because between 2.12 and today I have made lots of 
refactorings in Darcs.Repository.State where I applied the fix. You can try to 
backport it, the principle should (hopefully) become clear when you look at 
what the patch does.
msg20351 (view) Author: bf Date: 2018-10-02.23:12:02
... and here is the promised patch bundle.
Attachments
msg20353 (view) Author: bf Date: 2018-10-02.23:13:43
See also Patch1738.
msg20354 (view) Author: bf Date: 2018-10-02.23:34:45
In the long run we should change the index code and the API in such a 
way that we can use the index read-only. With the current index API 
this is not possible because in the index we store only a single mmap 
pointer for reading and writing. The change would involve duplicating 
the pointer, one for reading the other for writing.
msg20355 (view) Author: bf Date: 2018-10-02.23:38:57
Forgot to mention the role the API plays here: it is designed so that 
readIndex merely sets up the mmap and stores the pointer in the index 
object. We then have to call updateIndex to get a usable Tree IO 
object out of it. I have no idea why it was designed in that way but 
this API clearly does not allow read-only access.
msg20475 (view) Author: bf Date: 2018-11-16.18:45:13
Fixing diff on a read-only repo involves more than not using the index.
We also need to use a temporary location to store the trees in hashed
format. This is currently done in the usual place i.e.
_darcs/pristine.hashed. We need to make a temporary copy of this
directory and use that. I am working on a patch...
History
Date User Action Args
2010-09-23 11:43:14igloocreate
2010-09-24 08:40:27koweysetstatus: unknown -> needs-reproduction
priority: bug
nosy: + mornfall
messages: + msg12606
topic: + Hashed
assignedto: mornfall
2010-10-04 10:31:16koweysetassignedto: mornfall ->
title: whatsnew shouldn't need write access -> whatsnew shouldn't need write access (opening of '_darcs/index' failed)
2010-10-04 10:31:37koweylinkissue1963 superseder
2018-08-25 17:28:53bfsetmessages: + msg20262
2018-10-01 21:53:54wferisetnosy: + wferi
messages: + msg20348
2018-10-02 23:11:20bfsetstatus: needs-reproduction -> needs-diagnosis/design
messages: + msg20350
2018-10-02 23:12:04bfsetfiles: + resolve-issue1959_-catch-permission-errors-when-accessing-the-index.dpatch
messages: + msg20351
2018-10-02 23:13:44bfsetmessages: + msg20353
2018-10-02 23:34:47bfsetmessages: + msg20354
2018-10-02 23:38:59bfsetmessages: + msg20355
2018-11-16 18:45:14bfsetmessages: + msg20475