3 # update-all-config.pl - Update all out-of-date config
8 BEGIN {*VERSION = \'2.0'}
15 use lib
"__BASEDIR__";
23 $shbin = $Girocco::Config
::posix_sh_bin
;
24 defined($shbin) && $shbin ne "" or $shbin = "/bin/sh";
27 exit(&main
(@ARGV)||0);
29 my ($dryrun, $force, $quiet);
32 pod2usage
(-exitval
=> 2);
36 pod2usage
(-verbose
=> 2, -exitval
=> 0);
40 print basename
($0), " version ", $VERSION, "\n";
44 my ($dmode, $dperm, $drwxmode, $fmode, $fmodeoct, $fperm, $wall);
48 $drwxmode='ug+rwx,o+rx';
56 my $htmlcache_owning_group_id;
57 my $ctags_owning_group_id;
64 close(DATA
) if fileno(DATA
);
65 Getopt
::Long
::Configure
('bundling');
67 'help|h' => sub {do_help
},
68 'version|V' => sub {do_version
},
69 'dry-run|n' => \
$dryrun,
73 $dryrun and $quiet = 0;
75 -f jailed_file
("/etc/group") or
76 die "Girocco group file not found: " . jailed_file
("/etc/group") . "\n";
78 if (!defined($Girocco::Config
::owning_group
) || $Girocco::Config
::owning_group
eq "") {
79 die "\$Girocco::Config::owning_group unset, refusing to run without --force\n" unless $force;
87 warn "Mode 666 in effect\n" unless $quiet;
88 } elsif (($owning_group_id = scalar(getgrnam($Girocco::Config
::owning_group
))) !~ /^\d+$/) {
89 die "\$Girocco::Config::owning_group invalid ($Girocco::Config::owning_group), refusing to run\n";
91 if (defined($owning_group_id) && $Girocco::Config
::htmlcache_owning_group
) {
92 die "\$Girocco::Config::htmlcache_owning_group invalid ($Girocco::Config::htmlcache_owning_group), refusing to run\n"
93 unless ($htmlcache_owning_group_id = scalar(getgrnam($Girocco::Config
::htmlcache_owning_group
))) =~ /^\d+$/;
95 if (defined($owning_group_id) && $Girocco::Config
::ctags_owning_group
) {
96 die "\$Girocco::Config::ctags_owning_group invalid ($Girocco::Config::ctags_owning_group), refusing to run\n"
97 unless ($ctags_owning_group_id = scalar(getgrnam($Girocco::Config
::ctags_owning_group
))) =~ /^\d+$/;
100 my @allprojs = Girocco
::Project
::get_full_list
;
103 my $root = $Girocco::Config
::reporoot
;
104 $root or die "\$Girocco::Config::reporoot is invalid\n";
106 $root ne "" or $root = "/";
107 $root = realpath
($root);
109 my %projnames = map {($_ => 1)} @allprojs;
113 -d
$_ and $_ = realpath
($_);
116 if (!exists($projnames{$_})) {
117 warn "$_: unknown to Girocco (not in etc/group)\n"
124 @projects = sort {lc($a) cmp lc($b)} @allprojs;
129 foreach (@projects) {
130 my $projdir = "$root/$_.git";
132 warn "$_: does not exist -- skipping\n" unless $quiet;
135 if (!is_git_dir
($projdir)) {
136 warn "$_: is not a .git directory -- skipping\n" unless $quiet;
139 if (-e
"$projdir/.noconfig") {
140 warn "$_: found .noconfig -- skipping\n" unless $quiet;
143 if (!chdir($projdir)) {
144 warn "$_: chdir to project directory failed: $!\n" unless $quiet;
147 process_one_project
($_) or $bad = 1;
153 my (@mkdirs, @mkfiles);
154 my (@fixdpermsdirs, @fixdpermsrwx, @fixfpermsfiles, @fixfpermsdirs);
156 @mkdirs = qw(refs info hooks ctags htmlcache bundles reflogs objects objects/info);
157 @mkfiles = qw(config info/lastactivity);
158 @fixdpermsdirs = qw(. refs info ctags htmlcache bundles reflogs objects objects/info);
159 @fixdpermsrwx = qw(refs objects);
160 @fixfpermsfiles = qw(HEAD config description packed-refs README.html info/lastactivity
161 info/alternates info/http-alternates info/packs);
162 @fixfpermsdirs = qw(ctags);
165 my (@boolvars, @falsevars, @false0vars, @truevars);
167 @boolvars = qw(gitweb.statusupdates);
168 @falsevars = qw(core.ignorecase receive.denynonfastforwards);
169 @false0vars = qw(gc.auto receive.autogc);
170 @truevars = qw(receive.updateserverinfo repack.writebitmaps transfer.fsckobjects);
176 return defined($_[0]) ?
