git and acl effective mask

I have run into this funky problem with ACL and git at work, and I cannot for the life of me figure it out. I’m not sure if it’s a bug, wrong expectation on my part, or just plain ole user error.

I have a directory that is setting the default ACL permissions. Those are being inherited just fine by children (files and directories), including the effective mask. However, when I clone a new repository using git, the default effective mask is ignored. And I can’t figure out why.

Specifically, here’s what I’m looking at.

Setting the permissions:

# mkdir testing
# setfacl -m g:users:rwx testing
# setfacl -m d:g:users:rwx testing
# setfacl -m m:rwx testing
# setfacl -m d:m:rwx testing

The ACL permissions:

$ getfacl testing
# file: testing
# owner: root
# group: root
user::rwx
group::r-x
group:users:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::r-x
default:group:users:rwx
default:mask::rwx
default:other::r-x

You can see that the default effective masks are properly set.

When I create a sub-directory, it’s ACL settings are inherited properly as well:


$ mkdir dir
$ getfacl dir
# file: dir
# owner: steve
# group: users
user::rwx
group::r-x
group:users:rwx
mask::rwx
other::r-x
default:user::rwx
default:group::r-x
default:group:users:rwx
default:mask::rwx
default:other::r-x

That works great and dandy and fine.

The problem I run into is when I use git to clone a repo:


$ git clone git@example.com:shell/shell.git
$ getfacl shell
# file: shell
# owner: steve
# group: users
user::rwx
group::r-x
group:users:rwx #effective:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:users:rwx
default:mask::rwx
default:other::r-x

The effective mask and the default effective mask have dropped from the default (rwx) to something else (r-x), and I have *no* idea why.

Hopefully someone out there may have a clue. I’m stumped.

Advertisements

wrapper script for disc_id

I wrote a little wrapper script for disc_id tonight, available here. disc_id is a little binary that ships with libdvdread, or at least, it used to in older versions.

I use disc_id to give me a unique 32-character string of a DVD, so I have an identifier to track them by in my database of DVDs.

I don’t know if it’s just me or not, but my DVD drives have issues trying to poll the devices. Once I insert a disc, it will take a few seconds for it to register completely so I can access it. However, binaries that access it will think it’s ready to respond sooner than it is able, and will die unexpectedly. So what I needed was a way to get the disc id and not worry about whether or not the drive has finished registering or not.

I just call my little script dvd_id and it is simply a small wrapper that checks the exit code of the disc_id binary. If it doesn’t work the first time, it sleeps for one second and tries again, then repeats the process until it gets a successful exit code of zero.

That’s it. Pretty simple, but like all little scripts, you really tend to depend on them.
#!/bin/bash
EXIT_CODE=1
DEVICE=$1
if [[ -z $DEVICE ]]; then
DEVICE=/dev/dvd
fi

if [[ ! -b $DEVICE ]]; then
echo "Device $DEVICE doesn't exist" >&2
exit 1
fi

while [[ $EXIT_CODE != 0 ]]; do
/usr/local/bin/disc_id $DEVICE 2> /dev/null
EXIT_CODE=$?

if [[ $EXIT_CODE != 0 ]]; then
sleep 1
fi
done

web media frontend

I have always wanted to tweak my HTPC frontend quite a lot to add extra functionality, but the entry barrier to learning a GUI language has been way too high for me.  I’ve had success though, in patching MythFrontend to do some things a little better for me, but I’ve always wanted to get my own going if I could.

Recently, I was thinking about how LIRC can capture IR events and map them to X keyboard events.  Basically, you can control X applications with your remote control.  I started to reason that if that were possible, then I could just use my web development skills and create a webpage frontend for my HTPC that would run on a lightweight browser, and listen for keystrokes.

Just playing around with it tonight, I actually made some really great progress thanks to a combination of a good friend, my humble jQuery beginnings, and my laughable CSS skills.  This is the result so far. :)

I’m really stoked about the implementation so far.  You’ll most likely need Firefox to get that working properly.  It will capture the arrow key presses (up, down, left, right) and use that for navigation.  I realize that the beginnings are rather crude, but the fact that I could throw this together, so quickly, while I’m just barely learning my way around jQuery seems pretty impressive to me.  I’m actually quite proud, though, that I got the navigation to work properly, too, so wrapping around rows and columns works. :)

This is certainly going to be a fun project to hack on.  If I could get this working, this would open up all kinds of possibilities for me for displaying metadata and new options for navigation.

For comparison, here’s a screenshot of what my frontend looks like right now.  As you can see, I’m trying to imitate the style as closely as possible.

There’s a lot of advantages to having it web-based — not that I’m going to serve up anything remotely or anything, this is solely for my LAN.  It’ll just allow me to build out stuff much faster.

The hard part is going to be doing testing on the frontends.  They are both running off of tiny installations, and it’s not easy building and porting software to run on them.  Sounds like a challenge that’s extremely hard, going to take a lot of time, and will have marginal benefit and at the same time increase my workload and opportunity to own more of my software stack when things go wrong.  That’s just right up my alley. :)

znurt and planet larry expected downtime

O hai.

