3 # update-all-config.pl - Update all out-of-date config
8 BEGIN {*VERSION = \'2.0'}
15 use lib
"__BASEDIR__";
23 $shbin = $Girocco::Config
::posix_sh_bin
;
24 defined($shbin) && $shbin ne "" or $shbin = "/bin/sh";
27 exit(&main
(@ARGV)||0);
29 my ($dryrun, $force, $quiet);
32 pod2usage
(-exitval
=> 2);
36 pod2usage
(-verbose
=> 2, -exitval
=> 0);
40 print basename
($0), " version ", $VERSION, "\n";
44 my ($dmode, $dperm, $drwxmode, $fmode, $fmodeoct, $fperm, $wall);
48 $drwxmode='ug+rwx,o+rx';
62 close(DATA
) if fileno(DATA
);
63 Getopt
::Long
::Configure
('bundling');
65 'help|h' => sub {do_help
},
66 'version|V' => sub {do_version
},
67 'dry-run|n' => \
$dryrun,
71 $dryrun and $quiet = 0;
73 -f jailed_file
("/etc/group") or
74 die "Girocco group file not found: " . jailed_file
("/etc/group") . "\n";
76 if (!defined($Girocco::Config
::owning_group
) || $Girocco::Config
::owning_group
eq "") {
77 die "\$Girocco::Config::owning_group unset, refusing to run without --force\n" unless $force;
85 warn "Mode 666 in effect\n" unless $quiet;
86 } elsif (($owning_group_id = scalar(getgrnam($Girocco::Config
::owning_group
))) !~ /^\d+$/) {
87 die "\$Girocco::Config::owning_group invalid ($Girocco::Config::owning_group), refusing to run\n";
90 my @allprojs = Girocco
::Project
::get_full_list
;
93 my $root = $Girocco::Config
::reporoot
;
94 $root or die "\$Girocco::Config::reporoot is invalid\n";
96 $root ne "" or $root = "/";
97 $root = realpath
($root);
99 my %projnames = map {($_ => 1)} @allprojs;
103 -d
$_ and $_ = realpath
($_);
106 if (!exists($projnames{$_})) {
107 warn "$_: unknown to Girocco (not in etc/group)\n"
114 @projects = sort {lc($a) cmp lc($b)} @allprojs;
118 foreach (@projects) {
119 my $projdir = "$root/$_.git";
121 warn "$_: does not exist -- skipping\n" unless $quiet;
124 if (!is_git_dir
($projdir)) {
125 warn "$_: is not a .git directory -- skipping\n" unless $quiet;
128 if (-e
"$projdir/.noconfig") {
129 warn "$_: found .noconfig -- skipping\n" unless $quiet;
132 if (!chdir($projdir)) {
133 warn "$_: chdir to project directory failed: $!\n" unless $quiet;
136 process_one_project
($_) or $bad = 1;
142 my (@mkdirs, @mkfiles);
143 my (@fixdpermsdirs, @fixdpermsrwx, @fixfpermsfiles, @fixfpermsdirs);
145 @mkdirs = qw(refs info hooks ctags htmlcache bundles reflogs objects objects/info);
146 @mkfiles = qw(config info/lastactivity);
147 @fixdpermsdirs = qw(. refs info ctags htmlcache bundles reflogs objects objects/info);
148 @fixdpermsrwx = qw(refs objects);
149 @fixfpermsfiles = qw(HEAD config description packed-refs README.html info/lastactivity
150 info/alternates info/http-alternates info/packs);
151 @fixfpermsdirs = qw(ctags);
154 my (@boolvars, @falsevars, @false0vars, @truevars);
156 @boolvars = qw(gitweb.statusupdates);
157 @falsevars = qw(core.ignorecase receive.denynonfastforwards);
158 @false0vars = qw(gc.auto receive.autogc);
159 @truevars = qw(receive.updateserverinfo repack.writebitmaps transfer.fsckobjects);
165 return defined($_[0]) ?
