|
|
Allow git to run on an other user repository - stagit - static git page generator |
|
|
 |
git clone git://git.codemadness.org/stagit (git://git.codemadness.org) |
|
|
 |
Log |
|
|
|
Files |
|
|
|
Refs |
|
|
|
README |
|
|
|
LICENSE |
|
|
|
--- |
|
|
|
commit 1357ad5181f80a99fe9c436af134e947ec7f4d29 |
|
|
|
parent a8a5e9c3b37e133d26fe3ea5cd361281d7a56c85 |
|
|
|
Author: Anton Lindqvist <anton@basename.se> (mailto://) |
|
|
|
Date: Tue, 24 May 2022 10:58:37 +0200 |
|
|
|
|
|
|
|
Allow git to run on an other user repository |
|
|
|
|
|
|
|
Reported by Anton: |
|
|
|
|
|
|
|
"Recent versions of libgit2 broke stagit for me due to the added opt-out |
|
|
|
GIT_OPT_SET_OWNER_VALIDATION configuration knob. My repositories are owned by |
|
|
|
root:vcs and I run stagit as another user which happens to be in vcs group but |
|
|
|
not the owner of the repository. Disabling the validation makes stagit work as |
|
|
|
expected again." |
|
|
|
|
|
|
|
Some notes: |
|
|
|
|
|
|
|
When using regular git it also provides a knob. This is due to a security |
|
|
|
concern in some cases, which is not applicable to stagit. |
|
|
|
|
|
|
|
git log somerepo |
|
|
|
|
|
|
|
fatal: unsafe repository ('somerepo' is owned by someone else) |
|
|
|
To add an exception for this directory, call: |
|
|
|
|
|
|
|
git config --global --add safe.directory somerepo |
|
|
|
|
|
|
|
See also / related: |
|
|
|
- https://github.blog/2022-04-12-git-security-vulnerability-announced/ |
|
|
|
|
|
|
|
Diffstat: |
|
|
|
M stagit-index.c | 2 ++ |
|
|
|
M stagit.c | 2 ++ |
|
|
|
|
|
|
|
2 files changed, 4 insertions(+), 0 deletions(-) |
|
|
|
--- |
|
|
|
diff --git a/stagit-index.c b/stagit-index.c |
|
|
|
@@ -188,6 +188,8 @@ main(int argc, char *argv[]) |
|
|
|
git_libgit2_init(); |
|
|
|
for (i = 1; i <= GIT_CONFIG_LEVEL_APP; i++) |
|
|
|
git_libgit2_opts(GIT_OPT_SET_SEARCH_PATH, i, ""); |
|
|
|
+ /* do not require the git repository to be owned by the current user */ |
|
|
|
+ git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 0); |
|
|
|
|
|
|
|
#ifdef __OpenBSD__ |
|
|
|
if (pledge("stdio rpath", NULL) == -1) |
|
|
|
diff --git a/stagit.c b/stagit.c |
|
|
|
@@ -1235,6 +1235,8 @@ main(int argc, char *argv[]) |
|
|
|
git_libgit2_init(); |
|
|
|
for (i = 1; i <= GIT_CONFIG_LEVEL_APP; i++) |
|
|
|
git_libgit2_opts(GIT_OPT_SET_SEARCH_PATH, i, ""); |
|
|
|
+ /* do not require the git repository to be owned by the current user */ |
|
|
|
+ git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 0); |
|
|
|
|
|
|
|
#ifdef __OpenBSD__ |
|
|
|
if (unveil(repodir, "r") == -1) |
|