Previously, g_file_copy() would (on Unix) create files with the
default mode of 644. For applications which might at user request
copy arbitrary private files such as ~/.ssh or /etc/shadow, a
world-readable copy would be temporarily exposed.
This patch is suboptimal in that it *only* fixes g_file_copy()
for the case where both source and destination are instances of
GLocalFile on Unix.
The reason for this is that the public GFile APIs for creating files
allow very limited control over the access permissions for the created
file; one can either say a file is "private" or not. Fixing
this by adding e.g. g_file_create_with_attributes() would make sense,
except this would entail 8 new API calls for all the variants of
_create(), _create_async(), _replace(), _replace_async(),
_create_readwrite(), _create_readwrite_async(), _replace_readwrite(),
_replace_readwrite_async(). That can be done as a separate patch
later.
https://bugzilla.gnome.org/show_bug.cgi?id=699959
Previously, we called g_file_query_info() *again* on the source at the
very end of the copy. This has the lame semantics that if the source
happened to be deleted, we would fail to apply attributes to the
destination. This could even be a security flaw.
This commit changes things so that we query info from the source
*stream* after opening - i.e. on Unix we use the proper fstat() and
friends. That way we operate more atomically.
https://bugzilla.gnome.org/show_bug.cgi?id=699959
In the *_async_thread() functions, call the corresponding synchronous
function instead of calling the interface vfunc, which can be NULL.
In some cases the check for the vfunc == NULL was done, but to be
consistent it is better to always call the synchronous version (and the
code is simpler).
https://bugzilla.gnome.org/show_bug.cgi?id=548353
We need to close the stream *before* applying the file modes, because
g_file_replace() allocates a temporary file. At the moment we're
applying the modes to the extant file, then immediately rename()ing
over it with the default perms.
This regressed with commit 166766a89f.
The real fix here is to have g_file_create_with_info() so that we can
atomically create a file with the permissions we want.
https://bugzilla.gnome.org/show_bug.cgi?id=696014
There are two benefits to this:
1) We can centralize any operating system specific knowledge of
close-vs-EINTR handling. For example, while on Linux we should never
retry, if someone cared enough later about HP-UX, they could come by
and change this one spot.
2) For places that do care about the return value and want to provide
the caller with a GError, this function makes it convenient to do so.
Note that gspawn.c had an incorrect EINTR loop-retry around close().
https://bugzilla.gnome.org/show_bug.cgi?id=682819
Ok, this function was just an awful mess before. Now the problem
domain is not trivial, and I won't claim this new code is *beautiful*,
but it should fix the bug at hand, and be somewhat less prone to
failure for the next person who tries to modify it. There's only one
unref call for each object now.
https://bugzilla.gnome.org/show_bug.cgi?id=692408
When an error occurs while reading the file input stream in
g_file_load_contents (e.g. because the operation was cancelled), the
code is correctly calling g_task_return_error(), but in the callback
from the close operation, g_task_return_boolean() will be called again.
Code that cleans up its state in the async callback will then be called
twice, leading to invalid memory access.
https://bugzilla.gnome.org/show_bug.cgi?id=692202
The attached patch adds support for the btrfs "clone" ioctl which
makes Copy-on-Write reflinks, resulting in cheap O(1) copies when
source/destination are on the same filesystem. The ioctl itself is
quite straightforward, and GNU coreutils has had support since 7.5
(--reflink=auto --sparse=auto).
The ioctl only operates on regular files and symlinks, and always
follows symlinks; checks have been added accordingly.
This patch would be very useful for everyone who uses btrfs
filesystems (Meego folks for instance). On systems that don't have
btrfs, or if the the source is not on a btrfs filesystem, the ioctl
returns EINVAL, and the fallback code is triggered. Hence this will
cause no problems for non-btrfs users.
https://bugzilla.gnome.org/show_bug.cgi?id=626497
Add a new GFileMonitorFlag: G_FILE_MONITOR_WATCH_HARD_LINKS. When set,
changes made to the file via another hard link will be detected.
Implement the new flag for the inotify backend.
https://bugzilla.gnome.org/show_bug.cgi?id=532815
Add a pair of new APIs: one to GFile to create a new file from a
commandline arg relative to a given cwd and one to
GApplicationCommandLine to create a GFile from an arg, relative to the
cwd of the invoking commandline.
https://bugzilla.gnome.org/show_bug.cgi?id=689037
Reimplement gioscheduler in terms of GTask, and deprecate the original
gioscheduler methods. Update docs to point people to GTask rather than
gioscheduler and GSimpleAsyncResult, but don't actually formally
deprecate GSimpleAsyncResult yet.
https://bugzilla.gnome.org/show_bug.cgi?id=661767
When creating a directory fails for some reason other than
the parent not existing, don't clear the error before we try
to propagate it.
To reproduce, run 'ostadmin init' on /ostree or otherwise try to
run the function on a directory with a parent directory where the
current user is not allowed to write.
https://bugzilla.gnome.org/show_bug.cgi?id=680823
This looks like it was stubbed out but not implemented; the vtable
entry dates to commit 3781343738 which
is just alex's initial merge of gio into glib.
I was working on some code that wants an asynchronous rm -rf
equivalent, and so yeah, this is desirable.
https://bugzilla.gnome.org/show_bug.cgi?id=680760
Finish deprecating the "handle GSimpleAsyncResult errors in the
wrapper function" idiom (and protect against future GSimpleAsyncResult
deprecation warnings) by adding a "legacy" GAsyncResult method
to do it in those classes/methods where it had been traditionally
done.
(This applies only to wrapper methods; in cases where an _async
vmethod explicitly uses GSimpleAsyncResult, its corresponding _finish
vmethod still uses g_simple_async_result_propagate_error.)
https://bugzilla.gnome.org/show_bug.cgi?id=667375https://bugzilla.gnome.org/show_bug.cgi?id=661767
Originally, the standard idiom with GSimpleAsyncResult was to handle
all errors in the _finish wrapper function, so that vmethods only had
to deal with successful results. But this means that chaining up to a
parent _finish vmethod won't work correctly. Fix this by also checking
for errors in all the relevant vmethods. (We have to redundantly check
in both the vmethod and the wrapper to preserve compatibility.)
https://bugzilla.gnome.org/show_bug.cgi?id=667375https://bugzilla.gnome.org/show_bug.cgi?id=661767
The "mainloop_barrier" in copy_async_thread() is unnecessary, since
the g_simple_async_result_complete_in_idle() will be queued after all
of the g_io_scheduler_job_send_to_mainloop_async()s, and sources with
the same priority will run in the order in which they were queued.
https://bugzilla.gnome.org/show_bug.cgi?id=661767
The logic here is pretty twisted, but basically we were leaking a ref
for each non-existent parent. The clearest way to fix this was to
move to more explicit refcounting logic; when a variable is pointing
to an object, it holds a ref.
https://bugzilla.gnome.org/show_bug.cgi?id=675446
g_file_set_attribute() also permits a NULL value for value_p, and requires it
to be NULL to unset it. Also fix the wrong variable name in the documentation.
Signed-off-by: Martin Pitt <martin.pitt@ubuntu.com>
g_file_make_directory_with_parents() will fail for already
existing directories, unlike g_mkdir_with_parents(), so mention
this clearly in the docs.
https://bugzilla.gnome.org/show_bug.cgi?id=660791