$_[0] : $_[1];
172 open $duperr, '>&2' or last;
173 my $errfd = POSIX
::open(File
::Spec
->devnull, &POSIX
::O_RDWR
);
174 defined($errfd) or close($duperr), $duperr = undef, last;
175 POSIX
::dup2
($errfd, 2) or close($duperr), $duperr = undef;
176 POSIX
::close($errfd);
179 my $ans = open $fd, '-|', "find", @_;
180 if ($noe && defined($duperr) && defined(fileno($duperr))) {
181 POSIX
::dup2
(fileno($duperr), 2);
184 $ans or die "find failed: $!\n";
188 sub openfind
{ return openfind_
(0, @_); }
189 sub openfindne
{ return openfind_
(1, @_); }
191 sub process_one_project
200 warn "$proj: bypassing project, exists but not directory: $_\n" unless $quiet;
201 $reallybad = $bad = 1;
204 do_mkdir
($proj, $_) or $bad = 1, last;
208 return 0 if $reallybad;
210 -d
$_ && check_dperm
($proj, $_) or $bad = 1 foreach (@fixdpermsdirs);
211 my $fp = openfindne
(@fixdpermsrwx, qw(-xdev -type d ( ! -path objects/?? -o -prune ) ! -perm
), "-$drwxmode", "-print");
214 change_dpermrwx
($proj, $_) or $bad = 1;
216 close($fp) or $bad = 1;
217 $fp = openfind
(qw(. -xdev -type d ( ! -path ./objects/?? -o -prune ) ! -perm
-a
+rx
-print));
220 change_dpermrx
($proj, $_) or $bad = 1;
222 close($fp) or $bad = 1;
227 warn "$proj: bypassing project, exists but not file: $_\n" unless $quiet;
228 $reallybad = $bad = 1;
232 my $result = "(dryrun)";
236 open($tf, '>', $_) && close ($tf) or $result = "FAILED", $bad = 1;
238 pmsg
($proj, "$_: created", $result) unless $quiet;
241 return 0 if $reallybad;
243 $dryrun || check_fperm
($proj, "config") or $bad = 1;
244 my $config = read_config_file_hash
("config", !$quiet);
245 if (!defined($config)) {
246 warn "$proj: could not read config file -- skipping\n" unless $quiet;
250 my $do_config = sub {
251 my ($item, $val) = @_;
252 my $oldval = defval
($config->{$item},"");
253 my $result = "(dryrun)";
256 system($Girocco::Config
::git_bin
, "config", "--file", "config", "--replace-all", $item, $val) == 0 or
257 $result = "FAILED", $bad = 1;
259 if (!exists($config->{$item})) {
260 pmsg
($proj, "config $item: created \"$val\"", $result) unless $quiet;
262 pmsg
($proj, "config $item: \"$oldval\" -> \"$val\"", $result) unless $quiet;
265 my $do_config_unset = sub {
266 my ($item, $msg) = @_;
267 defined($msg) or $msg = "";
268 $msg eq "" or $msg = " " . $msg;
269 my $oldval = defval
($config->{$item},"");
270 my $result = "(dryrun)";
273 system($Girocco::Config
::git_bin
, "config", "--file", "config", "--unset-all", $item) == 0 or
274 $result = "FAILED", $bad = 1;
276 pmsg
($proj, "config $item: removed$msg \"$oldval\"", $result) unless $quiet;
279 my $repovers = $config->{'core.repositoryformatversion'};
280 if (!defined($repovers)) {
282 } elsif ($repovers =~ /^[2345]$/) {
283 pmsg
($proj, "WARNING: unknown core.repositoryformatversion value left unchanged: \"$repovers\"");
284 } elsif ($repovers !~ /^[01]$/) {
285 pmsg
($proj, "WARNING: replacing invalid core.repositoryformatversion value: \"$repovers\"") unless $quiet;
288 &$do_config('core.repositoryformatversion', 0) if $repovers eq "";
289 my $cmplvl = defval
($config->{'core.compression'},"");
290 if ($cmplvl !~ /^-?\d+$/ || $cmplvl < -1 || $cmplvl > 9 || "" . (0 + $cmplvl) ne "" . $cmplvl) {
291 pmsg
($proj, "WARNING: replacing invalid core.compression value: \"$cmplvl\"") unless $cmplvl eq "" || $quiet;
293 } elsif ($cmplvl != 5) {
294 pmsg
($proj, "WARNING: suboptimal core.compression value left unchanged: \"$cmplvl\"") unless $quiet;
296 $cmplvl ne "" or &$do_config('core.compression', 5);
297 my $grpshr = defval
($config->{'core.sharedrepository'},"");
298 if ($grpshr eq "" || (valid_bool
($grpshr) && !git_bool
($grpshr))) {
