With git version 2.43.4/2.44.1, when trying to access a repository, that is exported via git-daemon running as nobody (default setup), the access failed and git-daemon logs: git-daemon[6237]: detected dubious ownership in repository at 'xxx.git' To add an exception for this directory, call: git config --global --add safe.directory xxx.git The suggested solution is no solution, as the user nobody has no home directory to store the global git config in the first place. Any idea how to get git-daemon running again? Reproducible: Always
https://lore.kernel.org/git/FAFA34CB-9732-4A0A-87FB-BDB272E6AEE8@alchemists.io/ has some discussion.
Please see https://lore.kernel.org/git/xmqqr0dss2qe.fsf@gitster.g/T/#u, specifically: """ We unfortunately had serious regressions in 2.45.1 (and below, down to 2.39 maintenance track are affected), and we are trying to assess the extent of damage and which changes that went into the release to revert. We know about "git lfs" and "git annex" getting affected. If your workflow is affected, you would want to try out 'seen' that has proposed reverts to alleviate and report back to us, to make sure that the next set of maintenance releases will fix the regressions for you. """
I was able to work around this by adding the relevant directories to the system config at /etc/gitconfig: [safe] directory = /where/ever directory = /et/cetera
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6defb79fbea21f783706928f913c8e724b132a6d commit 6defb79fbea21f783706928f913c8e724b132a6d Author: Sam James <sam@gentoo.org> AuthorDate: 2024-06-01 00:48:08 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-06-01 00:49:40 +0000 dev-vcs/git: add 2.45.2 Bug: https://bugs.gentoo.org/932091 Signed-off-by: Sam James <sam@gentoo.org> dev-vcs/git/Manifest | 3 + dev-vcs/git/git-2.45.2.ebuild | 646 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 649 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=47ddae0dc0351da70ea31b85b17c8caea4cb8daf commit 47ddae0dc0351da70ea31b85b17c8caea4cb8daf Author: Sam James <sam@gentoo.org> AuthorDate: 2024-06-01 00:41:44 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-06-01 00:49:39 +0000 dev-vcs/git: add 2.44.2 Bug: https://bugs.gentoo.org/932091 Signed-off-by: Sam James <sam@gentoo.org> dev-vcs/git/Manifest | 3 + dev-vcs/git/git-2.44.2.ebuild | 647 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 650 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e62524d60b3a79db79111ef029ced357d0661d8e commit e62524d60b3a79db79111ef029ced357d0661d8e Author: Sam James <sam@gentoo.org> AuthorDate: 2024-06-01 00:33:41 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-06-01 00:49:39 +0000 dev-vcs/git: add 2.43.5 Bug: https://bugs.gentoo.org/932091 Signed-off-by: Sam James <sam@gentoo.org> dev-vcs/git/Manifest | 3 + dev-vcs/git/git-2.43.5.ebuild | 644 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 647 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f6b463d4a95ca0d515aec571f2d8aaa642be0b18 commit f6b463d4a95ca0d515aec571f2d8aaa642be0b18 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-06-01 00:27:37 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-06-01 00:49:38 +0000 dev-vcs/git: add 2.41.2 Bug: https://bugs.gentoo.org/932091 Signed-off-by: Sam James <sam@gentoo.org> dev-vcs/git/Manifest | 3 + dev-vcs/git/git-2.41.2.ebuild | 644 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 647 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a9127a07d80685069d977f4a862ce164b6cad3c8 commit a9127a07d80685069d977f4a862ce164b6cad3c8 Author: Sam James <sam@gentoo.org> AuthorDate: 2024-06-01 00:22:15 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-06-01 00:49:38 +0000 dev-vcs/git: add 2.39.5 Bug: https://bugs.gentoo.org/932091 Signed-off-by: Sam James <sam@gentoo.org> dev-vcs/git/Manifest | 3 + dev-vcs/git/git-2.39.5.ebuild | 644 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 647 insertions(+)
Hopefully these releases sort it.
Git 2.44.2 did not change the problem. The error is still the same.
Can you report it upstream on the git ML? Thanks.
After reading [1], I don't think that upstream will change it. We have to adjust to it. I got it working by creating a directory /usr/share/git-daemon, put a file .gitconfig in it, with this content: [safe] directory = * Then adjusted the start_stop_daemon_args in /etc/init.d/git-daemon from: start_stop_daemon_args="-e HOME= -e XDG_CONFIG_HOME=" to start_stop_daemon_args="-e HOME=/usr/share/git-daemon -e XDG_CONFIG_HOME=" This turns off this security protection for git-daemon. Of course it should be possible to list individual repositories instead of '*' (might currently need to add '.', too, as I understand [1]). I would suggest to adjust the git-ebuilds to provide this configuration for the user. Maybe commenting 'directory = *' initially so the user has to decide if he wants that. [1] https://lore.kernel.org/all/834862fd-b579-438a-b9b3-5246bf27ce8a@gmail.com/T/
See also https://public-inbox.org/git/20240626123358.420292-1-flo@geekplace.eu/T/#mb88f028156161724e7e6e5f291bf763ad9fd0bc3 where adding these environment variables GIT_CONFIG_COUNT=1 GIT_CONFIG_KEY_0=safe.directory GIT_CONFIG_VALUE_0="*" was pointed out as workaround. If we decide to merge https://github.com/gentoo/gentoo/pull/37312, then this becomes simply GIT_IGNORE_INSECURE_OWNER=true
Next try. Starting from a plain git installation, I appended the following to /etc/conf.d/git-daemon: # For git-daemon to accept to access a git repository, it has to be either # owned by $GIT_USER or the absolute path has to be added to the following # variable. By default we place '*' here, to allow access to all repositories. GIT_SAFE_DIRS=( '*' ) And this to /etc/init.d/git-daemon: c=0 for i in "${GIT_SAFE_DIRS[@]}" do start_stop_daemon_args+=" -e GIT_CONFIG_KEY_$c=safe.directory" start_stop_daemon_args+=" -e GIT_CONFIG_VALUE_$c=$i" (( ++c )) done start_stop_daemon_args+=" -e GIT_CONFIG_COUNT=$c" Does the job and allows easy modification by the user. Downside: Breaks when someone adds a repository containing white space somewhere in the path.
As per https://lore.kernel.org/git/20240626123358.420292-1-flo@geekplace.eu/T/#m09401aab9ea0671434c545456dbb85327101d7c9 there is a chance that git will get support for a GIT_SAFE_DIRECTORIES environment variable, which would help avoiding doing the GIT_CONFIG_KEY/GIT_CONFIG_VALUE dance.
Thanks for the hint, Florian. Indeed, if there is already a planed variable, I should use its name for the workaround. So another try. Added to /etc/conf.d/git-daemon: # For git-daemon to accept to access a git repository, it has to be either # owned by $GIT_USER or the absolute path has to be added to the following # colon separated list. By default we place '*' here, to allow access to all # repositories. GIT_SAFE_DIRECTORIES="*" Added to /etc/init.d/git-daemon: IFS=: read -ra a <<< "$GIT_SAFE_DIRECTORIES" c=0 for i in "${a[@]}" do start_stop_daemon_args+=" -e GIT_CONFIG_KEY_$c=safe.directory" start_stop_daemon_args+=" -e GIT_CONFIG_VALUE_$c=$i" (( ++c )) done start_stop_daemon_args+=" -e GIT_CONFIG_COUNT=$c" Then, when the new git arrives, the config file can stay the same and only the init script has to be adjusted. :)