$_[0] : $_[1];
183 open $duperr, '>&2' or last;
184 my $errfd = POSIX
::open(File
::Spec
->devnull, &POSIX
::O_RDWR
);
185 defined($errfd) or close($duperr), $duperr = undef, last;
186 POSIX
::dup2
($errfd, 2) or close($duperr), $duperr = undef;
187 POSIX
::close($errfd);
190 my $ans = open $fd, '-|', "find", @_;
191 if ($noe && defined($duperr) && defined(fileno($duperr))) {
192 POSIX
::dup2
(fileno($duperr), 2);
195 $ans or die "find failed: $!\n";
199 sub openfind
{ return openfind_
(0, @_); }
200 sub openfindne
{ return openfind_
(1, @_); }
206 my ($i,$r) = (index($_,"."),rindex($_,"."));
207 substr($_,$i+1,$r-$i-1);
208 } grep(/^remote\.[^.].*\.url$/i, keys(%$config)));
211 sub has_default_fetch_spec
214 my $default = $config->{'remotes.default'};
215 my @remotes = defined($default) ?
split(' ', $default) : all_remotes
($config);
217 defval
($config->{"remote.$_.url"},"") ne "" or next;
218 !defined($default) && git_bool
($config->{"remote.$_.skipdefaultupdate"}) and next;
219 defval
($config->{"remote.$_.fetch"},"") ne "" and return 1;
224 sub is_native_git_mirror_url
227 defined($bu) && $bu ne "" or return 0;
228 # All current or former natively supported by Git URLs return true:
229 # 1. rsync: (removed in 2.8.0, also recognize rsync+ and rsync::)
230 # 2. ftp:/ftps: (strongly discouraged)
232 # 4. http:/https: (smart and non-smart)
234 # 6. scp-like ssh syntax [user@]host:[^:/]
241 (?
:[^\s
:\@
]+\@
)?
[^\s
:\@
+]+:(?
!\
/\/)[^\s
:\\]
245 sub process_one_project
254 warn "$proj: bypassing project, exists but not directory: $_\n" unless $quiet;
255 $reallybad = $bad = 1;
258 my $grpid = $owning_group_id;
259 $grpid = $htmlcache_owning_group_id
260 if $htmlcache_owning_group_id && $_ eq "htmlcache";
261 $grpid = $ctags_owning_group_id
262 if $ctags_owning_group_id && $_ eq "ctags";
263 do_mkdir
($proj, $_, $grpid) or $bad = 1, last;
267 return 0 if $reallybad;
269 -d
$_ && check_dperm
($proj, $_) or $bad = 1 foreach (@fixdpermsdirs);
270 my $fp = openfindne
(@fixdpermsrwx, qw(-xdev -type d ( ! -path objects/?? -o -prune ) ! -perm
), "-$drwxmode", "-print");
273 change_dpermrwx
($proj, $_) or $bad = 1;
275 close($fp) or $bad = 1;
276 $fp = openfind
(qw(. -xdev -type d ( ! -path ./objects/?? -o -prune ) ! -perm
-a
+rx
-print));
279 change_dpermrx
($proj, $_) or $bad = 1;
281 close($fp) or $bad = 1;
286 warn "$proj: bypassing project, exists but not file: $_\n" unless $quiet;
287 $reallybad = $bad = 1;
291 my $result = "(dryrun)";
295 open($tf, '>', $_) && close ($tf) or $result = "FAILED", $bad = 1;
297 pmsg
($proj, "$_: created", $result) unless $quiet;
300 return 0 if $reallybad;
302 $dryrun || check_fperm
($proj, "config") or $bad = 1;
303 my $config = read_config_file_hash
("config", !$quiet);
304 if (!defined($config)) {
305 warn "$proj: could not read config file -- skipping\n" unless $quiet;
309 my $do_config = sub {
310 my ($item, $val) = @_;
311 my $oldval = defval
($config->{$item},"");
312 my $result = "(dryrun)";
315 system($Girocco::Config
::git_bin
, "config", "--file", "config", "--replace-all", $item, $val) == 0 or
316 $result = "FAILED", $bad = 1;
318 if (!exists($config->{$item})) {
319 pmsg
($proj, "config $item: created \"$val\"", $result) unless $quiet;
321 pmsg