299 &$do_config('core.sharedrepository', 1);
300 } elsif (!(valid_bool
($grpshr) && git_bool
($grpshr))) {
301 pmsg
($proj, "WARNING: odd core.sharedrepository value left unchanged: \"$grpshr\"");
303 if (git_bool
($config->{'core.bare'})) {
305 my $laru = $config->{'core.logallrefupdates'};
306 if (defined($laru)) {
307 if (valid_bool
($laru)) {
309 if (git_bool
($laru)) {
310 pmsg
($proj, "WARNING: core.logallrefupdates is true (left unchanged)") unless $quiet;
313 pmsg
($proj, "WARNING: replacing non-boolean core.logallrefupdates value") unless $quiet;
316 !$setlaru or &$do_config('core.logallrefupdates', 'false');
318 pmsg
($proj, "WARNING: core.bare is not true (left unchanged)") unless $quiet;
320 defval
($config->{'transfer.unpacklimit'},"") eq "1" or &$do_config('transfer.unpacklimit', 1);
321 lc(defval
($config->{'receive.denydeletecurrent'},"")) eq "warn" or &$do_config('receive.denydeletecurrent', 'warn');
323 !exists($config->{$_}) || valid_bool
(defval
($config->{$_},"")) or &$do_config_unset($_, "(not a boolean)");
324 } foreach (@boolvars);
326 (valid_bool
(defval
($config->{$_},"")) && !git_bool
($config->{$_})) or &$do_config($_, "false");
327 } foreach (@falsevars);
329 (valid_bool
(defval
($config->{$_},"")) && !git_bool
($config->{$_})) or &$do_config($_, 0);
330 } foreach (@false0vars);
332 (valid_bool
(defval
($config->{$_},"")) && git_bool
($config->{$_})) or &$do_config($_, "true");
333 } foreach (@truevars);
335 if (defined($Girocco::Config
::owning_group
) && $Girocco::Config
::owning_group
ne "") {
336 $fp = openfind
(qw(. -xdev ( -type d -o -type f ) ! -group
), $Girocco::Config
::owning_group
, "-print");
339 change_group
($proj, $_) or $bad = 1;
341 close($fp) or $bad = 1;
343 foreach (@fixfpermsfiles) {
346 warn "$proj: bypassing project, exists but not file: $_\n" unless $quiet;
347 $reallybad = $bad = 1;
350 check_fperm
($proj, $_) or $bad = 1;
353 return 0 if $reallybad;
355 $fp = openfindne
(@fixfpermsdirs, qw(-xdev -type f ! -perm), $fmodeoct, "-print");
358 check_fperm
($proj, $_) or $bad = 1;
360 close($fp) or $bad = 1;
361 $fp = openfind
(qw(. -xdev -type f ! -perm -a+r -print));
364 check_fpermr
($proj, $_) or $bad = 1;
366 close($fp) or $bad = 1;
367 $fp = openfind
(qw(. -xdev -type d ( -path ./hooks -o -path ./mob/hooks ) -prune
-o
-type f
-perm
+a
+x
-print));
370 check_fpermnox
($proj, $_) or $bad = 1;
372 close($fp) or $bad = 1;
374 my $bu = defval
($config->{'gitweb.baseurl'},"");
376 $bu eq "" or pmsg
($proj, "WARNING: .nofetch exists but gitweb.baseurl is not empty ($bu)") unless $quiet;
378 $bu ne "" or pmsg
($proj, "WARNING: gitweb.baseurl is empty and .nofetch does not exist") unless $quiet;
386 my ($proj, $subdir) = @_;
389 mkdir("$subdir") && -d
"$subdir" or $result = "FAILED";
391 $result = "(dryrun)";
393 pmsg
($proj, "$subdir/: created", $result);
394 return $result ne "FAILED";
398 my ($proj, $subdir) = @_;
399 my $oldmode = (stat($subdir))[2];
400 if (!defined($oldmode) || $oldmode eq "") {
401 warn "chmod: ($proj) $subdir: No such file or directory\n" unless $quiet;
404 my $newmode = ($oldmode & ~07777) | $dmode;
405 $newmode == $oldmode and return 1;
408 if (!chmod($newmode & 07777, $subdir)) {
410 warn "chmod: ($proj) $subdir: $!\n" unless $quiet;
413 $result = "(dryrun)";
415 pmsg
($proj, "$subdir/:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
416 return $result ne "FAILED";
419 sub change_dpermrwx
{
420 my ($proj, $subdir) = @_;
421 my $oldmode = (stat($subdir))[2];
422 if (!defined($oldmode) || $oldmode eq "") {
423 warn "chmod: ($proj) $subdir: No such file or directory\n" unless $quiet;
426 my $newmode = $oldmode | ($wall ?
