shared repository - add a few missing calls to adjust_shared_perm().

There were a few calls to adjust_shared_perm() that were
missing:

 - init-db creates refs, refs/heads, and refs/tags before
   reading from templates that could specify sharedrepository in
   the config file;

 - updating config file created it under user's umask without
   adjusting;

 - updating refs created it under user's umask without
   adjusting;

 - switching branches created .git/HEAD under user's umask
   without adjusting.

This moves adjust_shared_perm() from sha1_file.c to path.c,
since a few SIMPLE_PROGRAM need to call repository configuration
functions which in turn need to call adjust_shared_perm().
sha1_file.c needs to link with SHA1 computation library which
is usually not linked to SIMPLE_PROGRAM.
Signed-off-by: NJunio C Hamano <junkio@cox.net>

builtin-init-db.c

@@ -198,6 +198,21 @@ static void create_default_files(const char *git_dir, const char *template_path)
 
 	git_config(git_default_config);
 
+	/*
+	 * We would have created the above under user's umask -- under
+	 * shared-repository settings, we would need to fix them up.
+	 */
+	if (shared_repository) {
+		path[len] = 0;
+		adjust_shared_perm(path);
+		strcpy(path + len, "refs");
+		adjust_shared_perm(path);
+		strcpy(path + len, "refs/heads");
+		adjust_shared_perm(path);
+		strcpy(path + len, "refs/tags");
+		adjust_shared_perm(path);
+	}
+
 	/*
 	 * Create the default symlink from ".git/HEAD" to the "master"
 	 * branch, if it does not exist yet.

config.c

@@ -536,7 +536,7 @@ int git_config_set_multivar(const char* key, const char* value,
 	 * contents of .git/config will be written into it.
 	 */
 	fd = open(lock_file, O_WRONLY | O_CREAT | O_EXCL, 0666);
-	if (fd < 0) {
+	if (fd < 0 || adjust_shared_perm(lock_file)) {
 		fprintf(stderr, "could not lock config file\n");
 		free(store.key);
 		ret = -1;

lockfile.c

@@ -27,11 +27,16 @@ int hold_lock_file_for_update(struct lock_file *lk, const char *path)
 	int fd;
 	sprintf(lk->filename, "%s.lock", path);
 	fd = open(lk->filename, O_RDWR | O_CREAT | O_EXCL, 0666);
-	if (fd >=0 && !lk->next) {
-		lk->next = lock_file_list;
-		lock_file_list = lk;
-		signal(SIGINT, remove_lock_file_on_signal);
-		atexit(remove_lock_file);
+	if (0 <= fd) {
+		if (!lk->next) {
+			lk->next = lock_file_list;
+			lock_file_list = lk;
+			signal(SIGINT, remove_lock_file_on_signal);
+			atexit(remove_lock_file);
+		}
+		if (adjust_shared_perm(lk->filename))
+			return error("cannot fix permission bits on %s",
+				     lk->filename);
 	}
 	return fd;
 }

path.c

@@ -250,3 +250,26 @@ char *enter_repo(char *path, int strict)
 
 	return NULL;
 }
+
+int adjust_shared_perm(const char *path)
+{
+	struct stat st;
+	int mode;
+
+	if (!shared_repository)
+		return 0;
+	if (lstat(path, &st) < 0)
+		return -1;
+	mode = st.st_mode;
+	if (mode & S_IRUSR)
+		mode |= S_IRGRP;
+	if (mode & S_IWUSR)
+		mode |= S_IWGRP;
+	if (mode & S_IXUSR)
+		mode |= S_IXGRP;
+	if (S_ISDIR(mode))
+		mode |= S_ISGID;
+	if (chmod(path, mode) < 0)
+		return -2;
+	return 0;
+}

refs.c

@@ -104,6 +104,11 @@ int create_symref(const char *git_HEAD, const char *refs_heads_master)
 		error("Unable to create %s", git_HEAD);
 		return -3;
 	}
+	if (adjust_shared_perm(git_HEAD)) {
+		unlink(lockpath);
+		error("Unable to fix permissions on %s", lockpath);
+		return -4;
+	}
 	return 0;
 }
 

sha1_file.c

@@ -50,29 +50,6 @@ int get_sha1_hex(const char *hex, unsigned char *sha1)
 	return 0;
 }
 
-int adjust_shared_perm(const char *path)
-{
-	struct stat st;
-	int mode;
-
-	if (!shared_repository)
-		return 0;
-	if (lstat(path, &st) < 0)
-		return -1;
-	mode = st.st_mode;
-	if (mode & S_IRUSR)
-		mode |= S_IRGRP;
-	if (mode & S_IWUSR)
-		mode |= S_IWGRP;
-	if (mode & S_IXUSR)
-		mode |= S_IXGRP;
-	if (S_ISDIR(mode))
-		mode |= S_ISGID;
-	if (chmod(path, mode) < 0)
-		return -2;
-	return 0;
-}
-
 int safe_create_leading_directories(char *path)
 {
 	char *pos = path;