($proj, "config $item: \"$oldval\" -> \"$val\"", $result) unless $quiet;
324 my $do_config_unset = sub {
325 my ($item, $msg) = @_;
326 defined($msg) or $msg = "";
327 $msg eq "" or $msg = " " . $msg;
328 my $oldval = defval
($config->{$item},"");
329 my $result = "(dryrun)";
332 system($Girocco::Config
::git_bin
, "config", "--file", "config", "--unset-all", $item) == 0 or
333 $result = "FAILED", $bad = 1;
335 pmsg
($proj, "config $item: removed$msg \"$oldval\"", $result) unless $quiet;
338 my $repovers = $config->{'core.repositoryformatversion'};
339 if (!defined($repovers)) {
341 } elsif ($repovers =~ /^[2345]$/) {
342 pmsg
($proj, "WARNING: unknown core.repositoryformatversion value left unchanged: \"$repovers\"");
343 } elsif ($repovers !~ /^[01]$/) {
344 pmsg
($proj, "WARNING: replacing invalid core.repositoryformatversion value: \"$repovers\"") unless $quiet;
347 &$do_config('core.repositoryformatversion', 0) if $repovers eq "";
348 my $hookspath = $Girocco::Config
::reporoot
. "/_global/hooks";
349 defval
($config->{'core.hookspath'},"") eq $hookspath or &$do_config('core.hookspath', $hookspath);
350 my $cmplvl = defval
($config->{'core.compression'},"");
351 if ($cmplvl !~ /^-?\d+$/ || $cmplvl < -1 || $cmplvl > 9 || "" . (0 + $cmplvl) ne "" . $cmplvl) {
352 pmsg
($proj, "WARNING: replacing invalid core.compression value: \"$cmplvl\"") unless $cmplvl eq "" || $quiet;
354 } elsif ($cmplvl != 5) {
355 pmsg
($proj, "WARNING: suboptimal core.compression value left unchanged: \"$cmplvl\"") unless $quiet;
357 $cmplvl ne "" or &$do_config('core.compression', 5);
358 my $grpshr = defval
($config->{'core.sharedrepository'},"");
359 if ($grpshr eq "" || (valid_bool
($grpshr) && !git_bool
($grpshr))) {
360 &$do_config('core.sharedrepository', 1);
361 } elsif (!(valid_bool
($grpshr) && git_bool
($grpshr))) {
362 pmsg
($proj, "WARNING: odd core.sharedrepository value left unchanged: \"$grpshr\"");
364 if (git_bool
($config->{'core.bare'})) {
366 my $laru = $config->{'core.logallrefupdates'};
367 if (defined($laru)) {
368 if (valid_bool
($laru)) {
370 if (git_bool
($laru)) {
371 pmsg
($proj, "WARNING: core.logallrefupdates is true (left unchanged)") unless $quiet;
374 pmsg
($proj, "WARNING: replacing non-boolean core.logallrefupdates value") unless $quiet;
377 !$setlaru or &$do_config('core.logallrefupdates', 'false');
379 pmsg
($proj, "WARNING: core.bare is not true (left unchanged)") unless $quiet;
381 my $precious = defval
($config->{'extensions.preciousobjects'},"");
382 valid_bool
($precious) && git_bool
($precious) or &$do_config('extensions.preciousobjects', 'true');
383 defval
($config->{'transfer.unpacklimit'},"") eq "1" or &$do_config('transfer.unpacklimit', 1);
384 lc(defval
($config->{'receive.denydeletecurrent'},"")) eq "warn" or &$do_config('receive.denydeletecurrent', 'warn');
386 !exists($config->{$_}) || valid_bool
(defval
($config->{$_},"")) or &$do_config_unset($_, "(not a boolean)");
387 } foreach (@boolvars);
389 (valid_bool
(defval
($config->{$_},"")) && !git_bool
($config->{$_})) or &$do_config($_, "false");
390 } foreach (@falsevars);
392 (valid_bool
(defval
($config->{$_},"")) && !git_bool
($config->{$_})) or &$do_config($_, 0);
393 } foreach (@false0vars);
395 (valid_bool
(defval
