posix: always seek to EOF when opening a file in append mode
Python 3 already does this, so skip it there.
Consider the program:
#include <stdio.h>
int main() {
FILE *f = fopen("narf", "w");
fprintf(f, "narf\n");
fclose(f);
f = fopen("narf", "a");
printf("%ld\n", ftell(f));
fprintf(f, "troz\n");
printf("%ld\n", ftell(f));
return 0;
}
on macOS, FreeBSD, and Linux with glibc, this program prints
5
10
but on musl libc (Alpine Linux and probably others) this prints
0
10
By my reading of
https://pubs.opengroup.org/onlinepubs/
009695399/functions/fopen.html
this is technically correct, specifically:
> Opening a file with append mode (a as the first character in the
> mode argument) shall cause all subsequent writes to the file to be
> forced to the then current end-of-file, regardless of intervening
> calls to fseek().
in other words, the file position doesn't really matter in append-mode
files, and we can't depend on it being at all meaningful unless we
perform a seek() before tell() after open(..., 'a'). Experimentally
after a .write() we can do a .tell() and it'll always be reasonable,
but I'm unclear from reading the specification if that's a smart thing
to rely on. This matches what we do on Windows and what Python 3 does
for free, so let's just be consistent. Thanks to Yuya for the idea.
# same user, same group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# same user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, same group
not trusting file .hg/hgrc from untrusted user abc, group bar
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, same group, but we trust the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group, but we trust the user
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group, but we trust the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# different user, different group, but we trust the user and the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we trust all users
# different user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we trust all groups
# different user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we trust all users and groups
# different user, different group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# we don't get confused by users and groups with the same name
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# list of user names
# different user, different group, but we trust the user
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# list of group names
# different user, different group, but we trust the group
trusted
global = /some/path
local = /another/path
untrusted
. . global = /some/path
. . local = /another/path
# Can't figure out the name of the user running this process
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# prints debug warnings
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
global = /some/path
untrusted
. . global = /some/path
. ignoring untrusted configuration option paths.local = /another/path
. local = /another/path
# report_untrusted enabled without debug hides warnings
# different user, different group
trusted
global = /some/path
untrusted
. . global = /some/path
. . local = /another/path
# report_untrusted enabled with debug shows warnings
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
trusted
ignoring untrusted configuration option paths.local = /another/path
global = /some/path
untrusted
. . global = /some/path
. ignoring untrusted configuration option paths.local = /another/path
. local = /another/path
# ui.readconfig sections
quux
# read trusted, untrusted, new ui, trusted
not trusting file foobar from untrusted user abc, group def
trusted:
ignoring untrusted configuration option foobar.baz = quux
None
untrusted:
quux
# error handling
# file doesn't exist
# same user, same group
# different user, different group
# parse error
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
ParseError('foo', '.hg/hgrc:1')
# same user, same group
ParseError('foo', '.hg/hgrc:1')
# access typed information
# different user, different group
not trusting file .hg/hgrc from untrusted user abc, group def
# suboptions, trusted and untrusted
(None, []) ('main', [('one', 'one'), ('two', 'two')])
# path, trusted and untrusted
None .hg/monty/python
# bool, trusted and untrusted
False True
# int, trusted and untrusted
0 42
# bytes, trusted and untrusted
0 84934656
# list, trusted and untrusted
[] ['spam', 'ham', 'eggs']