0777 : 0775);
427 $newmode == $oldmode and return 1;
430 if (!chmod($newmode & 07777, $subdir)) {
432 warn "chmod: ($proj) $subdir: $!\n" unless $quiet;
435 $result = "(dryrun)";
437 pmsg
($proj, "$subdir/:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
438 return $result ne "FAILED";
442 my ($proj, $subdir) = @_;
444 my $oldmode = (stat($subdir))[2];
445 if (!defined($oldmode) || $oldmode eq "") {
446 warn "chmod: ($proj) $subdir: No such file or directory\n" unless $quiet;
449 my $newmode = $oldmode | 0555;
450 $newmode == $oldmode and return 1;
453 if (!chmod($newmode & 07777, $subdir)) {
455 warn "chmod: ($proj) $subdir: $!\n" unless $quiet;
458 $result = "(dryrun)";
460 pmsg
($proj, "$subdir/:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
461 return $result ne "FAILED";
465 my ($proj, $file) = @_;
466 my $oldmode = (stat($file))[2];
467 if (!defined($oldmode) || $oldmode eq "") {
468 warn "chmod: ($proj) $file: No such file or directory\n" unless $quiet;
471 my $newmode = ($oldmode & ~07777) | $fmode;
472 $newmode == $oldmode and return 1;
475 if (!chmod($newmode & 07777, $file)) {
477 warn "chmod: ($proj) $file: $!\n" unless $quiet;
480 $result = "(dryrun)";
482 pmsg
($proj, "$file:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
483 return $result ne "FAILED";
487 my ($proj, $file) = @_;
489 my $oldmode = (stat($file))[2];
490 if (!defined($oldmode) || $oldmode eq "") {
491 warn "chmod: ($proj) $file: No such file or directory\n" unless $quiet;
494 my $newmode = $oldmode | 0444;
495 $newmode == $oldmode and return 1;
498 if (!chmod($newmode & 07777, $file)) {
500 warn "chmod: ($proj) $file: $!\n" unless $quiet;
503 $result = "(dryrun)";
505 pmsg
($proj, "$file:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
506 return $result ne "FAILED";
510 my ($proj, $file) = @_;
512 my $oldmode = (stat($file))[2];
513 if (!defined($oldmode) || $oldmode eq "") {
514 warn "chmod: ($proj) $file: No such file or directory\n" unless $quiet;
517 my $newmode = $oldmode & ~0111;
518 $newmode == $oldmode and return 1;
521 if (!chmod($newmode & 07777, $file)) {
523 warn "chmod: ($proj) $file: $!\n" unless $quiet;
526 $result = "(dryrun)";
528 pmsg
($proj, "$file:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
529 return $result ne "FAILED";
533 my ($proj, $item) = @_;
535 my @info = stat($item);
536 if (@info < 6 || $info[2] eq "" || $info[4] eq "" || $info[5] eq "") {
537 warn "chgrp: ($proj) $item: No such file or directory\n" unless $quiet;
540 $info[5] == $owning_group_id and return 1;
543 if (!chown($info[4], $owning_group_id, $item)) {
545 warn "chgrp: ($proj) $item: $!\n" unless $quiet;
546 } elsif (!chmod($info[2] & 07777, $item)) {
548 warn "chmod: ($proj) $item: $!\n" unless $quiet;
551 $result = "(dryrun)";
553 my $isdir = ((($info[2] >> 12) & 017) == 004) ?
