emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed
* Bug: tangle failure of one block results in failure to set =:tangle-mode= of another [9.3 (9.3-elpaplus @ /home/tom/.emacs.d/elpa/org-plus-contrib-20191203/)]
@ 2019-12-07  6:36 Tom Gillespie
  0 siblings, 0 replies; only message in thread
From: Tom Gillespie @ 2019-12-07  6:36 UTC (permalink / raw)
  To: emacs-orgmode

[-- Attachment #1: Type: text/plain, Size: 3527 bytes --]

Remember to cover the basics, that is, what you expected to happen and
what in fact did happen.  You don't know how to make a good report?  See

     https://orgmode.org/manual/Feedback.html#Feedback

Your bug report will be posted to the Org mailing list.
------------------------------------------------------------------------

* Description
=#+HEADER: :tangle= arguments fail after other blocks tangle
=#+BEGIN_SRC lang :tangle= arguments fail before other blocks tangle

When tangling multiple blocks if a block fails during tangling after
some other block has already been tangled, the block that has already
been tangled will not have its =:tangle-mode= set. This can result in
a =:tangle-mode (identity #o0600)= header argument failing to be
applied after a file has been created resulting in a file that is
readable by anyone instead of secure.

* Affected versions
9.1.9, 9.3

* Observed behavior
An error occurs during tangling multiple blocks with =C-c C-v C-t=.
Files that are expected to have a mode set (e.g. =#o0755=, or =#o0600=)
by a =:tangle-mode= header retain the default mode =#o0644=.

It does not matter whether =:tangle-mode= is set on a =#+HEADER:= line
or on a =#+BEGIN_SRC= line.

* Expected behavior
It is not entirely clear what the best way to fix this is. Anything
that causes a failure
between the time that a file is tangled and tangle mode is set could
cause a similar issue.

One way to ensure that this cannot happen is the following:
1. Before a block is tangled check for the =:tangle-mode= header
2. If the =:tangle-mode= header exists, touch the file to be tangled
DO NOT WRITE THE CONTENTS YET
3. Set the mode specified by the =:tangle-mode= header
4. Now write the contents of the file
This will prevent a file from being written =#o0644= by default and
possibly left exposed.

* Reproduction
This is a contrived example. The secret file has to be tangled before
the other block fails
to tangle. To reproduce the issue I am using a missing folder to cause
an error after
tangling the secret file but before its =:tangle-mode= has been set. NOTE:
_any other failure that can occur after some other block has tangled
can cause the same problem_.

The examples also attached.

#+NAME: org-bug-0-0.org
#+BEGIN_EXAMPLE org

    To reproduce =emacs -q --load org -- org-bug-0-0.org= and then =C-c C-v C-t=
    #+HEADER: :tangle-mode (identity #o0600)
    #+BEGIN_SRC bash :eval never :tangle ./some-secret-file.sh
    export ALL_MY_ENVIRONMENT_VARS=secret
    #+END_SRC

    #+HEADER: :tangle ./this-folder-does-not-exist/some-other-file
    #+BEGIN_SRC bash :eval never
    echo will fail to tangle after some-secret-file.sh is written
    echo BUT before its :tangle-mode is set
    #+END_SRC

#+END_EXAMPLE

#+NAME: org-bug-0-1.org
#+BEGIN_EXAMPLE org

    To reproduce =emacs -q --load org -- org-bug-0-1.org= and then =C-c C-v C-t=
    #+BEGIN_SRC bash :eval never :tangle ./some-secret-file-2.sh
:tangle-mode (identity #o0600)
    export ALL_MY_ENVIRONMENT_VARS=secret
    #+END_SRC

    #+BEGIN_SRC bash :eval never :tangle
./this-folder-does-not-exist/some-other-file
    echo will fail to tangle after some-secret-file-2.sh is written
    echo BUT before its :tangle-mode is set
    #+END_SRC

#+END_EXAMPLE

Emacs  : GNU Emacs 26.3 (build 1, x86_64-pc-linux-gnu, X toolkit)
 of 2019-09-27
Package: Org mode version 9.3 (9.3-elpaplus @
/home/tom/.emacs.d/elpa/org-plus-contrib-20191203/)
Package: Org mode version 9.1.9 (release_9.1.9-65-g5e4542 @
/usr/share/emacs/26.3/lisp/org/)

[-- Attachment #2: org-bug-0-0.org --]
[-- Type: application/vnd.lotus-organizer, Size: 430 bytes --]

[-- Attachment #3: org-bug-0-1.org --]
[-- Type: application/vnd.lotus-organizer, Size: 414 bytes --]

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2019-12-07  6:36 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-07  6:36 Bug: tangle failure of one block results in failure to set =:tangle-mode= of another [9.3 (9.3-elpaplus @ /home/tom/.emacs.d/elpa/org-plus-contrib-20191203/)] Tom Gillespie

Code repositories for project(s) associated with this inbox:

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).