From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from gnu.wildebeest.org (gnu.wildebeest.org [45.83.234.184]) by sourceware.org (Postfix) with ESMTPS id C98B83858D33 for ; Sun, 21 May 2023 17:21:23 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C98B83858D33 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=klomp.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=klomp.org Received: by gnu.wildebeest.org (Postfix, from userid 1000) id 88A013006CF9; Sun, 21 May 2023 19:21:22 +0200 (CEST) Date: Sun, 21 May 2023 19:21:22 +0200 From: Mark Wielaard To: overseers@sourceware.org Cc: Joel Brobecker Subject: git safe.directory Message-ID: <20230521172122.GG3420@gnu.wildebeest.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Status: No, score=-3030.0 required=5.0 tests=BAYES_00,JMQ_SPF_NEUTRAL,KAM_DMARC_STATUS,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Hi, Earlier this week git got upgraded on sourceware to include support for safe.directory. Joel noticed an issue with the gdbadmin cron job for the binutils-gdb.git repo. It would complain with: fatal: detected dubious ownership in repository at '/sourceware1/projects/src-home/binutils-gdb.git' Given this repo is shared between different projects and users it is "expected" that the git directory/config might be writable by someone else in this case. We believe that doing the following for the gdbadmin user is the appropriate workaround for now: git config --global --add safe.directory \ /sourceware1/projects/src-home/binutils-gdb.git I looked over other repos, cron jobs and hooks, but couldn't find any other issue with this new "feature". The git operations executed on them either don't use the config file or the operations are only executed by the actual user "owning" the git repo config file. But if you notice any 'detected dubious ownership' of any git operations please report and/or check the dir/config file ownership and/or add a 'safe.directory' workaround for the affected user. Of course you can also move some operations to the separate snapshots.sourceware.org server if it doesn't require access to the repo directly. Cheers, Mark