'/' : '';
554 pmsg
($proj, "$item$isdir: group", get_grp_nam
($info[5]), '->', $Girocco::Config
::owning_group
, $result);
555 return $result ne "FAILED";
558 my $wrote; BEGIN {$wrote = ""}
561 my $msg = join(" ", @_);
565 $prefix = $wrote . $proj . ":\n";
568 print $prefix, " ", join(' ', @_), "\n";
605 my $str = $ftypes{($mode >> 12) & 017} .
606 $fperms{($mode >> 6) & 7} .
607 $fperms{($mode >> 3) & 7} .
609 substr($str,3,1) = ($mode & 0100) ?
's' : 'S' if $mode & 04000;
610 substr($str,6,1) = ($mode & 0010) ?
's' : 'S' if $mode & 02000;
611 substr($str,9,1) = ($mode & 0001) ?
't' : 'T' if $mode & 01000;
616 my $mode = (stat($_[0]))[2];
617 defined($mode) or return '??????????';
618 return get_mode_perm
($mode);
623 defined($grpid) or return '?';
624 my $grpnm = scalar(getgrgid($grpid));
625 return defined($grpnm) && $grpnm ne "" ?
$grpnm : $grpid;
629 my $grp = (stat($_[0]))[5];
630 defined($grp) or return '?';
631 return get_grp_nam
($grp);
638 update-all-config.pl - Update all projects' config settings
642 update-all-config.pl [<options>] [<projname>]...
645 -h | --help detailed instructions
646 -V | --version show version
647 -n | --dry-run show what would be done but don't do it
648 -f | --force run without a Config.pm owning_group
649 -q | --quiet suppress change messages
651 <projname> if given, only operate on these projects
657 =item B<-h>, B<--help>
659 Print the full description of update-all-config.pl's options.
661 =item B<-V>, B<--version>
663 Print the version of update-all-config.pl.
665 =item B<-n>, B<--dry-run>
667 Do not actually make any changes, just show what would be done without
670 =item B<-q>, B<--quiet>
672 Suppress the messages about what's actually being changed. This option
673 is ignored if B<--dry-run> is in effect.
675 The warnings about missing and unknown-to-Girocco projects are also
676 suppressed by this option.
678 =item B<-f>, B<--force>
680 Allow running without a $Girocco::Config::owning_group set. This is not
681 recommended as it results in world-writable items being used (instead of
682 just world-readable).
686 If no project names are specified then I<all> projects are processed.
688 If one or more project names are specified then only those projects are
689 processed. Specifying non-existent projects produces a warning for them,
690 but the rest of the projects specified will still be processed.
692 Each B<projname> may be either a full absolute path starting with
693 $Girocco::Config::reporoot or just the project name part with or without
696 Any explicitly specified projects that do exist but are not known to
697 Girocco will be skipped (with a warning).
703 Inspect the C<config> files of Girocco projects (i.e. $GIT_DIR/config) and
704 look for anomalies and out-of-date settings.
706 Additionally check the existence and permissions on various files and
707 directories in the project.
709 If an explicity specified project is located under $Girocco::Config::reporoot
710 but is not actually known to Girocco (i.e. it's not in the etc/group file)
711 then it will be skipped.
713 By default, any anomalies or out-of-date settings will be corrected with a
714 message to that effect. However using B<--dry-run> will only show the
715 correction(s) which would be made without making them and B<--quiet> will make
716 the correction(s) without any messages.
718 Any projects that have a C<$GIT_DIR/.noconfig> file are always skipped (with a
719 message unless B<--quiet> is used).