mkdir: acl and permission inheritance with -p#11931
Open
j5awry wants to merge 2 commits intouutils:mainfrom
Open
mkdir: acl and permission inheritance with -p#11931j5awry wants to merge 2 commits intouutils:mainfrom
j5awry wants to merge 2 commits intouutils:mainfrom
Conversation
|
GNU testsuite comparison: |
Workflow for permission setting and ACLs failed in several scenarios, most notable when passing -p. Parent directories in the mkdir call would not appropriately set ACLs and could end up with more open permissions. Generally, there was a misunderstanding that GNU coreutils was setting umask (0) and that was the default -- the real flow was using a shaped umask that takes current umask and ensures that the user has the ability to execute mkdir commands through the tree. The umask (0) call was part of a read setup for the equivalent of our UmaskGuard. New workflow focuses on safe defaults, shaped umask, and allowing the Kernel to do to apply ACLs. Adds a test specifically to guard against regression, ensuring a more restrictive ACL is respected with mkdir -p
j5awry
force-pushed
the
mkdir-acl-inheritance-11036
branch
from
36827d3 to
c3bf7c8
Compare
rustix::fs::Mode::from_bits_truncated accepts u32 on Linux and u16 on MacOS. Casting to rustix::fs::RawMode makes the value compatible on either platform.
Merging this PR will improve performance by 31.27%
|
| Mode | Benchmark | BASE |
HEAD |
Efficiency | |
|---|---|---|---|---|---|
| ⚡ | Memory | cp_recursive_deep_tree[(120, 4)] |
699.2 KB | 532.7 KB | +31.27% |
Comparing j5awry:mkdir-acl-inheritance-11036 (da0bbac) with main (8cc048b)
Footnotes
-
46 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩
Author
|
as an integration test, i made a patch and applied it to 0.8.0-ubuntu3 (making 0.8.0-ubuntu4~ppa1) in a PPA. This is runnable on resolute (i used an lxc container with https://launchpad.net/~jchittum/+archive/ubuntu/rust-coreutils-lp2138215 I then ran the |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #11036
Workflow for permission setting and ACLs failed in several scenarios, most notable when passing -p. Parent directories in the mkdir call would not appropriately set ACLs and could end up with more open permissions. Generally, there was a misunderstanding that GNU coreutils was setting umask (0) and that was the default -- the real flow was using a shaped umask that takes current umask and ensures that the user has the ability to execute mkdir commands through the tree. The umask (0) call was part of a read setup for the equivalent of our UmaskGuard. New workflow focuses on safe defaults, shaped umask, and allowing the Kernel to do to apply ACLs. Adds a test specifically to guard against regression, ensuring a more restrictive ACL is respected with mkdir -p