Page MenuHomePhabricator

WmfConfigSource: Attempt to load a readable config file in all cases

Authored by mmodell on Nov 18 2016, 4:47 PM.


Maniphest Tasks
T146055: Improve privilege separation for phabricator's config files and mysql credentials
T151059: Pushing to diffusion git repo fails
rPHDEPc6baaca4a781: Updated git submodules
Patch without arc
git checkout -b D460 && curl -L | git apply

Setting PHABRICATOR_ENV is fragile - there are a bunch of edge cases
where it isn't propogated to sub/remote processes.

Figuring out which file is readable and loading that as a fallback
actually makes sense because of the way we have divided privileges to
those config files - only one of the files should be owned by the same
gid as the active process so we use that one if the environement var
isn't set.

refs T146055
fixes T151059

Test Plan

tested locally for basic sanity. Unfortunately it is currently difficult to test this part of phabricator adequately.

Diff Detail

rPHAB Phabricator
Lint OK
Unit Tests OK
Build Status
Buildable 1282
Build 1960: differential-jessieJenkins
Build 1959: arc lint + arc unit

Event Timeline

mmodell updated this revision to Diff 1219.Nov 18 2016, 4:47 PM
mmodell retitled this revision from to WmfConfigSource: Attempt to load a readable config file in all cases.
mmodell updated this object.
mmodell edited the test plan for this revision. (Show Details)
mmodell added reviewers: chasemp, Krenair, Dzahn.
Paladox accepted this revision.Nov 18 2016, 6:13 PM
Paladox added a reviewer: Paladox.
Paladox added a subscriber: Paladox.

Deployed onto phab-01, hasent any syntax error's currently.

This revision is now accepted and ready to land.Nov 18 2016, 6:13 PM
mmodell closed this revision.Nov 30 2016, 6:13 PM