Set umask when runnning repository commands

[repo_shell.git] / repo_shell.c

diff --git a/repo_shell.c b/repo_shell.c
index bb61824b64f8c312349ad0c76695d05cf3368f83..e4918b30fb06ac458df7ff55b2596c0310437ff6 100644 (file)
--- a/repo_shell.c
+++ b/repo_shell.c
@@ -18,6 +18,8 @@
 #define SHELL "/bin/bash"
 #define GIT_ACL_FILE ".gitacls"
 
+enum { REPO_UMASK = 027 };
+
 typedef struct {
   char *user;
   char *svn_root;
@@ -94,6 +96,7 @@ static int do_git_cmd(const char *cmd, char *arg, char *user)
     die("bad command");
 
   change_user(cfg.owner);
+  umask(REPO_UMASK);
   if (!git_check_access(cmd, arg, user))
     die("insufficient ACL permissions");
 
@@ -116,6 +119,7 @@ static int do_svnserve_cmd(const char *cmd, char *arg, char *user)
   int ret;
 
   change_user(cfg.owner);
+  umask(REPO_UMASK);
   return execvp(svnserve_argv[0], (char *const *) svnserve_argv);
 }
 
@@ -179,6 +183,17 @@ int main(int argc, char **argv)
     die("opening /dev/null failed");
   close (devnull_fd);
 
+  if (argc == 2 && (!strcmp(argv[1], "-h") || !strcmp(argv[1], "--help"))) {
+    fprintf(stderr, "%s is a replacement login shell.\n"
+        "  May be ran from the command line with one of these options:\n"
+        "    -h|--help                 this text\n"
+        "    -v|--version              program version string\n"
+        "    -t|--test <user> <repo>   test access\n"
+        "    -d|--detail <user> <repo> test access, outputting more detail\n"
+        , argv[0]);
+    return 0;
+  }
+
   if (argc == 2 && (!strcmp(argv[1], "-v") || !strcmp(argv[1], "--version"))) {
     fprintf(stderr, "%s\n", version);
     return 0;
@@ -200,11 +215,11 @@ int main(int argc, char **argv)
     return 1;
   }
 
-  if ((!strcmp(argv[1], "-t") || !strcmp(argv[1], "--test"))) {
+  if ((!strcmp(argv[1], "-d") || !strcmp(argv[1], "--detail"))) {
     perms_t p;
 
     if (argc !=4)
-      die("usage: %s -t|--test <user> <repo>", argv[0]);
+      die("usage: %s -d|--detail <user> <repo>", argv[0]);
     p = git_acl(argv[2], argv[3], cfg.git_acl_file);
     fprintf(stderr,
         "user '%s' repo '%s' perms '%s'\n  via userid '%s' repoid '%s'\n",
@@ -213,6 +228,16 @@ int main(int argc, char **argv)
     return 0;
   }
 
+  if ((!strcmp(argv[1], "-t") || !strcmp(argv[1], "--test"))) {
+    perms_t p;
+
+    if (argc !=4)
+      die("usage: %s -t|--test <user> <repo>", argv[0]);
+    p = git_acl(argv[2], argv[3], cfg.git_acl_file);
+    printf("%s\n", git_acl_perms_as_str(p));
+    return 0;
+  }
+
   if (argc == 3) {
     /* argv[0] = repo_shell, argv[1] = -c, argv[2] = cmd
      * cmd = "svnserve -t" or "git-xxx '/path/to/repo.git'"