($config->{$_},"")) && git_bool
($config->{$_})) or &$do_config($_, "true");
396 } foreach (@truevars);
398 if (defined($Girocco::Config
::owning_group
) && $Girocco::Config
::owning_group
ne "") {
399 $fp = openfind
(qw(. -xdev ( -type d -o -type f ) ! -group
), $Girocco::Config
::owning_group
, "-print");
402 my $grpid = $owning_group_id;
403 $grpid = $htmlcache_owning_group_id if $htmlcache_owning_group_id && m{^\./htmlcache(?:/|$)}i;
404 $grpid = $ctags_owning_group_id if $ctags_owning_group_id && m{^\./ctags(?:/|$)}i;
405 change_group
($proj, $_, $grpid) or $bad = 1;
407 close($fp) or $bad = 1;
409 foreach (@fixfpermsfiles) {
412 warn "$proj: bypassing project, exists but not file: $_\n" unless $quiet;
413 $reallybad = $bad = 1;
416 check_fperm
($proj, $_) or $bad = 1;
419 return 0 if $reallybad;
421 $fp = openfindne
(@fixfpermsdirs, qw(-xdev -type f ! -perm), $fmodeoct, "-print");
424 check_fperm
($proj, $_) or $bad = 1;
426 close($fp) or $bad = 1;
427 $fp = openfind
(qw(. -xdev -type f ! -perm -a+r -print));
430 check_fpermr
($proj, $_) or $bad = 1;
432 close($fp) or $bad = 1;
433 $fp = openfind
(qw(. -xdev -type d ( -path ./hooks -o -path ./mob/hooks ) -prune
-o
-type f
-perm
+a
+x
-print));
436 check_fpermnox
($proj, $_) or $bad = 1;
438 close($fp) or $bad = 1;
440 my $bu = defval
($config->{'gitweb.baseurl'},"");
442 $bu eq "" or pmsg
($proj, "WARNING: .nofetch exists but gitweb.baseurl is not empty ($bu)") unless $quiet;
445 if (has_default_fetch_spec
($config)) {
446 pmsg
($proj, "WARNING: gitweb.baseurl is empty and .nofetch does not exist but fetch spec does") unless $quiet;
448 pmsg
($proj, "WARNING: gitweb.baseurl is empty and .nofetch does not exist") unless $quiet;
450 } elsif (is_native_git_mirror_url
($bu) && !has_default_fetch_spec
($config)) {
451 pmsg
($proj, "WARNING: gitweb.baseurl is not empty but fetch spec is") unless $quiet;
460 my ($proj, $subdir, $grpid) = @_;
463 mkdir($subdir) && -d
"$subdir" or $result = "FAILED";
464 if ($grpid && $grpid != $owning_group_id) {
465 my @info = stat($subdir);
466 if (@info < 6 || $info[2] eq "" || $info[4] eq "" || $info[5] eq "") {
468 } elsif ($info[5] != $grpid) {
469 if (!chown($info[4], $grpid, $subdir)) {
471 warn "chgrp: ($proj) $subdir: $!\n" unless $quiet;
472 } elsif (!chmod($info[2] & 07777, $subdir)) {
474 warn "chmod: ($proj) $subdir: $!\n" unless $quiet;
479 $result = "(dryrun)";
481 pmsg
($proj, "$subdir/: created", $result);
482 return $result ne "FAILED";
486 my ($proj, $subdir) = @_;
487 my $oldmode = (stat($subdir))[2];
488 if (!defined($oldmode) || $oldmode eq "") {
489 warn "chmod: ($proj) $subdir: No such file or directory\n" unless $quiet;
492 my $newmode = ($oldmode & ~07777) | $dmode;
493 $newmode == $oldmode and return 1;
496 if (!chmod($newmode & 07777, $subdir)) {
498 warn "chmod: ($proj) $subdir: $!\n" unless $quiet;
501 $result = "(dryrun)";
503 pmsg
($proj, "$subdir/:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
504 return $result ne "FAILED";
507 sub change_dpermrwx
{
508 my ($proj, $subdir) = @_;
509 my $oldmode = (stat($subdir))[2];
510 if (!defined($oldmode) || $oldmode eq "") {
511 warn "chmod: ($proj) $subdir: No such file or directory\n" unless $quiet;
514 my $newmode = $oldmode | ($wall ?
