Allow chezmoi to manage readonly-type files and directories

[neodon]

Is your feature request related to a problem? Please describe.

I tried adding the readonly target type to some of my files because I will sometimes modify them (or some program will modify them) and it won't be until some time later that I realize I need to add them to my chezmoi source.

Chezmoi is unable to manage files and directories with the readonly target type after initially setting them to readonly.

This seems somewhat related to #3392 and #1400, but I think this scenario is a more general cross-platform concern.

Describe the solution you'd like

I would like chezmoi to be able to continue managing readonly files and directories while still preventing the user from modifying them. During an apply, Chezmoi would need to temporarily add write permissions (which is possible for the owner of the file or directory to do, at least on Linux). Once modifications are complete, the readonly type could be re-applied.

Describe alternatives you've considered

As suggested in #3392 and #1400, I can use before_ and after_ scripts to take care of this myself. That is what I intend to do for now, but I would be tickled if chezmoi could still manage my readonly files.

Additional context

I was initially surprised to find that files and directories with the target type readonly could only be created but not updated. It makes sense to me now, but my initial naive assumption was that readonly would restrict changing files or directories by the user while still allowing chezmoi to manage them.

I understand this could add non-trivial complexity and overhead to chezmoi operations, which I agree might not be worth the tradeoff. If you don't mind, however, I'd like some additional thoughts on the usefulness of this feature aside from those tradeoffs.

It's possible I could work on a proof-of-concept to evaluate viability of this feature, if you would be interested.

[neodon]

For convenience, here is a Dockerfile that will quickly demonstrate the issue:

FROM debian:12-slim

ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y curl && apt-get clean

RUN sh -c "$(curl -fsLS get.chezmoi.io)"

RUN useradd -m user
USER user

RUN :\
  && export source="$(chezmoi source-path)" \
  && chezmoi init \
  && mkdir "$source/readonly_test_dir" \
  && echo foo >"$source/readonly_test_dir/foo" \
  && chezmoi apply \
  && echo bar >"$source/readonly_test_dir/bar" \
  && chezmoi apply

# Output: chezmoi: open /home/user/test_dir/.foo8977729695619710040: permission denied

To run:

docker build --no-cache --progress=plain -t chezmoi-issue-3441 . && docker run -it --rm chezmoi-issue-3441

[twpayne]

It's possible I could work on a proof-of-concept to evaluate viability of this feature, if you would be interested.

Yes, I would be interested, but bear in mind that this is likely to be a significant amount of work and require deep changes to chezmoi's internals. Please describe how you propose to modify chezmoi to support this before starting significant work.

Fundamentally, this will require changes to how chezmoi performs updates, where the target state does not match the destination state. Specifically, currently chezmoi changes the permissions on each directory at most once. To implement the functionality requested in this PR, if a readonly_ directory requires changes then chezmoi would have to modify the directory to allow writes, update the directory's children, and then modify the directory to disallow writes. i.e., chezmoi would have to be modified to visit directories twice, not once.

Another consideration is that if the update phase is interrupted then the directory may be left in the wrong state.