$root = $params['root'];
$repodir = $root . '/users/' . $user_name . '.git' ;
- system("su - $user_name -c 'chgrp $unix_group $repodir'");
+ chgrp($repodir, $unix_group);
if ($project->enableAnonSCM()) {
chmod ($repodir, 02755);
} else {
}
$main_repo = $root . '/' . $project_name . '.git' ;
- if (!is_file ("$main_repo/HEAD") && !is_dir("$main_repo/objects") && !is_dir("$main_repo/refs")) {
+ if (!is_dir($main_repo) || (!is_file("$main_repo/HEAD") &&
+ !is_dir("$main_repo/objects") && !is_dir("$main_repo/refs"))) {
$tmp_repo = util_mkdtemp('.git', $project_name);
if ($tmp_repo == false) {
return false;
system ("echo \"Git repository for $project_name\" > $tmp_repo/description") ;
system ("find $tmp_repo -type d | xargs chmod g+s") ;
system ("chgrp -R $unix_group $tmp_repo") ;
+ system ("chmod -R g+wX,o+rX-w $tmp_repo") ;
if ($project->enableAnonSCM()) {
system ("chmod g+wX,o+rX-w $root") ;
- system ("chmod -R g+wX,o+rX-w $tmp_repo") ;
} else {
system ("chmod g+wX,o-rwx $root") ;
- system ("chmod -R g+wX,o-rwx $tmp_repo") ;
+ system ("chmod g+wX,o-rwx $tmp_repo") ;
}
$ret = true;
+ /*
+ * $main_repo can already exist, for example if it’s
+ * not a directory or doesn’t contain a HEAD file or
+ * an objects or refs subdirectory… move it out of
+ * the way in these cases
+ */
+ system("if test -e $main_repo || test -h $main_repo; then d=\$(mktemp -d $main_repo.scmgit-moved.XXXXXXXXXX) && mv -f $main_repo \$d/; fi");
+ /* here’s still a TOCTOU but we check $ret below */
system("mv $tmp_repo $main_repo", $ret);
- if (!$ret) {
+ if ($ret != 0) {
return false;
}
}
}
}
- $uu = $usr_updates[$user] ? $usr_updates[$user] : 0 ;
- $ua = $usr_adds[$user] ? $usr_adds[$user] : 0 ;
+ $uu = isset ($usr_updates[$user]) ? $usr_updates[$user] : 0 ;
+ $ua = isset ($usr_adds[$user]) ? $usr_adds[$user] : 0 ;
if ($uu > 0 || $ua > 0) {
if (!db_query_params ('INSERT INTO stats_cvs_user (month,day,group_id,user_id,commits,adds) VALUES ($1,$2,$3,$4,$5,$6)',
array ($month_string,