0777 : 0775);
515 $newmode == $oldmode and return 1;
518 if (!chmod($newmode & 07777, $subdir)) {
520 warn "chmod: ($proj) $subdir: $!\n" unless $quiet;
523 $result = "(dryrun)";
525 pmsg
($proj, "$subdir/:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
526 return $result ne "FAILED";
530 my ($proj, $subdir) = @_;
532 my $oldmode = (stat($subdir))[2];
533 if (!defined($oldmode) || $oldmode eq "") {
534 warn "chmod: ($proj) $subdir: No such file or directory\n" unless $quiet;
537 my $newmode = $oldmode | 0555;
538 $newmode == $oldmode and return 1;
541 if (!chmod($newmode & 07777, $subdir)) {
543 warn "chmod: ($proj) $subdir: $!\n" unless $quiet;
546 $result = "(dryrun)";
548 pmsg
($proj, "$subdir/:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
549 return $result ne "FAILED";
553 my ($proj, $file) = @_;
554 my $oldmode = (stat($file))[2];
555 if (!defined($oldmode) || $oldmode eq "") {
556 warn "chmod: ($proj) $file: No such file or directory\n" unless $quiet;
559 my $newmode = ($oldmode & ~07777) | $fmode;
560 $newmode == $oldmode and return 1;
563 if (!chmod($newmode & 07777, $file)) {
565 warn "chmod: ($proj) $file: $!\n" unless $quiet;
568 $result = "(dryrun)";
570 pmsg
($proj, "$file:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
571 return $result ne "FAILED";
575 my ($proj, $file) = @_;
577 my $oldmode = (stat($file))[2];
578 if (!defined($oldmode) || $oldmode eq "") {
579 warn "chmod: ($proj) $file: No such file or directory\n" unless $quiet;
582 my $newmode = $oldmode | 0444;
583 $newmode == $oldmode and return 1;
586 if (!chmod($newmode & 07777, $file)) {
588 warn "chmod: ($proj) $file: $!\n" unless $quiet;
591 $result = "(dryrun)";
593 pmsg
($proj, "$file:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
594 return $result ne "FAILED";
598 my ($proj, $file) = @_;
600 my $oldmode = (stat($file))[2];
601 if (!defined($oldmode) || $oldmode eq "") {
602 warn "chmod: ($proj) $file: No such file or directory\n" unless $quiet;
605 my $newmode = $oldmode & ~0111;
606 $newmode == $oldmode and return 1;
609 if (!chmod($newmode & 07777, $file)) {
611 warn "chmod: ($proj) $file: $!\n" unless $quiet;
614 $result = "(dryrun)";
616 pmsg
($proj, "$file:", get_mode_perm
($oldmode), '->', get_mode_perm
($newmode), $result);
617 return $result ne "FAILED";
621 my ($proj, $item, $grpid) = @_;
623 my @info = stat($item);
624 if (@info < 6 || $info[2] eq "" || $info[4] eq "" || $info[5] eq "") {
625 warn "chgrp: ($proj) $item: No such file or directory\n" unless $quiet;
628 $info[5] == $grpid and return 1;
631 if (!chown($info[4], $grpid, $item)) {
633 warn "chgrp: ($proj) $item: $!\n" unless $quiet;
634 } elsif (!chmod($info[2] & 07777, $item)) {
636 warn "chmod: ($proj) $item: $!\n" unless $quiet;
639 $result = "(dryrun)";
641 my $isdir = ((($info[2] >> 12) & 017) == 004) ?