Both Znurt and Planet Larry are going to be going offline here … pretty soon for a day or so.  I’m moving hosts again, and should have things back up shortly.  I’m hoping I can get it all taken care of this weekend.

Update: I should add, it’s by the grace of good friends that are stepping in to help me take care of these sites that I can keep it afloat even now.  Thanks. :)

Ideally, I’d like to be able to host the stuff myself, but my only option at the moment, being the cash-strapped foob that I am, is to host stuff at home on my Comcast connection.  I don’t mind hosting projects with other people who are generous, but I’d prefer to take care of maintenance myself as I know that my stuff can be tricky to take care of, and I tend to have somewhat eccentric needs when it comes to hosting.  In short, I feel like a burden, and would feel better if I could manage things myself while still letting someone else donate some resources to a good cause.

If anyone in the Salt Lake area knows of someone who has some free space on their rack, I already have a 1U rackmount server (given to me by another awesome friend) that I could slide in and take care of myself.  I just need hosting taken care of.  I would offer to pay for it, but I can’t even afford any awesome deals at the moment, sadly.  If anyone’s interested in hosting a few non-profit community sites for me, lemme know.  Drop me an e-mail and I can send you specifics on how much traffic per month.

It’s a long shot, I know, but maybe someone will help out. :)

handbrake ebuild

My life has been uncharacteristically busy lately, which is a really new experience for me, because I usually have so much free time that I don’t know what to do with myself.  Anyway.  As a result of lack of time, it’s been interesting to see how I deal with the crunches when there’s stuff I want to work on.  So far though, my adaptation has been nothing more than watching tasks I want to do be ignored for weeks on end.

So, in an attempt to get one task of many moved forward, I’m just going to do a brain dump of my thoughts into a blog post and hope that someone can take it running from here.

To start with, I totally love the video encoding tool Handbrake.  It is an aboslute godsend, one that makes it possible for me to actually encode all my DVDs to MPEG4 using x264, and have me happy on every count.  (If I’ve talked about this already before … oh well.  I can’t remember these things anymore.)

There’s a lot of reasons for it’s awesomeness, but I’ll write those up in a later post.  The simplest summary is probably to say that it passed the Star Trek test with flying colors — which was always assumed to be an impossible task.  So, saying I’m happy is putting it mildly.  It’d be more accurate to say I feel like a schoolgirl on crack who is dancing on the rain.  Or something.

Anyway.  I’d like to roll an ebuild for it and get it into portage, if possible, but because of the build system, there’d be some things that need to change first.

The build system used in Handbrake downloads sources from their website and unpacks them during the building stage.  While that’s fine if you’re building it yourself, and if you wanted to roll your own ebuild (which, in fact, there are some already in our multimedia overlay), it wouldn’t be good from a QA stand for Gentoo.

So, what needs to be done (this is where I start whining about how busy I am, and how this is your job to fill in the gap) is the Makefile needs to be modified so it won’t download and unpack the remote sources.  It can still access them, but it needs to be up to the ebuild to do those in its own stages — like moving the tarballs into SRC_URI and using src_unpack to unpack them.

I haven’t looked closely at the build system, but I imagine it wouldn’t be too difficult to patch.  If someone wanted to take it from there, I could run the last few legs and see about cleaning up the ebuild and possibly getting it included in the tree.

If anyone’s up for the challenge, follow this bug.  Thanks :D

planet larry migration

I wrote not too long ago that I was going to give up maintaining Planet Larry and look for a new owner.  I got a lot of offers from a lot of people who were willing to step up and help take care of the project for me — thanks guys!

Of all the submissions, one really stood out in my mind as someone who had some really great ideas for the site and was excited to take on the project — Daniel Robbins.  Daniel is the original founder of Gentoo, and currently maintains Funtoo.  He and I have worked together in the past, and despite the controversy his name may bring being attached to the project in the eyes of some, he has assured me that he will run things objectively.  I trust him, and believe there won’t be any issues.

We’re still working on the migration, which mostly means waiting for me to get some free time (crazy schedule), and part of that was announcing publicly that we have a new admin for the site.

Thanks, guys, for all your help in running the site.  It’s been good for me to work with so many users.  I always enjoy getting another perspective on how Gentoo projects are used in the wild, and this has helped a small bit to share that view.

planet larry needs a new home

Alright, so in my quest to move forward with my life, I’m going to be discarding certain projects that I really haven’t been making a priority.  Planet Larry is one of those.  I’ve always thought that the idea of a planet feed for a Linux distribution’s user base is a good one, but it’s just never become a priority for me and so it’s suffered where it could have really taken off and done well.  I’m hoping the next owner will be a better steward.

So, if you are sincerely interested in running it, shoot me an email at beandog at gentoo dot org and I’ll let you know everything that’s involved (hint: not much).

Edit: I should add, this doesn’t require being a Gentoo developer.  The Planet was never an officially sanctioned Gentoo project, and it was never intended to be.  Anyone with the ganas can run it. :)

Edit: Thanks to all the people who have offered to help.  I’ll say the same thing I said to all of them: I’m going to wait a few more days to see who else steps up and has ideas for the site.  Also, no, I haven’t decided what to do with Znurt for now.  I don’t have any plans of giving up ownership yet.