'/' : '';
642 pmsg
($proj, "$item$isdir: group", get_grp_nam
($info[5]), '->', get_grp_nam
($grpid), $result);
643 return $result ne "FAILED";
646 my $wrote; BEGIN {$wrote = ""}
649 my $msg = join(" ", @_);
653 $prefix = $wrote . $proj . ":\n";
656 print $prefix, " ", join(' ', @_), "\n";
693 my $str = $ftypes{($mode >> 12) & 017} .
694 $fperms{($mode >> 6) & 7} .
695 $fperms{($mode >> 3) & 7} .
697 substr($str,3,1) = ($mode & 0100) ?
's' : 'S' if $mode & 04000;
698 substr($str,6,1) = ($mode & 0010) ?
's' : 'S' if $mode & 02000;
699 substr($str,9,1) = ($mode & 0001) ?
't' : 'T' if $mode & 01000;
704 my $mode = (stat($_[0]))[2];
705 defined($mode) or return '??????????';
706 return get_mode_perm
($mode);
711 defined($grpid) or return '?';
712 my $grpnm = scalar(getgrgid($grpid));
713 return defined($grpnm) && $grpnm ne "" ?
$grpnm : $grpid;
717 my $grp = (stat($_[0]))[5];
718 defined($grp) or return '?';
719 return get_grp_nam
($grp);
726 update-all-config.pl - Update all projects' config settings
730 update-all-config.pl [<options>] [<projname>]...
733 -h | --help detailed instructions
734 -V | --version show version
735 -n | --dry-run show what would be done but don't do it
736 -f | --force run without a Config.pm owning_group
737 -q | --quiet suppress change messages
739 <projname> if given, only operate on these projects
745 =item B<-h>, B<--help>
747 Print the full description of update-all-config.pl's options.
749 =item B<-V>, B<--version>
751 Print the version of update-all-config.pl.
753 =item B<-n>, B<--dry-run>
755 Do not actually make any changes, just show what would be done without
758 =item B<-q>, B<--quiet>
760 Suppress the messages about what's actually being changed. This option
761 is ignored if B<--dry-run> is in effect.
763 The warnings about missing and unknown-to-Girocco projects are also
764 suppressed by this option.
766 =item B<-f>, B<--force>
768 Allow running without a $Girocco::Config::owning_group set. This is not
769 recommended as it results in world-writable items being used (instead of
770 just world-readable).
774 If no project names are specified then I<all> projects are processed.
776 If one or more project names are specified then only those projects are
777 processed. Specifying non-existent projects produces a warning for them,
778 but the rest of the projects specified will still be processed.
780 Each B<projname> may be either a full absolute path starting with
781 $Girocco::Config::reporoot or just the project name part with or without
784 Any explicitly specified projects that do exist but are not known to
785 Girocco will be skipped (with a warning).
791 Inspect the C<config> files of Girocco projects (i.e. $GIT_DIR/config) and
792 look for anomalies and out-of-date settings.
794 Additionally check the existence and permissions on various files and
795 directories in the project.
797 If an explicity specified project is located under $Girocco::Config::reporoot
798 but is not actually known to Girocco (i.e. it's not in the etc/group file)
799 then it will be skipped.
801 By default, any anomalies or out-of-date settings will be corrected with a
802 message to that effect. However using B<--dry-run> will only show the
803 correction(s) which would be made without making them and B<--quiet> will make
804 the correction(s) without any messages.
806 Any projects that have a C<$GIT_DIR/.noconfig> file are always skipped (with a
807 message unless B<--quiet> is used).